hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 16:25:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Docs: Add outline for CWE coverage page

Browse Source
This commit is contained in:
Shati Patel
2021-01-21 15:26:05 +00:00
parent d7505e41db
commit 5f17fa8366
3 changed files with 33 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
docs/codeql/query-help/codeql-cwe-coverage.md Normal file
View File

@@ -0,0 +1,25 @@
# CodeQL CWE coverage
An overview of the coverage of MITRE's Common Weakness Enumeration (CWE) for the latest release of CodeQL.
## About CWEs
The CWE categorization contains several types of entity, collectively known as CWEs. The CWEs that we consider in this report are only those of the types:
- Weakness Class
- Weakness Base
- Weakness Variant
- Compound Element
Other types of CWE do not correspond directly to weaknesses, so are omitted.
The CWE categorization includes relationships between entities, in particular a parent-child relationship.
These relationships are associated with Views (another kind of CWE entity). For the purposes of coverage claims, we use the "[Research View](https://cwe.mitre.org/data/definitions/1000.html)."
Every security query is associated with one or more CWEs, which are the most precise CWEs that are covered by that query.
Overall coverage is claimed for the most-precise CWEs, as well as for any of their ancestors in the View.
## Overview
<!-- autogenerated CWE coverage table will be added below -->

5
docs/codeql/query-help/conf.py
View File

@@ -23,7 +23,10 @@ master_doc = 'index'
project = u'CodeQL query help'
# Add md parser to process query help markdown files
extensions =['recommonmark']
extensions = [
'recommonmark',
'sphinx_markdown_tables',
]
source_suffix = {
'.rst': 'restructuredtext',

4
docs/codeql/query-help/index.rst
View File

@@ -20,6 +20,9 @@ View the query help for the queries included in the ``code-scanning``, ``securit
- A link to the query in the `CodeQL repository <https://github.com/github/codeql>`__.
- A description of the potential vulnerability that the query identifies and a recommendation for how to avoid introducing the problem to your code.
For a full list of the CWEs covered by these queries, see ":doc:`CodeQL CWE coverage <codeql-cwe-coverage>`."
.. toctree::
:hidden:
:titlesonly:
@@ -30,4 +33,5 @@ View the query help for the queries included in the ``code-scanning``, ``securit
java
javascript
python
codeql-cwe-coverage