hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

address review comments

Browse Source
This commit is contained in:
james
2022-10-17 16:19:15 +01:00
parent e8f1e6fe8e
commit 51c0287905
2 changed files with 10 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
docs/codeql/writing-codeql-queries/about-codeql-queries.rst
View File

@@ -69,15 +69,16 @@ Import statements
Each query generally contains one or more ``import`` statements, which define the :ref:`libraries <library-modules>` or :ref:`modules <modules>` to import into the query. Libraries and modules provide a way of grouping together related :ref:`types <types>`, :ref:`predicates <predicates>`, and other modules. The contents of each library or module that you import can then be accessed by the query.
Our `open source repository on GitHub <https://github.com/github/codeql>`__ contains the standard CodeQL libraries for each supported language.
When writing your own alert queries, you would typically import the standard library for the language of the project that you are querying, using ``import`` followed by a language:
When writing your own alert queries, you would typically import the standard library for the language of the project that you are querying. For more information about importing the standard CodeQL libraries, see the CodeQL library guides:
- C/C++: ``cpp``
- C#: ``csharp``
- Go: ``go``
- Java: ``java``
- JavaScript/TypeScript: ``javascript``
- Python: ``python``
- Ruby: ``ruby``
- :ref:`CodeQL library guide for C and C++ <codeql-library-for-cpp>`
- :ref:`CodeQL library guide for C# <codeql-library-for-csharp>`
- :ref:`CodeQL library guide for Go <codeql-library-for-go>`
- :ref:`CodeQL library guide for Java <codeql-library-for-java>`
- :ref:`CodeQL library guide for JavaScript <codeql-library-for-javascript>`
- :ref:`CodeQL library guide for Python <codeql-library-for-python>`
- :ref:`CodeQL library guide for Ruby <codeql-library-for-ruby>`
- :ref:`CodeQL library guide for TypeScript <codeql-library-for-typescript>`
There are also libraries containing commonly used predicates, types, and other modules associated with different analyses, including data flow, control flow, and taint-tracking. In order to calculate path graphs, path queries require you to import a data flow library into the query file. For more information, see ":doc:`Creating path queries <creating-path-queries>`."

2
docs/codeql/writing-codeql-queries/creating-path-queries.rst
View File

@@ -18,7 +18,7 @@ This topic provides information on how to structure a path query file so you can
Note
The alerts generated by path queries are included in the results generated using the :ref:`CodeQL CLI <codeql-cli>`. You can also view the path explanations generated by your path query in the :ref:`CodeQL extension for VS Code <codeql-for-visual-studio-code>`.
The alerts generated by path queries are included in the results generated using the :ref:`CodeQL CLI <codeql-cli>` and in `code scanning <https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts#about-alert-details>`__. You can also view the path explanations generated by your path query in the :ref:`CodeQL extension for VS Code <codeql-for-visual-studio-code>`.
To learn more about modeling data flow with CodeQL, see ":doc:`About data flow analysis <about-data-flow-analysis>`."