hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-20 08:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
431 Commits 1,693 Branches 160 Tags
b553eb69643cb5e39d8f90e9afd2508ab9f7929e
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Arthur Baars b553eb6964 CFG: make 'for .. in' post-order 
Use the 'in' as the intermediate node that checks whether the Enumerable
has more elements.
2021-02-05 18:23:31 +01:00
.github/workflows
Add sync-identical-files.py
2021-01-18 17:34:51 +01:00
.vscode
Add VSCode build task for cargo build
2020-10-15 13:21:12 +01:00
codeql @ cf860f1dac
SSA: Sync with latest changes
2021-02-03 20:31:36 +01:00
extractor
Add AST classes for classes and modules
2021-02-01 14:23:41 +00:00
generator
Add AST classes for classes and modules
2021-02-01 14:23:41 +00:00
node-types
Simplifications based on PR feedback
2020-12-16 17:54:40 +00:00
ql
CFG: make 'for .. in' post-order
2021-02-05 18:23:31 +01:00
scripts
Data flow: Sync files
2021-02-02 13:03:42 +01:00
tools
Add --working-dir=. to index-files call
2021-01-26 19:31:16 +01:00
upgrades
Add upgrade script moving superclass exprs to own table
2021-02-01 14:23:47 +00:00
.codeqlmanifest.json
Add upgrade script moving superclass exprs to own table
2021-02-01 14:23:47 +00:00
.gitattributes
Use tree-sitter-ruby crate instead of vendoring it
2020-10-27 13:54:56 -04:00
.gitignore
Initial CFG skeleton code
2020-11-18 20:12:42 +01:00
.gitmodules
Add github/codeql as a sub module
2021-01-18 15:54:39 +01:00
Cargo.lock
Add AST classes for classes and modules
2021-02-01 14:23:41 +00:00
Cargo.toml
Add library package for shared code
2020-10-23 13:01:17 +01:00
codeql-extractor.yml
Add QL test support
2020-11-11 16:32:44 +01:00
codeql-ruby.code-workspace
Make VSCode default to unix line endings
2020-10-15 13:20:37 +01:00
create-extractor-pack.ps1
Move Generated.qll to ast/internal/TreeSitter.qll
2020-12-01 20:53:41 +01:00
create-extractor-pack.sh
Move Generated.qll to ast/internal/TreeSitter.qll
2020-12-01 20:53:41 +01:00
README.md
Move Generated.qll to ast/internal/TreeSitter.qll
2020-12-01 20:53:41 +01:00

README.md

Ruby analysis support for CodeQL

Under development.

Building the tools from source

Install Rust, then run:

cargo build --release

Generating the database schema and QL library

The generated ql/src/ruby.dbscheme and ql/src/codeql_ruby/ast/internal/TreeSitter.qll files are included in the repository, but they can be re-generated as follows:

# Run the generator
cargo run --release -p ruby-generator
# Then auto-format the QL library
codeql query format -i ql/src/codeql_ruby/ast/internal/TreeSitter.qll

Building a CodeQL database for a Ruby program

First, get an extractor pack. There are two options:

  1. Either download the latest codeql-ruby-pack from Actions and unzip it twice, or
  2. Run ./create-extractor-pack.sh (Linux/Mac) or .\create-extractor-pack.ps1 (Windows PowerShell) and the pack will be created in the extractor-pack directory.

Then run

codeql database create <database-path> -l ruby -s <project-source-path> --search-path <extractor-pack-path>
Description
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
codeqlgithub-advanced-securitygithub-security-labsemmle-qlworks-with-codespaces
Readme MIT 15 GiB
Languages
CodeQL 32.3%
Kotlin 27.5%
C# 17.1%
Java 7.7%
Python 4.6%
Other 10.6%