hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-25 12:22:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,953 Commits 1,686 Branches 158 Tags
64e2277904538b4a4dcc2cdb2ca4e371c237e66a
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jonas Jensen 64e2277904 C++: Don't use @param in QLDoc 
It superficially looks like `@param` is supported in QLDoc, but this is
mostly an accident of how its parser works. Attributes starting with `@`
are only intended to be used in the top-level QLDoc of a query, and
there can only be one of each attribute. If there are multiple `@param`
entries, the QLDoc parser will only keep the first one.

Even though `parseConvSpec` in `Scanf.qll` documented multiple
parameters, only the first one would be shown in an IDE. The
corresponding predicate in `Print.qll` documented only its first
parameter, perhaps because of an autoformatting accident earlier in
time. I've attempted to reconstruct documentation for its other
parameters based on its sibling in `Scanf.qll`.
2019-09-09 11:04:04 +02:00
change-notes
Merge pull request #1777 from jbj/ast-field-flow-defbyref
2019-09-05 10:23:28 -07:00
config
C++: Local field flow using global library
2019-09-02 11:17:27 +02:00
cpp
C++: Don't use @param in QLDoc
2019-09-09 11:04:04 +02:00
csharp
Merge remote-tracking branch 'upstream/master' into dataflow-TTwo
2019-09-08 21:08:43 +02:00
docs
docs: fix broken Expr links
2019-09-09 09:25:19 +01:00
java
Merge remote-tracking branch 'upstream/master' into dataflow-TTwo
2019-09-08 21:08:43 +02:00
javascript
JavaScript: Autoformat.
2019-09-06 09:04:51 +02:00
misc
Remove reference to internal tooling from public repository
2019-08-01 11:02:03 +01:00
python
Merge pull request #1869 from taus-semmle/python-fix-typehint-divergence
2019-09-06 14:33:20 -07:00
.editorconfig
Normalize all text files to LF
2018-09-23 16:24:31 -07:00
.gitattributes
.gitattributes: PDB files are binary
2019-03-13 10:42:28 +00:00
.gitignore
Don't .gitignore .vs/VSWorkspaceSettings.json
2018-09-26 15:52:44 +02:00
.lgtm.yml
JS: Exclude test cases from extraction
2019-05-07 14:36:35 +01:00
CODE_OF_CONDUCT.md
Fix indentation of list item in code of conduct
2019-07-16 08:49:29 +01:00
CODEOWNERS
add CODEOWNERS entry for ql language docs
2019-08-09 12:38:58 +01:00
CONTRIBUTING.md
Fix typos in CONTRIBUTING.md
2019-08-09 12:44:28 +01:00
COPYRIGHT
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
LICENSE
QL code and tests for C#/C++/JavaScript.
2018-08-02 17:53:23 +01:00
README.md
docs: add link to style guides in readme
2019-05-28 21:33:36 +01:00

README.md

Semmle QL

This open source repository contains the standard QL libraries and queries that power LGTM, and the other products that Semmle makes available to its customers worldwide.

How do I learn QL and run queries?

There is extensive documentation on getting started with writing QL. You can use the interactive query console on LGTM.com or the QL for Eclipse plugin to try out your queries on any open-source project that's currently being analyzed.

Contributing

We welcome contributions to our standard library and standard checks. Do you have an idea for a new check, or how to improve an existing query? Then please go ahead and open a pull request! Before you do, though, please take the time to read our contributing guidelines. You can also consult our style guides to learn how to format your QL for consistency and clarity, how to write query metadata, and how to write query help documentation for your query.

License

The QL queries in this repository are licensed under Apache License 2.0 by Semmle.

Description
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
codeqlgithub-advanced-securitygithub-security-labsemmle-qlworks-with-codespaces
Readme MIT 15 GiB
Languages
CodeQL 32.3%
Kotlin 27.5%
C# 17.1%
Java 7.7%
Python 4.6%
Other 10.6%