hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-19 16:33:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
580 Commits 1,692 Branches 160 Tags
3e5ff1d042672f47deee7d4ba377f478fe86f47e
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Arthur Baars 3e5ff1d042 AST: order edges by target node 
When printing a tree CodeQL iterates over the nodes and
for each node prints the successor edges as children. If the
the successor edges are ordered by target node then the children
printe in the right order in the expected output.
2021-03-12 16:52:34 +01:00
.github/workflows
Enable manual dispatch of stats workflow
2021-03-08 14:10:37 +00:00
.vscode
Add VSCode build task for cargo build
2020-10-15 13:21:12 +01:00
codeql @ cf860f1dac
SSA: Sync with latest changes
2021-02-03 20:31:36 +01:00
extractor
Add support for multiple statements in interpolations
2021-02-23 15:36:14 +00:00
generator
Add support for multiple statements in interpolations
2021-02-23 15:36:14 +00:00
node-types
Simplifications based on PR feedback
2020-12-16 17:54:40 +00:00
ql
AST: order edges by target node
2021-03-12 16:52:34 +01:00
scripts
Make merge_stats.py work in python3
2021-02-16 15:41:44 +00:00
tools
QLTest: ignore *.testproj folders
2021-02-25 15:25:42 +01:00
upgrades
Add support for multiple statements in interpolations
2021-02-23 15:36:14 +00:00
.codeqlmanifest.json
Add upgrade script moving superclass exprs to own table
2021-02-01 14:23:47 +00:00
.gitattributes
Use tree-sitter-ruby crate instead of vendoring it
2020-10-27 13:54:56 -04:00
.gitignore
Initial CFG skeleton code
2020-11-18 20:12:42 +01:00
.gitmodules
Add github/codeql as a sub module
2021-01-18 15:54:39 +01:00
Cargo.lock
Add support for multiple statements in interpolations
2021-02-23 15:36:14 +00:00
Cargo.toml
Add library package for shared code
2020-10-23 13:01:17 +01:00
codeql-extractor.yml
Extract ERB files
2021-02-05 09:48:54 +01:00
codeql-ruby.code-workspace
Make VSCode default to unix line endings
2020-10-15 13:20:37 +01:00
create-extractor-pack.ps1
Move Generated.qll to ast/internal/TreeSitter.qll
2020-12-01 20:53:41 +01:00
create-extractor-pack.sh
Move Generated.qll to ast/internal/TreeSitter.qll
2020-12-01 20:53:41 +01:00
prepare-db-upgrade.md
Upgrade script for dbscheme changes to range_*
2021-02-16 15:41:44 +00:00
prepare-db-upgrade.sh
Simplify bash script
2021-02-17 10:48:17 +00:00
README.md
Update README.md
2021-03-04 17:19:34 +00:00

README.md

Ruby analysis support for CodeQL

Under development.

Building the tools from source

Install Rust, then run:

cargo build --release

Generating the database schema and QL library

The generated ql/src/ruby.dbscheme and ql/src/codeql_ruby/ast/internal/TreeSitter.qll files are included in the repository, but they can be re-generated as follows:

# Run the generator
cargo run --release -p ruby-generator
# Then auto-format the QL library
codeql query format -i ql/src/codeql_ruby/ast/internal/TreeSitter.qll

Building a CodeQL database for a Ruby program

First, get an extractor pack. There are two options:

  1. Either download the latest codeql-ruby-pack from Actions and unzip it twice, or
  2. Run ./create-extractor-pack.sh (Linux/Mac) or .\create-extractor-pack.ps1 (Windows PowerShell) and the pack will be created in the extractor-pack directory.

Then run

codeql database create <database-path> -l ruby -s <project-source-path> --search-path <extractor-pack-path>

Running qltests

Run

codeql test run <test-path> --search-path <repository-root-path>
Description
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
codeqlgithub-advanced-securitygithub-security-labsemmle-qlworks-with-codespaces
Readme MIT 15 GiB
Languages
CodeQL 32.3%
Kotlin 27.5%
C# 17.1%
Java 7.7%
Python 4.6%
Other 10.6%