@@ -26,7 +26,7 @@ Each query help file provides detailed information about the purpose and use of
Structure
=========
Query help files are written using an XML format called Qhelp (``.qhelp``). Query help files must have the same base name as the query they describe, and must be located in the same directory. The basic structure is as follows:
Query help files are written using a custom XML format, and stored in a file with a ``.qhelp`` extension. Query help files must have the same base name as the query they describe, and must be located in the same directory. The basic structure is as follows:
..code-block::xml
@@ -44,32 +44,32 @@ Section-level elements
Section-level elements are used to group the information in the help file into sections. Many sections have a heading, either defined by a ``title`` attribute or a default value. The following section-level elements are optional child elements of the ``qhelp`` element.
|``example`` | None | Any block element | Demonstrate an example of code that violates the rule implemented by the query with guidance on how to fix it. Default heading. |
|``include`` | ``src`` The Qhelp file to include. | None | Include a Qhelp file at the location of this element. See :ref:`Qhelp inclusion <qhelp-inclusion>` below. No heading. |
|``overview`` | None | Any block element | Overview of the purpose of the query. Typically this is the first section in a query document. No heading. |
|``semmleNotes`` | None | Any block element | Implementation notes about the query. This section is used only for queries that implement a rule defined by a third party. Default heading. |
|``example`` | None | Any block element | Demonstrate an example of code that violates the rule implemented by the query with guidance on how to fix it. Default heading. |
|``include`` | ``src`` The query help file to include. | None | Include a query help file at the location of this element. See :ref:`Query help inclusion <qhelp-inclusion>` below. No heading. |
|``overview`` | None | Any block element | Overview of the purpose of the query. Typically this is the first section in a query document. No heading. |
|``semmleNotes`` | None | Any block element | Implementation notes about the query. This section is used only for queries that implement a rule defined by a third party. Default heading. |
The following elements are optional child elements of the ``section``, ``example``, ``fragment``,``recommendation``, ``overview`` and ``semmleNotes`` elements.
The following elements are optional child elements of the ``section``, ``example``, ``fragment``,``recommendation``, ``overview``, and ``semmleNotes`` elements.
..table::
:widths:7 20 10 25
@@ -84,7 +84,8 @@ The following elements are optional child elements of the ``section``, ``example
| | | ``height`` Optional, height of the image. | | |
| | | ``width`` Optional, the width of the image. | | |
|``include`` | ``src`` The Qhelp file to include. | None | Include a Qhelp file at the location of this element. See :ref:`Qhelp inclusion <qhelp-inclusion>` below for more information. |
|``include`` | ``src`` The query help file to include. | None | Include a query help file at the location of this element. See :ref:`Query helpinclusion <
@@ -105,12 +106,12 @@ The following elements are optional child elements of the ``section``, ``example
List elements
=============
Qhelp files support two types of block elements for lists: ``ul`` and ``ol``. Both block elements support only one child elements of the type ``li``. Each ``li`` element contains either inline content or a block element.
Query help files support two types of block elements for lists: ``ul`` and ``ol``. Both block elements support only one child elements of the type ``li``. Each ``li`` element contains either inline content or a block element.
Table elements
==============
The ``table`` block element is used to include a table in a Qhelp file. Each table includes a number of rows, each of which includes a number of cells. The data in the cells will be rendered as a grid.
The ``table`` block element is used to include a table in a query help file. Each table includes a number of rows, each of which includes a number of cells. The data in the cells will be rendered as a grid.
@@ -159,12 +160,12 @@ Inline content is used to define the content for paragraphs, list items, table c
.._qhelp-inclusion:
Qhelp inclusion
===============
Query help inclusion
====================
To enable the reuse of content between different help topics, shared content can be stored in one Qhelp file and then included in a number of other Qhelp files using the``include`` element. The shared content can stored either in the same directory as the including files, or in``SEMMLE_DIST/docs/include``.
To reuse content between different help topics, you can store shared content in one query help file and then include it in a number of other query help files using the``include`` element. The shared content can be stored either in the same directory as the including files, or in``SEMMLE_DIST/docs/include``.
The``include`` element can be used as a section or block element, the content of the Qhelp file defined by the``src`` attribute must contain elements that are appropriate to the location of the``include`` element.
The``include`` element can be used as a section or block element. The content of the query help file defined by the``src`` attribute must contain elements that are appropriate to the location of the``include`` element.
Section-level include elements
------------------------------
@@ -177,7 +178,7 @@ Section-level ``include`` elements can be located beneath the top-level ``qhelp`
<include src="XSS.qhelp" />
</qhelp>
In this example, the`XSS.qhelp <https://github.com/Semmle/ql/blob/master/csharp/ql/src/Security%20Features/CWE-079/XSS.qhelp>`__ file must conform to the standard for a full Qhelp file as described above. That is, the``qhelp`` element may only contain non-``fragment``, section-level elements.
In this example, the`XSS.qhelp <https://github.com/Semmle/ql/blob/master/csharp/ql/src/Security%20Features/CWE-079/XSS.qhelp>`__ file must conform to the standard for a full query help file as described above. That is, the``qhelp`` element may only contain non-``fragment``, section-level elements.
@@ -22,4 +22,4 @@ CodeQL queries are used in code scanning analyses to find problems in source cod
-:doc:`Providing locations in CodeQL queries <../locations>`: CodeQL includes mechanisms for extracting the location of elements in a codebase. Use these mechanisms when writing custom CodeQL queries and libraries to help display information to users.
-:doc:`About data flow analysis <../intro-to-data-flow>`: Data flow analysis is used to compute the possible values that a variable can hold at various points in a program, determining how those values propagate through the program and where they are used.
-:doc:`Creating path queries <path-queries>`: You can create path queries to visualize the flow of information through a codebase.
-:doc:`troubleshooting query performance <debugging-queries>`: Improve the performance of your CodeQL queries by following a few simple guidelines.
-:doc:`Troubleshooting query performance <debugging-queries>`: Improve the performance of your CodeQL queries by following a few simple guidelines.
@@ -16,7 +16,7 @@ Query help files must have the same base name as the query they describe and mus
### File structure and layout
Query files are written using an XML format called Qhelp, and stored in a file with a `.qhelp` extension. The basic structure is as follows:
Query help files are written using a custom XML format, and stored in a file with a `.qhelp` extension. The basic structure is as follows:
```
<!DOCTYPE qhelp SYSTEM "qhelp.dtd">
@@ -25,7 +25,7 @@ Query files are written using an XML format called Qhelp, and stored in a file w
</qhelp>
```
The header and single top-level `qhelp` element are both mandatory.
The header and single top-level `<qhelp>` element are both mandatory.
### Section-level elements
@@ -36,7 +36,7 @@ Section-level elements are used to group the information within the query help f
3.`example`—an example of code showing the problem. Where possible, this section should also include a solution to the issue.
4.`references`—relevant references, such as authoritative sources on language semantics and best practice.
For further information about the other section-level, block, list and table elements supported by the qhelp format, see the [Query help reference](https://help.semmle.com/QL/learn-ql/ql/writing-queries/query-help.html) on help.semmle.com.
For further information about the other section-level, block, list and table elements supported by query help files, see the [Query help reference](https://help.semmle.com/QL/learn-ql/ql/writing-queries/query-help.html) on help.semmle.com.
## English style
@@ -86,7 +86,7 @@ For example:
>W. C. Wake, _Refactoring Workbook_, pp. 93 – 94, Addison-Wesley Professional, 2004.
Note, & symbols need to be replaced by \&. The symbol will be displayed correctly in the html files generated from the qhelp files.
Note, & symbols need to be replaced by \&. The symbol will be displayed correctly in the HTML files generated from the query help files.
### Academic papers
@@ -107,11 +107,11 @@ For example:
### Referencing potential security weaknesses
If your query checks code for a CWE weakness, you should use the `@tags` element in the query file to reference the associated CWEs, as explained [here](query-metadata-style-guide.md). When you use these tags, a link to the appropriate entry from the [MITRE.org](https://cwe.mitre.org/scoring/index.html) site will automatically appear as a reference in the qhelp file.
If your query checks code for a CWE weakness, you should use the `@tags` element in the query file to reference the associated CWEs, as explained [here](query-metadata-style-guide.md). When you use these tags, a link to the appropriate entry from the [MITRE.org](https://cwe.mitre.org/scoring/index.html) site will automatically appear as a reference in the output HTML file.
## Query help example
The following example is a qhelp file for a query from the standard query suite for Java:
The following example is a query help file for a query from the standard query suite for Java:
```
<!DOCTYPE qhelp PUBLIC
@@ -179,4 +179,4 @@ tab width settings cannot be taken into account.
</references>
</qhelp>
```
```
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Felicity Chapman