mirror of
https://github.com/github/codeql.git
synced 2025-12-17 01:03:14 +01:00
f8c9d96882
The `.cargo/config.toml` override based workaround wasn't really working, as while `cargo build|check` was reading that, `cargo metadata` wasn't, ending up in a completely broken IDE experience. For the moment, we just use a unified workspace `Cargo.toml` for all extractors using the shared tree-sitter code, which has the downside of making bazel pull in dependencies for all of them, and not being able to do sparse checkouts for them. We should investigate and rivist this in the future.
Ruby analysis support for CodeQL
This directory contains the extractor, CodeQL libraries, and queries that power Ruby support in CodeQL products that GitHub makes available to its customers worldwide.
It contains two major components:
- static analysis libraries and queries written in CodeQL that can be used to analyze such a database to find coding mistakes or security vulnerabilities.
- an extractor, written in Rust, that parses Ruby source code and converts it into a database that can be queried using CodeQL. See Developer information for information on building the extractor (you do not need to do this if you are only developing queries).