hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,047 Commits 1,741 Branches 165 Tags
c568162256f6ae3bfd7902ccd86c4399d2c3bb5b
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Arthur Baars c568162256 Use a single TrapWriter 
The output of two distinct TrapWriters should not be written to the
same TRAP file because this causes name clashes between TRAP labels.
2021-07-29 12:50:27 +02:00
.devcontainer
Setup a CodeSpace
2021-05-13 21:03:40 +02:00
.github/workflows
Fix dataset_measure.yml
2021-07-27 18:43:51 +02:00
.vscode
Add VSCode build task for cargo build
2020-10-15 13:21:12 +01:00
autobuilder
Add missing use statement
2021-06-24 20:00:41 +02:00
codeql @ d282f6a356
Bump codeql submodule
2021-07-15 14:35:33 +00:00
extractor
Use a single TrapWriter
2021-07-29 12:50:27 +02:00
generator
Apply suggestions from code review
2021-07-29 09:02:57 +02:00
node-types
Prefix dbscheme entries with language name
2021-07-27 18:17:19 +02:00
ql
Add charpred to RubyFile class
2021-07-29 11:48:35 +02:00
scripts
Add inline expectations test framework
2021-06-21 19:37:41 +02:00
tools
Add support for LGTM_INDEX_FILTERS environment variable
2021-06-24 18:45:31 +02:00
.codeqlmanifest.json
Remove reference to deleted upgrades qlpack from manifest
2021-06-04 12:15:36 +01:00
.gitattributes
Use tree-sitter-ruby crate instead of vendoring it
2020-10-27 13:54:56 -04:00
.gitignore
Initial CFG skeleton code
2020-11-18 20:12:42 +01:00
.gitmodules
Add github/codeql as a sub module
2021-01-18 15:54:39 +01:00
Cargo.lock
Prefix dbscheme entries with language name
2021-07-27 18:17:19 +02:00
Cargo.toml
Add support for LGTM_INDEX_FILTERS environment variable
2021-06-24 18:45:31 +02:00
codeql-extractor.yml
Extract ERB files
2021-02-05 09:48:54 +01:00
codeql-ruby.code-workspace
Hide codeql sub module in VS Code workspace
2021-03-23 09:55:56 +01:00
create-extractor-pack.ps1
Ruby-Generator: add --dbscheme and --library flags
2021-07-27 18:17:19 +02:00
create-extractor-pack.sh
Ruby-Generator: add --dbscheme and --library flags
2021-07-27 18:17:19 +02:00
prepare-db-upgrade.md
Merge upgrades qlpack into ql/src
2021-06-03 18:28:20 +01:00
prepare-db-upgrade.sh
Merge upgrades qlpack into ql/src
2021-06-03 18:28:20 +01:00
README.md
Ruby-Generator: add --dbscheme and --library flags
2021-07-27 18:17:19 +02:00

README.md

Ruby analysis support for CodeQL

Under development.

Building the tools from source

Install Rust, then run:

cargo build --release

Generating the database schema and QL library

The generated ql/src/ruby.dbscheme and ql/src/codeql_ruby/ast/internal/TreeSitter.qll files are included in the repository, but they can be re-generated as follows:

# Run the generator
cargo run --release -p ruby-generator -- --dbscheme ql/src/ruby.dbscheme --library ql/src/codeql_ruby/ast/internal/TreeSitter.qll
# Then auto-format the QL library
codeql query format -i ql/src/codeql_ruby/ast/internal/TreeSitter.qll

Building a CodeQL database for a Ruby program

First, get an extractor pack. There are two options:

  1. Either download the latest codeql-ruby-pack from Actions and unzip it twice, or
  2. Run ./create-extractor-pack.sh (Linux/Mac) or .\create-extractor-pack.ps1 (Windows PowerShell) and the pack will be created in the extractor-pack directory.

Then run

codeql database create <database-path> -l ruby -s <project-source-path> --search-path <extractor-pack-path>

Running qltests

Run

codeql test run <test-path> --search-path <repository-root-path>
Description
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
codeqlgithub-advanced-securitygithub-security-labsemmle-qlworks-with-codespaces
Readme MIT 19 GiB
Languages
CodeQL 32.3%
Kotlin 27.4%
C# 17.1%
Java 7.7%
Python 4.6%
Other 10.7%