hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,231 Commits 1,671 Branches 157 Tags
58d06715fcd565c6bb901bffbaf7cd88924a88ad
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Tom Hvitved 58d06715fc Extract a special empty location
2021-09-20 09:52:26 +02:00
.devcontainer
Move instanceof check from charpred in CfgScope
2021-09-06 10:31:16 +02:00
.github
Extract a special empty location
2021-09-20 09:52:26 +02:00
.vscode
Add VSCode build task for cargo build
2020-10-15 13:21:12 +01:00
autobuilder
Automatically extract .gemspec and Gemfile files
2021-09-14 18:23:57 +01:00
codeql @ 65f4ec403f
Bump codeql submodule
2021-09-15 14:59:42 +02:00
doc
Refactor into separate library and query packs
2021-08-26 18:40:06 -04:00
extractor
Extract a special empty location
2021-09-20 09:52:26 +02:00
generator
No longer create redundant numlines relation
2021-09-16 11:43:13 +02:00
node-types
Prefix dbscheme entries with language name
2021-07-27 18:17:19 +02:00
ql
Merge pull request #255 from github/reflected-xss
2021-09-17 18:32:48 +01:00
scripts
Add query for polynomial ReDoS
2021-09-02 17:57:56 +01:00
tools
Automatically extract .gemspec and Gemfile files
2021-09-14 18:23:57 +01:00
.codeqlmanifest.json
Refactor into separate library and query packs
2021-08-26 18:40:06 -04:00
.gitattributes
Use tree-sitter-ruby crate instead of vendoring it
2020-10-27 13:54:56 -04:00
.gitignore
Ignore .codeql output directories
2021-08-26 18:50:04 -04:00
.gitmodules
Add github/codeql as a sub module
2021-01-18 15:54:39 +01:00
Cargo.lock
Use published crate for tree-sitter-ruby 0.19
2021-08-25 14:32:01 +01:00
Cargo.toml
Add support for LGTM_INDEX_FILTERS environment variable
2021-06-24 18:45:31 +02:00
CODE_OF_CONDUCT.md
Create CODE_OF_CONDUCT.md
2021-09-03 14:27:04 +02:00
codeql-extractor.yml
Use strict 3 digit semantic version number
2021-08-10 12:02:54 +02:00
codeql-ruby.code-workspace
Hide codeql sub module in VS Code workspace
2021-03-23 09:55:56 +01:00
LICENSE
Add LICENSE file
2021-09-03 13:10:54 +02:00
Makefile
Add make target to run tests locally
2021-08-31 14:22:26 +02:00
README.md
Fix merge conflicts during rebase
2021-08-26 18:48:53 -04:00

README.md

Ruby analysis support for CodeQL

Under development.

Building the tools from source

Install Rust, then run:

cargo build --release

Generating the database schema and QL library

The generated ql/lib/ruby.dbscheme and ql/lib/codeql/ruby/ast/internal/TreeSitter.qll files are included in the repository, but they can be re-generated as follows:

# Run the generator
cargo run --release -p ruby-generator -- --dbscheme ql/lib/ruby.dbscheme --library ql/lib/codeql/ruby/ast/internal/TreeSitter.qll
# Then auto-format the QL library
codeql query format -i ql/lib/codeql/ruby/ast/internal/TreeSitter.qll

Building a CodeQL database for a Ruby program

First, get an extractor pack. There are two options:

  1. Either download the latest codeql-ruby-pack from Actions and unzip it twice, or
  2. Run scripts/create-extractor-pack.sh (Linux/Mac) or scripts\create-extractor-pack.ps1 (Windows PowerShell) and the pack will be created in the extractor-pack directory.

Then run

codeql database create <database-path> -l ruby -s <project-source-path> --search-path <extractor-pack-path>

Running qltests

Run

codeql test run <test-path> --search-path <repository-root-path>

Writing database upgrade scripts

See this guide.

Description
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
codeqlgithub-advanced-securitygithub-security-labsemmle-qlworks-with-codespaces
Readme MIT 14 GiB
Languages
CodeQL 31.7%
Kotlin 27.1%
C# 16.4%
Java 7.5%
Python 4.5%
Other 12.6%