Add 1.5.6 header

Delete database after removing it from query server control.

.editorconfig

@@ -4,3 +4,4 @@ indent_size = 2
 charset = utf-8
 end_of_line = lf
 trim_trailing_whitespace = true
+insert_final_newline = true

.gitattributes

@@ -12,3 +12,10 @@ yarn.lock                    merge=binary
 # For more information, see this issue: https://github.com/Microsoft/web-build-tools/issues/1088
 #
 *.json                       linguist-language=JSON-with-Comments
+
+# Reduce incidence of needless merge conflicts on CHANGELOG.md
+# The man page at
+# https://mirrors.edge.kernel.org/pub/software/scm/git/docs/gitattributes.html
+# suggests that this might interleave lines arbitrarily, but empirically
+# it keeps added chunks contiguous
+CHANGELOG.md                merge=union

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,25 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: bug
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**Version**
+The CodeQL and VS Code version in which the bug occurs.
+<!-- To copy version information for the CodeQL extension, click "CodeQL CLI vX.X.X" in the status bar at the bottom of the screen. 
+To copy detailed version information for VS Code itself, see https://code.visualstudio.com/docs/supporting/FAQ#_how-do-i-find-the-version. -->
+
+**To reproduce**
+Steps to reproduce the behavior.
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: enhancement
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/ISSUE_TEMPLATE/new-extension-release.md

@@ -0,0 +1,18 @@
+---
+name: New extension release
+about: Create an issue with a checklist for the release steps (write access required
+  for the steps)
+title: Release Checklist for version xx.xx.xx
+labels: ''
+assignees: ''
+
+---
+
+- [ ] Update this issue title to refer to the version of the release
+- [ ] Trigger a release build on Actions by adding a new tag on branch `main` of the format `vxx.xx.xx`
+- [ ] Monitor the status of the release build in the `Release` workflow in the Actions tab.
+- [ ] Download the VSIX from the draft GitHub release that is created when the release build finishes.
+- [ ] Log into the [Visual Studio Marketplace](https://marketplace.visualstudio.com/manage/publishers/github).
+- [ ] Click the `...` menu in the CodeQL row and click **Update**.
+- [ ] Drag the `.vsix` file you downloaded from the GitHub release into the Marketplace and click **Upload**.
+- [ ] Publish the draft GitHub release and confirm the new release is marked as the latest release at https://github.com/github/vscode-codeql/releases.

.github/codeql/codeql-config.yml

@@ -0,0 +1,12 @@
+name: "CodeQL config"
+queries:
+  - name: Run standard queries
+    uses: security-and-quality
+  - name: Run custom javascript queries
+    uses: ./.github/codeql/queries
+paths:
+  - ./extensions/ql-vscode
+paths-ignore:
+  - '**/node_modules'
+  - '**/build'
+  - '**/out'

.github/codeql/queries/assert-pure.ql

@@ -0,0 +1,21 @@
+/**
+ * @name Unwanted dependency on vscode API
+ * @kind problem
+ * @problem.severity error
+ * @id vscode-codeql/assert-pure
+ * @description The modules stored under `pure` and tested in the `pure-tests`
+ * are intended to be "pure".
+ */
+import javascript
+
+class VSCodeImport extends ASTNode {
+  VSCodeImport() {
+    this.(Import).getImportedPath().getValue() = "vscode"
+  }
+}
+
+from Module m, VSCodeImport v
+where
+  m.getFile().getRelativePath().regexpMatch(".*src/pure/.*")  and
+  m.getAnImportedModule*().getAnImport() = v
+select m, "This module is not pure: it has a transitive dependency on the vscode API imported $@", v, "here"

.github/codeql/queries/qlpack.yml

@@ -0,0 +1,3 @@
+name: vscode-codeql-custom-queries-javascript
+version: 0.0.0
+libraryPathDependencies: codeql-javascript

.github/pull_request_template.md

@@ -0,0 +1,12 @@
+<!-- Thank you for submitting a pull request. Please read our pull request guidelines before
+  submitting your pull request:
+  https://github.com/github/vscode-codeql/blob/main/CONTRIBUTING.md#submitting-a-pull-request.
+-->
+
+Replace this with a description of the changes your pull request makes.
+
+## Checklist
+
+- [ ] [CHANGELOG.md](https://github.com/github/vscode-codeql/blob/main/extensions/ql-vscode/CHANGELOG.md) has been updated to incorporate all user visible changes made by this pull request.
+- [ ] Issues have been created for any UI or other user-facing changes made by this pull request.
+- [ ] `@github/docs-content-codeql` has been cc'd in all issues for UI or other user-facing changes made by this pull request.

.github/workflows/codeql.yml

@@ -0,0 +1,31 @@
+name: "Code Scanning - CodeQL"
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: '21 17 * * 0'
+
+jobs:
+  codeql:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      security-events: write
+      pull-requests: read
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@main
+        with:
+            languages: javascript
+            config-file: ./.github/codeql/codeql-config.yml
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@main

.github/workflows/label-issue.yml

@@ -0,0 +1,15 @@
+name: Label issue
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  label:
+    name: Label issue
+    runs-on: ubuntu-latest
+    steps:
+      - name: Label issue
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          echo '{"labels": ["VSCode"]}' | gh api repos/${{ github.repository }}/issues/${{ github.event.issue.number }}/labels --input -

.github/workflows/main.yml

@@ -1,5 +1,11 @@
 name: Build Extension
-on: [push, pull_request]
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+  push:
+    branches:
+      - main
 
 jobs:
   build:
@@ -10,15 +16,26 @@ jobs:
         os: [ubuntu-latest, windows-latest]
     steps:
       - name: Checkout
-        uses: actions/checkout@v1
+        uses: actions/checkout@v2
         with:
           fetch-depth: 1
 
-      - name: Build
+      - uses: actions/setup-node@v1
+        with:
+          node-version: '14.14.0'
+
+      - name: Install dependencies
+        working-directory: extensions/ql-vscode
         run: |
-          cd build
           npm install
-          npm run build-ci
+        shell: bash
+
+      - name: Build
+        working-directory: extensions/ql-vscode
+        env:
+          APP_INSIGHTS_KEY: '${{ secrets.APP_INSIGHTS_KEY }}'
+        run: |
+          npm run build
         shell: bash
 
       - name: Prepare artifacts
@@ -28,46 +45,168 @@ jobs:
           cp dist/*.vsix artifacts
 
       - name: Upload artifacts
-        uses: actions/upload-artifact@master
+        uses: actions/upload-artifact@v2
         if: matrix.os == 'ubuntu-latest'
         with:
           name: vscode-codeql-extension
           path: artifacts
 
+  find-nightly:
+    name: Find Nightly Release
+    runs-on: ubuntu-latest
+    outputs:
+      url: ${{ steps.get-url.outputs.nightly-url }}
+    steps:
+      - name: Get Nightly Release URL
+        id: get-url
+        env:
+          GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
+        shell: bash
+        # This workflow step gets an unstable testing version of the CodeQL CLI. It should not be used outside of these tests.
+        run: |
+          LATEST=`gh api repos/dsp-testing/codeql-cli-nightlies/releases --jq '.[].tag_name' --method GET --raw-field 'per_page=1'`
+          echo "::set-output name=nightly-url::https://github.com/dsp-testing/codeql-cli-nightlies/releases/download/$LATEST"
+
   test:
     name: Test
     runs-on: ${{ matrix.os }}
+    needs: [find-nightly]
     strategy:
       matrix:
         os: [ubuntu-latest, windows-latest]
+        version: [stable, nightly]
     steps:
       - name: Checkout
-        uses: actions/checkout@v1
+        uses: actions/checkout@v2
         with:
           fetch-depth: 1
 
-      # We have to build the dependencies in `lib` before running any tests.
-      - name: Build
+      - uses: actions/setup-node@v1
+        with:
+          node-version: '14.14.0'
+
+      - name: Install dependencies
+        working-directory: extensions/ql-vscode
         run: |
-          cd build
           npm install
-          npm run build-ci
         shell: bash
 
-      - name: Run unit tests
+      - name: Build
+        working-directory: extensions/ql-vscode
+        env:
+          APP_INSIGHTS_KEY: '${{ secrets.APP_INSIGHTS_KEY }}'
         run: |
-          cd extensions/ql-vscode
+          npm run build
+        shell: bash
+
+      - name: Lint
+        working-directory: extensions/ql-vscode
+        run: |
+          npm run lint
+
+      - name: Install CodeQL
+        run: |
+          mkdir codeql-home
+          if [ ${{ matrix.version }} = "stable" ]
+          then
+            curl -L --silent https://github.com/github/codeql-cli-binaries/releases/latest/download/codeql.zip -o codeql-home/codeql.zip
+          else
+            curl -L --silent ${{ needs.find-nightly.outputs.url }}/codeql.zip -o codeql-home/codeql.zip
+          fi
+          unzip -q -o codeql-home/codeql.zip -d codeql-home
+          unzip -q -o codeql-home/codeql.zip codeql/codeql.exe -d codeql-home
+          rm codeql-home/codeql.zip
+        shell: bash
+
+      - name: Run unit tests (Linux)
+        working-directory: extensions/ql-vscode
+        if: matrix.os == 'ubuntu-latest'
+        run: |
+          CODEQL_PATH=$GITHUB_WORKSPACE/codeql-home/codeql/codeql npm run test
+
+      - name: Run unit tests (Windows)
+        if: matrix.os == 'windows-latest'
+        working-directory: extensions/ql-vscode
+        run: |
+          $env:CODEQL_PATH=$(Join-Path $env:GITHUB_WORKSPACE -ChildPath 'codeql-home/codeql/codeql.exe')
           npm run test
 
       - name: Run integration tests (Linux)
         if: matrix.os == 'ubuntu-latest'
+        working-directory: extensions/ql-vscode
         run: |
-          cd extensions/ql-vscode
           sudo apt-get install xvfb
           /usr/bin/xvfb-run npm run integration
 
       - name: Run integration tests (Windows)
         if: matrix.os == 'windows-latest'
+        working-directory: extensions/ql-vscode
         run: |
-          cd extensions/ql-vscode
-          npm run integration
+          npm run integration
+
+  cli-test:
+    name: CLI Test
+    runs-on: ${{ matrix.os }}
+    needs: [find-nightly]
+    strategy:
+      matrix:
+        os: [ubuntu-latest, windows-latest]
+        version: ['v2.3.3', 'v2.4.6', 'v2.5.9', 'v2.6.3', 'nightly']
+    env:
+      CLI_VERSION: ${{ matrix.version }}
+      NIGHTLY_URL: ${{ needs.find-nightly.outputs.url }}
+      TEST_CODEQL_PATH: '${{ github.workspace }}/codeql'
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - uses: actions/setup-node@v1
+        with:
+          node-version: '14.14.0'
+
+      - name: Install dependencies
+        working-directory: extensions/ql-vscode
+        run: |
+          npm install
+        shell: bash
+
+      - name: Build
+        working-directory: extensions/ql-vscode
+        run: |
+          npm run build
+        shell: bash
+
+      - name: Decide on ref of CodeQL repo
+        id: choose-ref
+        shell: bash
+        run: |
+          if [[ "${{ matrix.version }}" == "nightly" ]]
+          then
+            REF="codeql-cli/latest"
+          elif [[ "${{ matrix.version }}" == "v2.2.6" || "${{ matrix.version }}" == "v2.3.3" ]]
+          then
+            REF="codeql-cli/v2.4.5"
+          else
+            REF="codeql-cli/${{ matrix.version }}"
+          fi
+          echo "::set-output name=ref::$REF"
+
+      - name: Checkout QL
+        uses: actions/checkout@v2
+        with:
+          repository: github/codeql
+          ref: ${{ steps.choose-ref.outputs.ref }}
+          path: codeql
+
+      - name: Run CLI tests (Linux)
+        working-directory: extensions/ql-vscode
+        if: matrix.os == 'ubuntu-latest'
+        run: |
+          /usr/bin/xvfb-run npm run cli-integration
+
+      - name: Run CLI tests (Windows)
+        working-directory: extensions/ql-vscode
+        if: matrix.os == 'windows-latest'
+        run: |
+          npm run cli-integration

.github/workflows/release.yml

@@ -6,35 +6,37 @@
 
 name: Release
 on:
+  workflow_dispatch:
+
   push:
-    # Path filters are not evaluated for pushes to tags.
-    # (source: https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#onpushpull_requestpaths)
-    # So this workflow is triggered in the following events:
-    # - Release event: a SemVer tag, e.g. v1.0.0 or v1.0.0-alpha, is pushed
     tags:
       - 'v[0-9]+.[0-9]+.[0-9]+*'
-    # OR
-    # - Test event: this file is modified on a branch in the main repo containing `/actions/` in the name.
-    branches:
-      - '**/actions/**'
-    paths:
-      - '**/workflows/release.yml'
 
 jobs:
   build:
     name: Release
     runs-on: ubuntu-latest
-    # TODO Share steps with the main workflow.
     steps:
       - name: Checkout
-        uses: actions/checkout@master
+        uses: actions/checkout@v2
+
+      - uses: actions/setup-node@v1
+        with:
+          node-version: '10.18.1'
+
+      - name: Install dependencies
+        run: |
+          cd extensions/ql-vscode
+          npm ci
+        shell: bash
 
       - name: Build
+        env:
+          APP_INSIGHTS_KEY: '${{ secrets.APP_INSIGHTS_KEY }}'
         run: |
-          cd build
-          npm install
-          # Release build instead of dev build.
-          npm run build-release
+          echo "APP INSIGHTS KEY LENGTH: ${#APP_INSIGHTS_KEY}"
+          cd extensions/ql-vscode
+          npm run build -- --release
         shell: bash
 
       - name: Prepare artifacts
@@ -47,15 +49,12 @@ jobs:
           VSIX_PATH="$(ls dist/*.vsix)"
           echo "::set-output name=vsix_path::$VSIX_PATH"
           # Transform the GitHub ref so it can be used in a filename.
-          # This is mainly needed for testing branches that modify this workflow.
-          REF_NAME="$(echo ${{ github.ref }} | sed -e 's:/:-:g')"
+          # The last sed invocation is used for testing branches that modify this workflow.
+          REF_NAME="$(echo ${{ github.ref }} | sed -e 's:^refs/tags/::' | sed -e 's:/:-:g')"
           echo "::set-output name=ref_name::$REF_NAME"
 
-      # Uploading artifacts is not necessary to create a release.
-      # This is just in case the release itself fails and we want to access the built artifacts from Actions.
-      # TODO Remove if not useful.
       - name: Upload artifacts
-        uses: actions/upload-artifact@master
+        uses: actions/upload-artifact@v2
         with:
           name: vscode-codeql-extension
           path: artifacts
@@ -87,4 +86,80 @@ jobs:
           # Get the `vsix_path` and `ref_name` from the `prepare-artifacts` step above.
           asset_path: ${{ steps.prepare-artifacts.outputs.vsix_path }}
           asset_name: ${{ format('vscode-codeql-{0}.vsix', steps.prepare-artifacts.outputs.ref_name) }}
-          asset_content_type: application/zip
+          asset_content_type: application/zip
+
+      ###
+      # Do Post release work: version bump and changelog PR
+      # Only do this if we are running from a PR (ie- this is part of the release process)
+
+      # The checkout action does not fetch the main branch.
+      # Fetch the main branch so that we can base the version bump PR against main.
+      - name: Fetch main branch
+        run: |
+          git fetch --depth=1 origin main:main
+          git checkout main
+
+      - name: Bump patch version
+        id: bump-patch-version
+        if: success()
+        run: |
+          cd extensions/ql-vscode
+          # Bump to the next patch version. Major or minor version bumps will have to be done manually.
+          # Record the next version number as an output of this step.
+          NEXT_VERSION="$(npm version patch)"
+          echo "::set-output name=next_version::$NEXT_VERSION"
+
+      - name: Add changelog for next release
+        if: success()
+        run: |
+          cd extensions/ql-vscode
+          perl -i -pe 's/^/## \[UNRELEASED\]\n\n/ if($.==3)' CHANGELOG.md
+
+      - name: Create version bump PR
+        uses: peter-evans/create-pull-request@c7f493a8000b8aeb17a1332e326ba76b57cb83eb # v3.4.1
+        if: success()
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          commit-message: Bump version to ${{ steps.bump-patch-version.outputs.next_version }}
+          title: Bump version to ${{ steps.bump-patch-version.outputs.next_version }}
+          body: This PR was automatically generated by the GitHub Actions release workflow in this repository.
+          branch: ${{ format('version/bump-to-{0}', steps.bump-patch-version.outputs.next_version) }}
+          base: main
+          draft: true
+
+  vscode-publish:
+    name: Publish to VS Code Marketplace
+    needs: build
+    environment: publish-vscode-marketplace
+    runs-on: ubuntu-latest
+    env:
+      VSCE_TOKEN: ${{ secrets.VSCE_TOKEN }}
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: vscode-codeql-extension
+
+      - name: Publish to Registry
+        run: |
+          npx vsce publish -p $VSCE_TOKEN --packagePath *.vsix || \
+            echo "Failed to publish to VS Code Marketplace. \
+                  If this was an authentication problem, please make sure the \
+                  auth token hasn't expired."
+
+  open-vsx-publish:
+    name: Publish to Open VSX Registry
+    needs: build
+    environment: publish-open-vsx
+    runs-on: ubuntu-latest
+    env:
+      OPEN_VSX_TOKEN: ${{ secrets.OPEN_VSX_TOKEN }}
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: vscode-codeql-extension
+
+      - name: Publish to Registry
+        run: |
+          npx ovsx publish -p $OPEN_VSX_TOKEN *.vsix

.gitignore

@@ -4,9 +4,11 @@
 # Generated files
 /dist/
 out/
+build/
 server/
 node_modules/
 gen/
+artifacts/
 
 # Integration test artifacts
 **/.vscode-test/**
@@ -17,3 +19,4 @@ gen/
 # Rush files
 /common/temp/**
 package-deps.json
+**/.rush/temp

.vscode/extensions.json

@@ -1,10 +1,12 @@
 {
-  // See http://go.microsoft.com/fwlink/?LinkId=827846 to learn about workspace recommendations.
+  // See https://go.microsoft.com/fwlink/?LinkId=827846 to learn about workspace recommendations.
   // Extension identifier format: ${publisher}.${name}. Example: vscode.csharp
   // List of extensions which should be recommended for users of this workspace.
   "recommendations": [
-    "eamodio.tsl-problem-matcher"
+    "eamodio.tsl-problem-matcher",
+    "dbaeumer.vscode-eslint",
+    "eternalphane.tsfmt-vscode"
   ],
   // List of extensions recommended by VS Code that should not be recommended for users of this workspace.
   "unwantedRecommendations": []
-}
+}

.vscode/launch.json

@@ -8,41 +8,46 @@
       "request": "launch",
       "runtimeExecutable": "${execPath}",
       "args": [
-        "--extensionDevelopmentPath=${workspaceRoot}/dist/vscode-codeql",
-        "--disable-extensions"
+        "--extensionDevelopmentPath=${workspaceRoot}/extensions/ql-vscode",
+        // Add a reference to a workspace to open. Eg-
+        // "${workspaceRoot}/../vscode-codeql-starter/vscode-codeql-starter.code-workspace"
       ],
       "stopOnEntry": false,
       "sourceMaps": true,
       "outFiles": [
-        "${workspaceRoot}/dist/vscode-codeql/out/**/*.js",
-        "${workspaceRoot}/dist/vscode-codeql/node_modules/semmle-bqrs/out/**/*.js",
-        "${workspaceRoot}/dist/vscode-codeql/node_modules/semmle-io/out/**/*.js",
-        "${workspaceRoot}/dist/vscode-codeql/node_modules/semmle-io-node/out/**/*.js",
-        "${workspaceRoot}/dist/vscode-codeql/node_modules/semmle-vscode-utils/out/**/*.js"
+        "${workspaceRoot}/extensions/ql-vscode/out/**/*.js",
       ],
-      "preLaunchTask": "Build"
+      "env": {
+        // change to 'true' debug the IDE or Query servers
+        "IDE_SERVER_JAVA_DEBUG": "false",
+        "QUERY_SERVER_JAVA_DEBUG": "false",
+      }
     },
     {
       "name": "Launch Unit Tests (vscode-codeql)",
-      "type": "extensionHost",
+      "type": "node",
       "request": "launch",
-      "runtimeExecutable": "${execPath}",
-      "args": [
-        "--extensionDevelopmentPath=${workspaceRoot}/dist/vscode-codeql",
-        "--extensionTestsPath=${workspaceRoot}/extensions/ql-vscode/out/test",
-        "--disable-extensions"
+      "program": "${workspaceFolder}/extensions/ql-vscode/node_modules/mocha/bin/_mocha",
+      "showAsyncStacks": true,
+      "cwd": "${workspaceFolder}/extensions/ql-vscode",
+      "runtimeArgs": [
+        "--inspect=9229"
       ],
+      "args": [
+        "--exit",
+        "-u",
+        "bdd",
+        "--colors",
+        "--diff",
+        "-r",
+        "ts-node/register",
+        "test/pure-tests/**/*.ts"
+      ],
+      "port": 9229,
       "stopOnEntry": false,
       "sourceMaps": true,
-      "outFiles": [
-        "${workspaceRoot}/dist/vscode-codeql/out/**/*.js",
-        "${workspaceRoot}/dist/vscode-codeql/node_modules/semmle-bqrs/out/**/*.js",
-        "${workspaceRoot}/dist/vscode-codeql/node_modules/semmle-io/out/**/*.js",
-        "${workspaceRoot}/dist/vscode-codeql/node_modules/semmle-io-node/out/**/*.js",
-        "${workspaceRoot}/dist/vscode-codeql/node_modules/semmle-vscode-utils/out/**/*.js",
-        "${workspaceRoot}/extensions/ql-vscode/out/test/**/*.js"
-      ],
-      "preLaunchTask": "Build"
+      "console": "integratedTerminal",
+      "internalConsoleOptions": "neverOpen"
     },
     {
       "name": "Launch Integration Tests - No Workspace (vscode-codeql)",
@@ -50,17 +55,14 @@
       "request": "launch",
       "runtimeExecutable": "${execPath}",
       "args": [
-        "--extensionDevelopmentPath=${workspaceRoot}/dist/vscode-codeql",
-        "--extensionTestsPath=${workspaceRoot}/extensions/ql-vscode/out/vscode-tests/no-workspace/index",
-        "--disable-extensions"
+        "--extensionDevelopmentPath=${workspaceRoot}/extensions/ql-vscode",
+        "--extensionTestsPath=${workspaceRoot}/extensions/ql-vscode/out/vscode-tests/no-workspace/index"
       ],
       "stopOnEntry": false,
       "sourceMaps": true,
       "outFiles": [
-        "${workspaceRoot}/dist/vscode-codeql/out/**/*.js",
-        "${workspaceRoot}/extensions/ql-vscode/out/vscode-tests/**/*.js"
+        "${workspaceRoot}/extensions/ql-vscode/out/**/*.js",
       ],
-      "preLaunchTask": "Build"
     },
     {
       "name": "Launch Integration Tests - Minimal Workspace (vscode-codeql)",
@@ -68,17 +70,34 @@
       "request": "launch",
       "runtimeExecutable": "${execPath}",
       "args": [
-        "--extensionDevelopmentPath=${workspaceRoot}/dist/vscode-codeql",
+        "--extensionDevelopmentPath=${workspaceRoot}/extensions/ql-vscode",
         "--extensionTestsPath=${workspaceRoot}/extensions/ql-vscode/out/vscode-tests/minimal-workspace/index",
-        "${workspaceRoot}/extensions/ql-vscode/test/data",
+        "${workspaceRoot}/extensions/ql-vscode/test/data"
       ],
       "stopOnEntry": false,
       "sourceMaps": true,
       "outFiles": [
-        "${workspaceRoot}/dist/vscode-codeql/out/**/*.js",
-        "${workspaceRoot}/extensions/ql-vscode/out/vscode-tests/**/*.js"
+        "${workspaceRoot}/extensions/ql-vscode/out/**/*.js",
+      ],
+    },
+    {
+      "name": "Launch Integration Tests - With CLI",
+      "type": "extensionHost",
+      "request": "launch",
+      "runtimeExecutable": "${execPath}",
+      "args": [
+        "--extensionDevelopmentPath=${workspaceRoot}/extensions/ql-vscode",
+        "--extensionTestsPath=${workspaceRoot}/extensions/ql-vscode/out/vscode-tests/cli-integration/index",
+        "${workspaceRoot}/extensions/ql-vscode/src/vscode-tests/cli-integration/data",
+        // Add a path to a checked out instance of the codeql repository so the libraries are
+        // available in the workspace for the tests.
+        // "${workspaceRoot}/../codeql"
+      ],
+      "stopOnEntry": false,
+      "sourceMaps": true,
+      "outFiles": [
+        "${workspaceRoot}/extensions/ql-vscode/out/**/*.js",
       ],
-      "preLaunchTask": "Build"
     }
   ]
-}
+}

.vscode/settings.json

@@ -1,14 +1,41 @@
 // Place your settings in this file to overwrite default and user settings.
 {
   "files.exclude": {
-    "out": false // set this to true to hide the "out" folder with the compiled JS files
+    "**/out": true, // set this to true to hide the "out" folder with the compiled JS files
+    "**/dist": true,
+    "**/node_modules": true,
+    "common/temp": true,
+    "**/.vscode-test": true
   },
   "files.watcherExclude": {
     "**/.git/**": true,
-    "**/node_modules/*/**": true
+    "**/out": true,
+    "**/dist": true,
+    "**/node_modules": true,
+    "common/temp": true,
+    "**/.vscode-test": true
   },
   "search.exclude": {
-    "out": true // set this to false to include "out" folder in search results
+    "**/out": true, // set this to false to include "out" folder in search results
+    "**/dist": true,
+    "**/node_modules": true,
+    "common/temp": true,
+    "**/.vscode-test": true
   },
-  "typescript.tsdk": "./common/temp/node_modules/typescript/lib" // we want to use the TS server from our node_modules folder to control its version
-}
+  "typescript.tsdk": "./extensions/ql-vscode/node_modules/typescript/lib", // we want to use the TS server from our node_modules folder to control its version
+  "typescript.enablePromptUseWorkspaceTsdk": true,
+  "eslint.validate": [
+    "javascript",
+    "javascriptreact",
+    "typescript",
+    "typescriptreact"
+  ],
+  "eslint.options": {
+    // This is necessary so that eslint can properly resolve its plugins
+    "resolvePluginsRelativeTo": "./extensions/ql-vscode"
+  },
+  "editor.formatOnSave": false,
+  "typescript.preferences.quoteStyle": "single",
+  "javascript.preferences.quoteStyle": "single",
+  "editor.wordWrapColumn": 100
+}

.vscode/tasks.json

@@ -10,34 +10,10 @@
         "kind": "build",
         "isDefault": true
       },
-      "command": "node common/scripts/install-run-rush.js build --verbose",
-      "presentation": {
-        "echo": true,
-        "reveal": "always",
-        "focus": false,
-        "panel": "shared",
-        "showReuseMessage": true,
-        "clear": true
+      "command": "npm run build",
+      "options": {
+        "cwd": "extensions/ql-vscode/"
       },
-      "problemMatcher": [
-        {
-          "owner": "typescript",
-          "fileLocation": "absolute",
-          "pattern": {
-            "regexp": "^\\[gulp-typescript\\] ([^(]+)\\((\\d+|\\d+,\\d+|\\d+,\\d+,\\d+,\\d+)\\): error TS\\d+: (.*)$",
-            "file": 1,
-            "location": 2,
-            "message": 3
-          },
-        },
-        "$ts-webpack"
-      ]
-    },
-    {
-      "label": "Rebuild",
-      "type": "shell",
-      "group": "build",
-      "command": "node common/scripts/install-run-rush.js rebuild --verbose",
       "presentation": {
         "echo": true,
         "reveal": "always",
@@ -56,41 +32,17 @@
             "location": 2,
             "message": 3
           }
-        }
+        },
+        "$ts-webpack"
       ]
     },
-    {
-      "label": "Update",
-      "type": "shell",
-      "command": "node common/scripts/install-run-rush.js update",
-      "presentation": {
-        "echo": true,
-        "reveal": "always",
-        "focus": false,
-        "panel": "shared",
-        "showReuseMessage": true,
-        "clear": true
-      },
-      "problemMatcher": []
-    },
-    {
-      "label": "Update (full)",
-      "type": "shell",
-      "command": "node common/scripts/install-run-rush.js update --full",
-      "presentation": {
-        "echo": true,
-        "reveal": "always",
-        "focus": false,
-        "panel": "shared",
-        "showReuseMessage": true,
-        "clear": true
-      },
-      "problemMatcher": []
-    },
     {
       "label": "Format",
       "type": "shell",
-      "command": "node common/scripts/install-run-rush.js format",
+      "command": "npm run format",
+      "options": {
+        "cwd": "extensions/ql-vscode/"
+      },
       "presentation": {
         "echo": true,
         "reveal": "always",
@@ -100,6 +52,15 @@
         "clear": true
       },
       "problemMatcher": []
+    },
+    {
+      "type": "npm",
+      "script": "watch",
+      "path": "extensions/ql-vscode/",
+      "problemMatcher": [
+        "$gulp-tsc"
+      ],
+      "group": "build"
     }
   ]
-}
+}

CHANGELOG.md

@@ -1,14 +0,0 @@
-# CodeQL for Visual Studio Code: Changelog
-
-## 1.0.1 - 21 November 2019
-
-- Change `codeQL.cli.executablePath` to a per-machine setting, so it can no longer be set at the user or workspace level. This helps prevent arbitrary code execution when using a VS Code workspace from an untrusted source.
-- Improve the highlighting of the selected query result within the source code.
-- Improve the performance of switching between result tables in the CodeQL Query Results view.
-- Fix the automatic upgrading of CodeQL databases when using upgrade scripts from the workspace.
-- Allow removal of items from the CodeQL Query History view.
-
-
-## 1.0.0 - 14 November 2019
-
-Initial release of CodeQL for Visual Studio Code.

CODEOWNERS

@@ -0,0 +1 @@
+**/* @github/codeql-vscode-reviewers

CONTRIBUTING.md

@@ -1,4 +1,4 @@
-## Contributing
+# Contributing
 
 [fork]: https://github.com/github/vscode-codeql/fork
 [pr]: https://github.com/github/vscode-codeql/compare
@@ -13,94 +13,53 @@ Please note that this project is released with a [Contributor Code of Conduct][c
 
 ## Submitting a pull request
 
-0. [Fork][fork] and clone the repository
-0. Set up a local build
-0. Create a new branch: `git checkout -b my-branch-name`
-0. Make your change
-0. Push to your fork and [submit a pull request][pr]
-0. Pat yourself on the back and wait for your pull request to be reviewed and merged.
+1. [Fork][fork] and clone the repository
+1. Set up a local build
+1. Create a new branch: `git checkout -b my-branch-name`
+1. Make your change
+1. Push to your fork and [submit a pull request][pr]
+1. Pat yourself on the back and wait for your pull request to be reviewed and merged.
 
 Here are a few things you can do that will increase the likelihood of your pull request being accepted:
 
-- Follow the [style guide][style].
-- Write tests. Tests that don't require the VS Code API are located [here](extensions/ql-vscode/test). Integration tests that do require the VS Code API are located [here](extensions/ql-vscode/src/vscode-tests).
-- Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests.
-- Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).
+* Follow the [style guide][style].
+* Write tests. Tests that don't require the VS Code API are located [here](extensions/ql-vscode/test). Integration tests that do require the VS Code API are located [here](extensions/ql-vscode/src/vscode-tests).
+* Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as separate pull requests.
+* Write a [good commit message](https://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).
 
 ## Setting up a local build
 
-Make sure you have a fairly recent version of vscode (>1.32) and are using nodejs
-version >=v10.13.0. (Tested on v10.15.1 and v10.16.0).
+Make sure you have installed recent versions of vscode (>= v1.52), node (>=12.16), and npm (>= 7.5.2). Earlier versions will probably work, but we no longer test against them.
 
-This repo uses [Rush](https://rushjs.io) to handle package management, building, and other
-operations across multiple projects. See the Rush "[Getting started as a developer](https://rushjs.io/pages/developer/new_developer/)" docs
-for more details.
+### Installing all packages
 
-If you plan on building from the command line, it's easiest if Rush is installed globally:
+From the command line, go to the directory `extensions/ql-vscode` and run
 
 ```shell
-npm install -g @microsoft/rush
+npm install
 ```
 
-Note that when you run the `rush` command from the globally installed version, it will examine the
-`rushVersion` property in the repo's `rush.json`, and if it differs from the globally installed
-version, it will download, cache, and run the version of Rush specified in the `rushVersion`
-property.
+### Building the extension
 
-If you plan on only building via VS Code tasks, you don't need Rush installed at all, since those
-tasks run `common/scripts/install-run-rush.js` to bootstrap a locally installed and cached copy of
-Rush.
-
-### Building
-
-#### Installing all packages (instead of `npm install`)
-
-After updating any `package.json` file, or after checking or pulling a new branch, you need to
-make sure all the right npm packages are installed, which you would normally do via `npm install` in
-a single-project repo. With Rush, you need to do an "update" instead:
-
-##### From VS Code
-
-`Terminal > Run Task... > Update`
-
-##### From the command line
+From the command line, go to the directory `extensions/ql-vscode` and run
 
 ```shell
-$ rush update
+npm run build
+npm run watch
 ```
 
-#### Building all projects (instead of `gulp`)
+Alternatively, you can build the extension within VS Code via `Terminal > Run Build Task...` (or `Ctrl+Shift+B` with the default key bindings). And you can run the watch command via `Terminal > Run Task` and then select `npm watch` from the menu.
 
-Rush builds all projects in the repo, in dependency order, building multiple projects in parallel
-where possible. By default, the build also packages the extension itself into a .vsix file in the
-`dist` directory. To build:
+Before running any of the launch commands, be sure to have run the `build` command to ensure that the JavaScript is compiled and the resources are copied to the proper location.
 
-##### From VS Code
+We recommend that you keep `npm run watch` running in the backgound and you only need to re-run `npm run build` in the following situations:
 
-`Terminal > Run Build Task...` (or just `Ctrl+Shift+B` with the default key bindings)
+1. on first checkout
+2. whenever any of the non-TypeScript resources have changed
+3. on any change to files included in one of the webviews
+   - **Important**: This is easy to forget. You must explicitly run `npm run build` whenever one of the files in the webview is changed. These are the files in the `src/view` and `src/compare/view` folders.
 
-##### From the command line
-
-```shell
-rush build --verbose
-```
-
-#### Forcing a clean build
-
-Rush does a reasonable job of detecting on its own which projects need to be rebuilt, but if you need to
-force a full rebuild of all projects:
-
-##### From VS Code
-
-`Terminal > Run Task... > Rebuild`
-
-##### From the command line
-
-```shell
-rush rebuild --verbose
-```
-
-### Installing
+### Installing the extension
 
 You can install the `.vsix` file from within VS Code itself, from the Extensions container in the sidebar:
 
@@ -118,18 +77,71 @@ $ vscode/scripts/code-cli.sh --install-extension dist/vscode-codeql-*.vsix # if
 
 You can use VS Code to debug the extension without explicitly installing it. Just open this directory as a workspace in VS Code, and hit `F5` to start a debugging session.
 
+### Running the unit/integration tests
+
+Ensure the `CODEQL_PATH` environment variable is set to point to the `codeql` cli executable.
+
+Outside of vscode, run:
+
+```shell
+npm run test && npm run integration
+```
+
+Alternatively, you can run the tests inside of vscode. There are several vscode launch configurations defined that run the unit and integration tests. They can all be found in the debug view.
+
 ## Releasing (write access required)
 
-1. Trigger a release build on Actions by adding a new tag on master of the format `vxx.xx.xx`
+1. Double-check the `CHANGELOG.md` contains all desired change comments and has the version to be released with date at the top.
+    * Go through all recent PRs and make sure they are properly accounted for.
+    * Make sure all changelog entries have links back to their PR(s) if appropriate.
+1. Double-check that the extension `package.json` and `package-lock.json` have the version you intend to release. If you are doing a patch release (as opposed to minor or major version) this should already be correct.
+1. Create a PR for this release:
+    * This PR will contain any missing bits from steps 1 and 2. Most of the time, this will just be updating `CHANGELOG.md` with today's date.
+    * Create a new branch for the release named after the new version. For example: `v1.3.6`
+    * Create a new commit with a message the same as the branch name.
+    * Create a PR for this branch.
+    * Wait for the PR to be merged into `main`
+1. Trigger a release build on Actions by adding a new tag on branch `main` named after the release, as above. Note that when you push to upstream, you will need to fully qualify the ref. A command like this will work:
+
+    ```bash
+    git push upstream refs/tags/v1.3.6
+    ```
+
+    * **IMPORTANT** Make sure you are on the `main` branch and your local checkout is fully updated when you add the tag.
+    * If you accidentally add the tag to the wrong ref, you can just force push it to the right one later.
+
 1. Monitor the status of the release build in the `Release` workflow in the Actions tab.
-1. Download the VSIX from the draft GitHub release that is created when the release build finishes.
-1. Log into the [Visual Studio Marketplace](https://marketplace.visualstudio.com/manage/publishers/github).
-1. Click the `...` menu in the CodeQL row and click **Update**.
-1. Drag the `.vsix` file you downloaded from the GitHub release into the Marketplace and click **Upload**.
-1. Publish the GitHub release.
+1. Download the VSIX from the draft GitHub release at the top of [the releases page](https://github.com/github/vscode-codeql/releases) that is created when the release build finishes.
+1. Unzip the `.vsix` and inspect its `package.json` to make sure the version is what you expect,
+   or look at the source if there's any doubt the right code is being shipped.
+1. Go to the actions tab of the vscode-codeql repository and select the [Release workflow](https://github.com/github/vscode-codeql/actions?query=workflow%3ARelease).
+    - If there is an authentication failure when publishing, be sure to check that the authentication keys haven't expired. See below.
+1. Approve the deployments of the correct Release workflow. This will automatically publish to Open VSX and VS Code Marketplace.
+1. Go to the draft GitHub release in [the releases tab of the repository](https://github.com/github/vscode-codeql/releases), click 'Edit', add some summary description, and publish it.
+1. Confirm the new release is marked as the latest release at <https://github.com/github/vscode-codeql/releases>.
+1. If documentation changes need to be published, notify documentation team that release has been made.
+1. Review and merge the version bump PR that is automatically created by Actions.
+
+## Secrets and authentication for publishing
+
+Repository administrators, will need to manage the authentication keys for publishing to the VS Code marketplace and Open VSX. Each requires an authentication token. The VS Code marketplace token expires yearly.
+
+To regenerate the Open VSX token:
+
+1. Log in to the [user settings page on Open VSX](https://open-vsx.org/user-settings/namespaces).
+1. Make sure you are a member of the GitHub namespace.
+1. Go to the [Access Tokens](https://open-vsx.org/user-settings/tokens) page and generate a new token.
+1. Update the secret in the `publish-open-vsx` environment in the project settings.
+
+To regenerate the VSCode Marketplace token:
+
+1. Follow the instructions on [getting a PAT for Azure DevOps](https://code.visualstudio.com/api/working-with-extensions/publishing-extension#get-a-personal-access-token).
+1. Update the secret in the `publish-vscode-marketplace` environment in the project settings.
+
+Not that Azure DevOps PATs expire yearly and must be regenerated.
 
 ## Resources
 
-- [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
-- [Using Pull Requests](https://help.github.com/articles/about-pull-requests/)
-- [GitHub Help](https://help.github.com)
+* [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
+* [Using Pull Requests](https://help.github.com/articles/about-pull-requests/)
+* [GitHub Help](https://help.github.com)

README.md

@@ -4,16 +4,18 @@ This project is an extension for Visual Studio Code that adds rich language supp
 
 The extension is released. You can download it from the [Visual Studio Marketplace](https://marketplace.visualstudio.com/items?itemName=github.vscode-codeql).
 
-![CI status badge](https://github.com/github/vscode-codeql/workflows/Build%20Extension/badge.svg)
+To see what has changed in the last few versions of the extension, see the [Changelog](https://github.com/github/vscode-codeql/blob/main/extensions/ql-vscode/CHANGELOG.md).
+
+[![CI status badge](https://github.com/github/vscode-codeql/workflows/Build%20Extension/badge.svg)](https://github.com/github/vscode-codeql/actions?query=workflow%3A%22Build+Extension%22+branch%3Amaster)
+[![VS Marketplace badge](https://vsmarketplacebadge.apphb.com/version/github.vscode-codeql.svg)](https://marketplace.visualstudio.com/items?itemName=github.vscode-codeql)
 
 ## Features
 
 * Enables you to use CodeQL to query databases and discover problems in codebases.
 * Shows the flow of data through the results of path queries, which is essential for triaging security results.
-* Provides an easy way to run queries from the large, open source repository of [CodeQL security queries](https://github.com/Semmle/ql).
+* Provides an easy way to run queries from the large, open source repository of [CodeQL security queries](https://github.com/github/codeql).
 * Adds IntelliSense to support you writing and editing your own CodeQL query and library files.
 
-
 ## Project goals and scope
 
 This project will track new feature development in CodeQL and, whenever appropriate, bring that functionality to the Visual Studio Code experience.

build/README.md

@@ -1,12 +0,0 @@
-GitHub Actions Build directory
-===
-
-The point of this directory is to allow us to do a local installation *of* the rush
-tool, since 
- - installing globally is not permitted on github actions
- - installing locally in the root directory of the repo creates `node_modules` there,
-   and rush itself gives error messages since it thinks `node_modules` is not supposed 
-   to exist, since rush is supposed to be managing subproject dependencies.
-
-Running rush from a subdirectory searches parent directories for `rush.json`
-and does the build starting from that file's location.

build/package.json

@@ -1,17 +0,0 @@
-{
-  "name": "build",
-  "version": "1.0.0",
-  "description": "",
-  "main": "index.js",
-  "dependencies": {
-    "@microsoft/rush": "^5.10.3"
-  },
-  "devDependencies": {},
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1",
-    "build": "rush update && rush build",
-    "build-ci": "rush install && rush build",
-    "build-release": "rush install && rush build --release"
-  },
-  "author": "GitHub"
-}

common/config/LICENSE

@@ -1,28 +0,0 @@
-This directory contains content from https://github.com/microsoft/rushstack,
-used under the MIT license as follows.
-See https://github.com/microsoft/rushstack/blob/master/stack/rush-stack/LICENSE.
-
-@microsoft/rush-stack
-
-Copyright (c) Microsoft Corporation. All rights reserved.
-
-MIT License
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

common/config/rush/.npmrc

@@ -1,12 +0,0 @@
-# Rush uses this file to configure the package registry, regardless of whether the
-# package manager is PNPM, NPM, or Yarn.  Prior to invoking the package manager,
-# Rush will always copy this file to the folder where installation is performed.
-# When NPM is the package manager, Rush works around NPM's processing of
-# undefined environment variables by deleting any lines that reference undefined
-# environment variables.
-#
-# DO NOT SPECIFY AUTHENTICATION CREDENTIALS IN THIS FILE.  It should only be used
-# to configure registry sources.
-
-registry=https://registry.npmjs.org/
-always-auth=false

common/config/rush/command-line.json

@@ -1,32 +0,0 @@
-/**
- * This configuration file defines custom commands for the "rush" command-line.
- * For full documentation, please see https://rushjs.io/pages/configs/command_line_json/
- */
-{
-  "$schema": "https://developer.microsoft.com/json-schemas/rush/v5/command-line.schema.json",
-  "commands": [
-    {
-      "commandKind": "bulk",
-      "name": "format",
-      "summary": "Reformat source code in all projects",
-      "description": "Runs the `format` npm task in each project, if present.",
-      "safeForSimultaneousRushProcesses": false,
-      "enableParallelism": true,
-      "ignoreDependencyOrder": true,
-      "ignoreMissingScript": true,
-      "allowWarningsInSuccessfulBuild": false
-    }
-  ],
-  "parameters": [
-    {
-      "parameterKind": "flag",
-      "longName": "--release",
-      "shortName": "-r",
-      "description": "Perform a release build",
-      "associatedCommands": [
-        "build",
-        "rebuild"
-      ],
-    }
-  ]
-}

common/config/rush/common-versions.json

@@ -1,43 +0,0 @@
-/**
- * This configuration file specifies NPM dependency version selections that affect all projects
- * in a Rush repo.  For full documentation, please see https://rushjs.io
- */
-{
-  "$schema": "https://developer.microsoft.com/json-schemas/rush/v5/common-versions.schema.json",
-
-  /**
-   * A table that specifies a "preferred version" for a dependency package. The "preferred version"
-   * is typically used to hold an indirect dependency back to a specific version, however generally
-   * it can be any SemVer range specifier (e.g. "~1.2.3"), and it will narrow any (compatible)
-   * SemVer range specifier.  See the Rush documentation for details about this feature.
-   */
-  "preferredVersions": {
-
-    /**
-     * When someone asks for "^1.0.0" make sure they get "1.2.3" when working in this repo,
-     * instead of the latest version.
-     */
-    // "some-library": "1.2.3"
-  },
-
-  /**
-   * The "rush check" command can be used to enforce that every project in the repo must specify
-   * the same SemVer range for a given dependency.  However, sometimes exceptions are needed.
-   * The allowedAlternativeVersions table allows you to list other SemVer ranges that will be
-   * accepted by "rush check" for a given dependency.
-   *
-   * IMPORTANT: THIS TABLE IS FOR *ADDITIONAL* VERSION RANGES THAT ARE ALTERNATIVES TO THE
-   * USUAL VERSION (WHICH IS INFERRED BY LOOKING AT ALL PROJECTS IN THE REPO).
-   * This design avoids unnecessary churn in this file.
-   */
-   "allowedAlternativeVersions": {
-
-    /**
-     * For example, allow some projects to use an older TypeScript compiler
-     * (in addition to whatever "usual" version is being used by other projects in the repo):
-     */
-    // "typescript": [
-    //   "~2.4.0"
-    // ]
-  }
-}

common/config/rush/pnpmfile.js

@@ -1,32 +0,0 @@
-"use strict";
-
-/**
- * When using the PNPM package manager, you can use pnpmfile.js to workaround
- * dependencies that have mistakes in their package.json file.  (This feature is
- * functionally similar to Yarn's "resolutions".)
- *
- * For details, see the PNPM documentation:
- * https://pnpm.js.org/docs/en/hooks.html
- *
- * IMPORTANT: SINCE THIS FILE CONTAINS EXECUTABLE CODE, MODIFYING IT IS LIKELY
- * TO INVALIDATE ANY CACHED DEPENDENCY ANALYSIS.  We recommend to run "rush update --full"
- * after any modification to pnpmfile.js.
- *
- */
-module.exports = {
-  hooks: {
-    readPackage
-  }
-};
-
-/**
- * This hook is invoked during installation before a package's dependencies
- * are selected.
- * The `packageJson` parameter is the deserialized package.json
- * contents for the package that is about to be installed.
- * The `context` parameter provides a log() function.
- * The return value is the updated object.
- */
-function readPackage(packageJson, context) {
-  return packageJson;
-}

common/config/rush/version-policies.json

@@ -1,6 +0,0 @@
-/**
- * This is configuration file is used for advanced publishing configurations with Rush.
- * For full documentation, please see https://rushjs.io/pages/configs/version_policies_json/
- */
-
-[]

common/scripts/install-run-rush.js

@@ -1,52 +0,0 @@
-"use strict";
-// Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license.
-// See the @microsoft/rush package's LICENSE file for license information.
-Object.defineProperty(exports, "__esModule", { value: true });
-// THIS FILE WAS GENERATED BY A TOOL. ANY MANUAL MODIFICATIONS WILL GET OVERWRITTEN WHENEVER RUSH IS UPGRADED.
-//
-// This script is intended for usage in an automated build environment where the Rush command may not have
-// been preinstalled, or may have an unpredictable version.  This script will automatically install the version of Rush
-// specified in the rush.json configuration file (if not already installed), and then pass a command-line to it.
-// An example usage would be:
-//
-//    node common/scripts/install-run-rush.js install
-//
-// For more information, see: https://rushjs.io/pages/maintainer/setup_new_repo/
-const path = require("path");
-const fs = require("fs");
-const install_run_1 = require("./install-run");
-const PACKAGE_NAME = '@microsoft/rush';
-function getRushVersion() {
-    const rushJsonFolder = install_run_1.findRushJsonFolder();
-    const rushJsonPath = path.join(rushJsonFolder, install_run_1.RUSH_JSON_FILENAME);
-    try {
-        const rushJsonContents = fs.readFileSync(rushJsonPath, 'utf-8');
-        // Use a regular expression to parse out the rushVersion value because rush.json supports comments,
-        // but JSON.parse does not and we don't want to pull in more dependencies than we need to in this script.
-        const rushJsonMatches = rushJsonContents.match(/\"rushVersion\"\s*\:\s*\"([0-9a-zA-Z.+\-]+)\"/);
-        return rushJsonMatches[1];
-    }
-    catch (e) {
-        throw new Error(`Unable to determine the required version of Rush from rush.json (${rushJsonFolder}). ` +
-            'The \'rushVersion\' field is either not assigned in rush.json or was specified ' +
-            'using an unexpected syntax.');
-    }
-}
-function run() {
-    const [nodePath, /* Ex: /bin/node */ scriptPath, /* /repo/common/scripts/install-run-rush.js */ ...packageBinArgs /* [build, --to, myproject] */] = process.argv;
-    if (!nodePath || !scriptPath) {
-        throw new Error('Unexpected exception: could not detect node path or script path');
-    }
-    if (process.argv.length < 3) {
-        console.log('Usage: install-run-rush.js <command> [args...]');
-        console.log('Example: install-run-rush.js build --to myproject');
-        process.exit(1);
-    }
-    install_run_1.runWithErrorAndStatusCode(() => {
-        const version = getRushVersion();
-        console.log(`The rush.json configuration requests Rush version ${version}`);
-        return install_run_1.installAndRun(PACKAGE_NAME, version, 'rush', packageBinArgs);
-    });
-}
-run();
-//# sourceMappingURL=install-run-rush.js.map

common/scripts/install-run.js

@@ -1,399 +0,0 @@
-"use strict";
-// Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT license.
-// See the @microsoft/rush package's LICENSE file for license information.
-Object.defineProperty(exports, "__esModule", { value: true });
-// THIS FILE WAS GENERATED BY A TOOL. ANY MANUAL MODIFICATIONS WILL GET OVERWRITTEN WHENEVER RUSH IS UPGRADED.
-//
-// This script is intended for usage in an automated build environment where a Node tool may not have
-// been preinstalled, or may have an unpredictable version.  This script will automatically install the specified
-// version of the specified tool (if not already installed), and then pass a command-line to it.
-// An example usage would be:
-//
-//    node common/scripts/install-run.js qrcode@1.2.2 qrcode https://rushjs.io
-//
-// For more information, see: https://rushjs.io/pages/maintainer/setup_new_repo/
-const childProcess = require("child_process");
-const fs = require("fs");
-const os = require("os");
-const path = require("path");
-exports.RUSH_JSON_FILENAME = 'rush.json';
-const INSTALLED_FLAG_FILENAME = 'installed.flag';
-const NODE_MODULES_FOLDER_NAME = 'node_modules';
-const PACKAGE_JSON_FILENAME = 'package.json';
-/**
- * Parse a package specifier (in the form of name\@version) into name and version parts.
- */
-function parsePackageSpecifier(rawPackageSpecifier) {
-    rawPackageSpecifier = (rawPackageSpecifier || '').trim();
-    const separatorIndex = rawPackageSpecifier.lastIndexOf('@');
-    let name;
-    let version = undefined;
-    if (separatorIndex === 0) {
-        // The specifier starts with a scope and doesn't have a version specified
-        name = rawPackageSpecifier;
-    }
-    else if (separatorIndex === -1) {
-        // The specifier doesn't have a version
-        name = rawPackageSpecifier;
-    }
-    else {
-        name = rawPackageSpecifier.substring(0, separatorIndex);
-        version = rawPackageSpecifier.substring(separatorIndex + 1);
-    }
-    if (!name) {
-        throw new Error(`Invalid package specifier: ${rawPackageSpecifier}`);
-    }
-    return { name, version };
-}
-/**
- * Resolve a package specifier to a static version
- */
-function resolvePackageVersion(rushCommonFolder, { name, version }) {
-    if (!version) {
-        version = '*'; // If no version is specified, use the latest version
-    }
-    if (version.match(/^[a-zA-Z0-9\-\+\.]+$/)) {
-        // If the version contains only characters that we recognize to be used in static version specifiers,
-        // pass the version through
-        return version;
-    }
-    else {
-        // version resolves to
-        try {
-            const rushTempFolder = ensureAndJoinPath(rushCommonFolder, 'temp');
-            const sourceNpmrcFolder = path.join(rushCommonFolder, 'config', 'rush');
-            syncNpmrc(sourceNpmrcFolder, rushTempFolder);
-            const npmPath = getNpmPath();
-            // This returns something that looks like:
-            //  @microsoft/rush@3.0.0 '3.0.0'
-            //  @microsoft/rush@3.0.1 '3.0.1'
-            //  ...
-            //  @microsoft/rush@3.0.20 '3.0.20'
-            //  <blank line>
-            const npmVersionSpawnResult = childProcess.spawnSync(npmPath, ['view', `${name}@${version}`, 'version', '--no-update-notifier'], {
-                cwd: rushTempFolder,
-                stdio: []
-            });
-            if (npmVersionSpawnResult.status !== 0) {
-                throw new Error(`"npm view" returned error code ${npmVersionSpawnResult.status}`);
-            }
-            const npmViewVersionOutput = npmVersionSpawnResult.stdout.toString();
-            const versionLines = npmViewVersionOutput.split('\n').filter((line) => !!line);
-            const latestVersion = versionLines[versionLines.length - 1];
-            if (!latestVersion) {
-                throw new Error('No versions found for the specified version range.');
-            }
-            const versionMatches = latestVersion.match(/^.+\s\'(.+)\'$/);
-            if (!versionMatches) {
-                throw new Error(`Invalid npm output ${latestVersion}`);
-            }
-            return versionMatches[1];
-        }
-        catch (e) {
-            throw new Error(`Unable to resolve version ${version} of package ${name}: ${e}`);
-        }
-    }
-}
-let _npmPath = undefined;
-/**
- * Get the absolute path to the npm executable
- */
-function getNpmPath() {
-    if (!_npmPath) {
-        try {
-            if (os.platform() === 'win32') {
-                // We're on Windows
-                const whereOutput = childProcess.execSync('where npm', { stdio: [] }).toString();
-                const lines = whereOutput.split(os.EOL).filter((line) => !!line);
-                // take the last result, we are looking for a .cmd command
-                // see https://github.com/Microsoft/web-build-tools/issues/759
-                _npmPath = lines[lines.length - 1];
-            }
-            else {
-                // We aren't on Windows - assume we're on *NIX or Darwin
-                _npmPath = childProcess.execSync('which npm', { stdio: [] }).toString();
-            }
-        }
-        catch (e) {
-            throw new Error(`Unable to determine the path to the NPM tool: ${e}`);
-        }
-        _npmPath = _npmPath.trim();
-        if (!fs.existsSync(_npmPath)) {
-            throw new Error('The NPM executable does not exist');
-        }
-    }
-    return _npmPath;
-}
-exports.getNpmPath = getNpmPath;
-let _rushJsonFolder;
-/**
- * Find the absolute path to the folder containing rush.json
- */
-function findRushJsonFolder() {
-    if (!_rushJsonFolder) {
-        let basePath = __dirname;
-        let tempPath = __dirname;
-        do {
-            const testRushJsonPath = path.join(basePath, exports.RUSH_JSON_FILENAME);
-            if (fs.existsSync(testRushJsonPath)) {
-                _rushJsonFolder = basePath;
-                break;
-            }
-            else {
-                basePath = tempPath;
-            }
-        } while (basePath !== (tempPath = path.dirname(basePath))); // Exit the loop when we hit the disk root
-        if (!_rushJsonFolder) {
-            throw new Error('Unable to find rush.json.');
-        }
-    }
-    return _rushJsonFolder;
-}
-exports.findRushJsonFolder = findRushJsonFolder;
-/**
- * Create missing directories under the specified base directory, and return the resolved directory.
- *
- * Does not support "." or ".." path segments.
- * Assumes the baseFolder exists.
- */
-function ensureAndJoinPath(baseFolder, ...pathSegments) {
-    let joinedPath = baseFolder;
-    try {
-        for (let pathSegment of pathSegments) {
-            pathSegment = pathSegment.replace(/[\\\/]/g, '+');
-            joinedPath = path.join(joinedPath, pathSegment);
-            if (!fs.existsSync(joinedPath)) {
-                fs.mkdirSync(joinedPath);
-            }
-        }
-    }
-    catch (e) {
-        throw new Error(`Error building local installation folder (${path.join(baseFolder, ...pathSegments)}): ${e}`);
-    }
-    return joinedPath;
-}
-/**
- * As a workaround, _syncNpmrc() copies the .npmrc file to the target folder, and also trims
- * unusable lines from the .npmrc file.  If the source .npmrc file not exist, then _syncNpmrc()
- * will delete an .npmrc that is found in the target folder.
- *
- * Why are we trimming the .npmrc lines?  NPM allows environment variables to be specified in
- * the .npmrc file to provide different authentication tokens for different registry.
- * However, if the environment variable is undefined, it expands to an empty string, which
- * produces a valid-looking mapping with an invalid URL that causes an error.  Instead,
- * we'd prefer to skip that line and continue looking in other places such as the user's
- * home directory.
- *
- * IMPORTANT: THIS CODE SHOULD BE KEPT UP TO DATE WITH Utilities._syncNpmrc()
- */
-function syncNpmrc(sourceNpmrcFolder, targetNpmrcFolder) {
-    const sourceNpmrcPath = path.join(sourceNpmrcFolder, '.npmrc');
-    const targetNpmrcPath = path.join(targetNpmrcFolder, '.npmrc');
-    try {
-        if (fs.existsSync(sourceNpmrcPath)) {
-            let npmrcFileLines = fs.readFileSync(sourceNpmrcPath).toString().split('\n');
-            npmrcFileLines = npmrcFileLines.map((line) => (line || '').trim());
-            const resultLines = [];
-            // Trim out lines that reference environment variables that aren't defined
-            for (const line of npmrcFileLines) {
-                // This finds environment variable tokens that look like "${VAR_NAME}"
-                const regex = /\$\{([^\}]+)\}/g;
-                const environmentVariables = line.match(regex);
-                let lineShouldBeTrimmed = false;
-                if (environmentVariables) {
-                    for (const token of environmentVariables) {
-                        // Remove the leading "${" and the trailing "}" from the token
-                        const environmentVariableName = token.substring(2, token.length - 1);
-                        if (!process.env[environmentVariableName]) {
-                            lineShouldBeTrimmed = true;
-                            break;
-                        }
-                    }
-                }
-                if (lineShouldBeTrimmed) {
-                    // Example output:
-                    // "; MISSING ENVIRONMENT VARIABLE: //my-registry.com/npm/:_authToken=${MY_AUTH_TOKEN}"
-                    resultLines.push('; MISSING ENVIRONMENT VARIABLE: ' + line);
-                }
-                else {
-                    resultLines.push(line);
-                }
-            }
-            fs.writeFileSync(targetNpmrcPath, resultLines.join(os.EOL));
-        }
-        else if (fs.existsSync(targetNpmrcPath)) {
-            // If the source .npmrc doesn't exist and there is one in the target, delete the one in the target
-            fs.unlinkSync(targetNpmrcPath);
-        }
-    }
-    catch (e) {
-        throw new Error(`Error syncing .npmrc file: ${e}`);
-    }
-}
-/**
- * Detects if the package in the specified directory is installed
- */
-function isPackageAlreadyInstalled(packageInstallFolder) {
-    try {
-        const flagFilePath = path.join(packageInstallFolder, INSTALLED_FLAG_FILENAME);
-        if (!fs.existsSync(flagFilePath)) {
-            return false;
-        }
-        const fileContents = fs.readFileSync(flagFilePath).toString();
-        return fileContents.trim() === process.version;
-    }
-    catch (e) {
-        return false;
-    }
-}
-/**
- * Removes the following files and directories under the specified folder path:
- *  - installed.flag
- *  -
- *  - node_modules
- */
-function cleanInstallFolder(rushCommonFolder, packageInstallFolder) {
-    try {
-        const flagFile = path.resolve(packageInstallFolder, INSTALLED_FLAG_FILENAME);
-        if (fs.existsSync(flagFile)) {
-            fs.unlinkSync(flagFile);
-        }
-        const packageLockFile = path.resolve(packageInstallFolder, 'package-lock.json');
-        if (fs.existsSync(packageLockFile)) {
-            fs.unlinkSync(packageLockFile);
-        }
-        const nodeModulesFolder = path.resolve(packageInstallFolder, NODE_MODULES_FOLDER_NAME);
-        if (fs.existsSync(nodeModulesFolder)) {
-            const rushRecyclerFolder = ensureAndJoinPath(rushCommonFolder, 'temp', 'rush-recycler', `install-run-${Date.now().toString()}`);
-            fs.renameSync(nodeModulesFolder, rushRecyclerFolder);
-        }
-    }
-    catch (e) {
-        throw new Error(`Error cleaning the package install folder (${packageInstallFolder}): ${e}`);
-    }
-}
-function createPackageJson(packageInstallFolder, name, version) {
-    try {
-        const packageJsonContents = {
-            'name': 'ci-rush',
-            'version': '0.0.0',
-            'dependencies': {
-                [name]: version
-            },
-            'description': 'DON\'T WARN',
-            'repository': 'DON\'T WARN',
-            'license': 'MIT'
-        };
-        const packageJsonPath = path.join(packageInstallFolder, PACKAGE_JSON_FILENAME);
-        fs.writeFileSync(packageJsonPath, JSON.stringify(packageJsonContents, undefined, 2));
-    }
-    catch (e) {
-        throw new Error(`Unable to create package.json: ${e}`);
-    }
-}
-/**
- * Run "npm install" in the package install folder.
- */
-function installPackage(packageInstallFolder, name, version) {
-    try {
-        console.log(`Installing ${name}...`);
-        const npmPath = getNpmPath();
-        const result = childProcess.spawnSync(npmPath, ['install'], {
-            stdio: 'inherit',
-            cwd: packageInstallFolder,
-            env: process.env
-        });
-        if (result.status !== 0) {
-            throw new Error('"npm install" encountered an error');
-        }
-        console.log(`Successfully installed ${name}@${version}`);
-    }
-    catch (e) {
-        throw new Error(`Unable to install package: ${e}`);
-    }
-}
-/**
- * Get the ".bin" path for the package.
- */
-function getBinPath(packageInstallFolder, binName) {
-    const binFolderPath = path.resolve(packageInstallFolder, NODE_MODULES_FOLDER_NAME, '.bin');
-    const resolvedBinName = (os.platform() === 'win32') ? `${binName}.cmd` : binName;
-    return path.resolve(binFolderPath, resolvedBinName);
-}
-/**
- * Write a flag file to the package's install directory, signifying that the install was successful.
- */
-function writeFlagFile(packageInstallFolder) {
-    try {
-        const flagFilePath = path.join(packageInstallFolder, INSTALLED_FLAG_FILENAME);
-        fs.writeFileSync(flagFilePath, process.version);
-    }
-    catch (e) {
-        throw new Error(`Unable to create installed.flag file in ${packageInstallFolder}`);
-    }
-}
-function installAndRun(packageName, packageVersion, packageBinName, packageBinArgs) {
-    const rushJsonFolder = findRushJsonFolder();
-    const rushCommonFolder = path.join(rushJsonFolder, 'common');
-    const packageInstallFolder = ensureAndJoinPath(rushCommonFolder, 'temp', 'install-run', `${packageName}@${packageVersion}`);
-    if (!isPackageAlreadyInstalled(packageInstallFolder)) {
-        // The package isn't already installed
-        cleanInstallFolder(rushCommonFolder, packageInstallFolder);
-        const sourceNpmrcFolder = path.join(rushCommonFolder, 'config', 'rush');
-        syncNpmrc(sourceNpmrcFolder, packageInstallFolder);
-        createPackageJson(packageInstallFolder, packageName, packageVersion);
-        installPackage(packageInstallFolder, packageName, packageVersion);
-        writeFlagFile(packageInstallFolder);
-    }
-    const statusMessage = `Invoking "${packageBinName} ${packageBinArgs.join(' ')}"`;
-    const statusMessageLine = new Array(statusMessage.length + 1).join('-');
-    console.log(os.EOL + statusMessage + os.EOL + statusMessageLine + os.EOL);
-    const binPath = getBinPath(packageInstallFolder, packageBinName);
-    const result = childProcess.spawnSync(binPath, packageBinArgs, {
-        stdio: 'inherit',
-        cwd: process.cwd(),
-        env: process.env
-    });
-    return result.status;
-}
-exports.installAndRun = installAndRun;
-function runWithErrorAndStatusCode(fn) {
-    process.exitCode = 1;
-    try {
-        const exitCode = fn();
-        process.exitCode = exitCode;
-    }
-    catch (e) {
-        console.error(os.EOL + os.EOL + e.toString() + os.EOL + os.EOL);
-    }
-}
-exports.runWithErrorAndStatusCode = runWithErrorAndStatusCode;
-function run() {
-    const [nodePath, /* Ex: /bin/node */ scriptPath, /* /repo/common/scripts/install-run-rush.js */ rawPackageSpecifier, /* qrcode@^1.2.0 */ packageBinName, /* qrcode */ ...packageBinArgs /* [-f, myproject/lib] */] = process.argv;
-    if (!nodePath) {
-        throw new Error('Unexpected exception: could not detect node path');
-    }
-    if (path.basename(scriptPath).toLowerCase() !== 'install-run.js') {
-        // If install-run.js wasn't directly invoked, don't execute the rest of this function. Return control
-        // to the script that (presumably) imported this file
-        return;
-    }
-    if (process.argv.length < 4) {
-        console.log('Usage: install-run.js <package>@<version> <command> [args...]');
-        console.log('Example: install-run.js qrcode@1.2.2 qrcode https://rushjs.io');
-        process.exit(1);
-    }
-    runWithErrorAndStatusCode(() => {
-        const rushJsonFolder = findRushJsonFolder();
-        const rushCommonFolder = ensureAndJoinPath(rushJsonFolder, 'common');
-        const packageSpecifier = parsePackageSpecifier(rawPackageSpecifier);
-        const name = packageSpecifier.name;
-        const version = resolvePackageVersion(rushCommonFolder, packageSpecifier);
-        if (packageSpecifier.version !== version) {
-            console.log(`Resolved to ${name}@${version}`);
-        }
-        return installAndRun(name, version, packageBinName, packageBinArgs);
-    });
-}
-run();
-//# sourceMappingURL=install-run.js.map

configs/typescript-config/extension.tsconfig.json

@@ -1,8 +0,0 @@
-{
-  "$schema": "http://json.schemastore.org/tsconfig",
-  "extends": "./common.tsconfig.json",
-  "compilerOptions": {
-    "declaration": false,
-    "strict": true
-  }
-}

configs/typescript-config/lib.tsconfig.json

@@ -1,4 +0,0 @@
-{
-  "$schema": "http://json.schemastore.org/tsconfig",
-  "extends": "./common.tsconfig.json"
-}

configs/typescript-config/package.json

@@ -1,18 +0,0 @@
-{
-  "name": "typescript-config",
-  "description": "TypeScript configurations",
-  "author": "GitHub",
-  "private": true,
-  "version": "0.0.1",
-  "publisher": "GitHub",
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/github/vscode-codeql"
-  },
-  "scripts": {
-    "build": "",
-    "format": ""
-  },
-  "devDependencies": {},
-  "dependencies": {}
-}

extensions/ql-vscode/.eslintrc.js

@@ -0,0 +1,37 @@
+module.exports = {
+  parser: "@typescript-eslint/parser",
+  parserOptions: {
+    ecmaVersion: 2018,
+    sourceType: "module",
+    project: ["tsconfig.json", "./src/**/tsconfig.json", "./gulpfile.ts/tsconfig.json"],
+  },
+  plugins: ["@typescript-eslint"],
+  env: {
+    node: true,
+    es6: true,
+  },
+  extends: ["eslint:recommended", "plugin:@typescript-eslint/recommended"],
+  rules: {
+    "@typescript-eslint/no-use-before-define": 0,
+    "@typescript-eslint/no-unused-vars": [
+      "warn",
+      {
+        vars: "all",
+        args: "none",
+        ignoreRestSiblings: false,
+      },
+    ],
+    "@typescript-eslint/explicit-function-return-type": "off",
+    "@typescript-eslint/explicit-module-boundary-types": "off",
+    "@typescript-eslint/no-non-null-assertion": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+    "@typescript-eslint/no-floating-promises": [ "error", { ignoreVoid: true } ],
+    "prefer-const": ["warn", { destructuring: "all" }],
+    indent: "off",
+    "@typescript-eslint/indent": "off",
+    "@typescript-eslint/no-throw-literal": "error",
+    "no-useless-escape": 0,
+    semi: 2,
+    quotes: ["warn", "single"]
+  },
+};

extensions/ql-vscode/CHANGELOG.md

@@ -0,0 +1,319 @@
+# CodeQL for Visual Studio Code: Changelog
+
+## 1.5.6 - 07 October 2021
+
+- Add progress messages to LGTM download option. This makes the two-step process (selecting a project, then selecting a language) more clear. [#960](https://github.com/github/vscode-codeql/pull/960)
+- Remove line about selecting a language from the dropdown when downloading database from LGTM. This makes the download progress visible when the popup is not expanded. [#957](https://github.com/github/vscode-codeql/pull/957)
+- Fix a bug where copying the version information fails when a CodeQL CLI cannot be found. [#958](https://github.com/github/vscode-codeql/pull/958)
+- Avoid a race condition when deleting databases that can cause occasional errors. [#959](https://github.com/github/vscode-codeql/pull/959)
+- Update CodeQL logos. [#965](https://github.com/github/vscode-codeql/pull/965)
+
+## 1.5.5 - 08 September 2021
+
+- Fix bug where a query is sometimes run before the file is saved. [#947](https://github.com/github/vscode-codeql/pull/947)
+- Fix broken contextual queries, including _View AST_. [#949](https://github.com/github/vscode-codeql/pull/949)
+
+## 1.5.4 - 02 September 2021
+
+- Add support for filename pattern in history view. [#930](https://github.com/github/vscode-codeql/pull/930)
+- Add an option _View Results (CSV)_ to view the results of a non-alert query. The existing options for alert queries have been renamed to _View Alerts_ to avoid confusion. [#929](https://github.com/github/vscode-codeql/pull/929)
+- Allow users to specify the number of paths to display for each alert. [#931](https://github.com/github/vscode-codeql/pull/931)
+- Adjust pagination controls in _CodeQL Query Results_ to always be visible [#936](https://github.com/github/vscode-codeql/pull/936)
+- Fix bug where _View AST_ fails due to recent refactoring in the standard library and query packs. [#939](https://github.com/github/vscode-codeql/pull/939)
+
+## 1.5.3 - 18 August 2021
+
+- Add a command _CodeQL: Run Query on Multiple Databases_, which lets users select multiple databases to run a query on. [#898](https://github.com/github/vscode-codeql/pull/898)
+- Autodetect what language a query targets. This refines the _CodeQL: Run Query on Multiple Databases_ command to only show relevant databases. [#915](https://github.com/github/vscode-codeql/pull/915)
+- Adjust test log output to display diffs only when comparing failed test results with expected test results. [#920](https://github.com/github/vscode-codeql/pull/920)
+
+## 1.5.2 - 13 July 2021
+
+- Add the _Add Database Source to Workspace_ command to the right-click context menu in the databases view. This lets users re-add a database's source folder to the workspace and browse the source code. [#891](https://github.com/github/vscode-codeql/pull/891)
+- Fix markdown rendering in the description of the `codeQL.cli.executablePath` setting. [#908](https://github.com/github/vscode-codeql/pull/908)
+- Fix the _Open Query Results_ command in the query history view. [#909](https://github.com/github/vscode-codeql/pull/909)
+
+## 1.5.1 - 23 June 2021
+
+No user facing changes.
+
+## 1.5.0 - 14 June 2021
+
+- Display CodeQL CLI version being downloaded during an upgrade. [#862](https://github.com/github/vscode-codeql/pull/862)
+- Display a helpful message and link to documentation when a query produces no results. [#866](https://github.com/github/vscode-codeql/pull/866)
+- Refresh test databases automatically after a test run. [#868](https://github.com/github/vscode-codeql/pull/868)
+- Allow users to specify a custom directory for storing query server logs (`codeQL.runningQueries.customLogDirectory`). The extension will not delete these logs automatically. [#863](https://github.com/github/vscode-codeql/pull/863)
+- Support the VS Code [Workspace Trust feature](https://code.visualstudio.com/docs/editor/workspace-trust). This extension is now enabled in untrusted workspaces, but it restricts commands that contain arbitrary paths. [#861](https://github.com/github/vscode-codeql/pull/861)
+- Allow the `codeQL.cli.executablePath` configuration setting to be set in workspace-scoped configuration files. This means that each workspace can now specify its own CodeQL CLI compiler, a feature that is unblocked due to implementing Workspace Trust. [#861](https://github.com/github/vscode-codeql/pull/861)
+
+## 1.4.8 - 05 May 2021
+
+- Copy version information to the clipboard when a user clicks the CodeQL section of the status bar. [#845](https://github.com/github/vscode-codeql/pull/845)
+- Ensure changes in directories that contain tests will be properly updated in the test explorer. [#846](https://github.com/github/vscode-codeql/pull/846)
+- Remind users to choose a language when downloading a database from LGTM. [#852](https://github.com/github/vscode-codeql/pull/852)
+
+## 1.4.7 - 23 April 2021
+
+- Fix a bug that prevented the results view from being loaded. [#842](https://github.com/github/vscode-codeql/pull/842)
+
+## 1.4.6 - 21 April 2021
+
+- Avoid showing an error popup when running a query with `@kind table` metadata. [#814](https://github.com/github/vscode-codeql/pull/814)
+- Add an option to jump from a .qlref file to the .ql file it references. [#815](https://github.com/github/vscode-codeql/pull/815)
+- Avoid opening the results panel when a database is deleted. [#831](https://github.com/github/vscode-codeql/pull/831)
+- Forward all query metadata to the CLI when interpreting results. [#838](https://github.com/github/vscode-codeql/pull/838)
+
+## 1.4.5 - 22 March 2021
+
+- Avoid showing an error popup when user runs a query without `@kind` metadata. [#801](https://github.com/github/vscode-codeql/pull/801)
+- Fix running of tests when the `ms-python` extension is installed. [#803](https://github.com/github/vscode-codeql/pull/803)
+
+## 1.4.4 - 19 March 2021
+
+- Introduce evaluator options for saving intermediate results to the disk cache (`codeQL.runningQueries.saveCache`) and for limiting the size of this cache (`codeQL.runningQueries.cacheSize`). [#778](https://github.com/github/vscode-codeql/pull/778)
+- Respect the `codeQL.runningQueries.numberOfThreads` setting when creating SARIF files during result interpretation. [#771](https://github.com/github/vscode-codeql/pull/771)
+- Allow using raw LGTM project slugs for fetching LGTM databases. [#769](https://github.com/github/vscode-codeql/pull/769)
+- Better error messages when BQRS interpretation fails to produce SARIF. [#770](https://github.com/github/vscode-codeql/pull/770)
+- Implement sorting of the query history view by name, date, and results count. [#777](https://github.com/github/vscode-codeql/pull/777)
+- Add a configuration option to pass additional arguments to the CLI when running tests. [#785](https://github.com/github/vscode-codeql/pull/785)
+- Introduce option to view query results as CSV. [#784](https://github.com/github/vscode-codeql/pull/784)
+- Add some snippets for commonly used QL statements. [#782](https://github.com/github/vscode-codeql/pull/782)
+- More descriptive error messages on QL test failures. [#788](https://github.com/github/vscode-codeql/pull/788)
+
+## 1.4.3 - 22 February 2021
+
+- Avoid displaying an error when removing orphaned databases and the storage folder does not exist. [#748](https://github.com/github/vscode-codeql/pull/748)
+- Add better error messages when AST Viewer is unable to create an AST. [#753](https://github.com/github/vscode-codeql/pull/753)
+- Cache AST viewing operations so that subsequent calls to view the AST of a single file will be extremely fast. [#753](https://github.com/github/vscode-codeql/pull/753)
+- Ensure CodeQL version in status bar updates correctly when version changes. [#754](https://github.com/github/vscode-codeql/pull/754)
+- Avoid deleting the quick query file when it is re-opened. [#747](https://github.com/github/vscode-codeql/pull/747)
+
+## 1.4.2 - 2 February 2021
+
+- Add a status bar item for the CodeQL CLI to show the current version. [#741](https://github.com/github/vscode-codeql/pull/741)
+- Fix version constraint for flagging CLI support of non-destructive updates. [#744](https://github.com/github/vscode-codeql/pull/744)
+- Add a _More Information_ button in the telemetry popup that opens the [telemetry documentation](https://codeql.github.com/docs/codeql-for-visual-studio-code/about-telemetry-in-codeql-for-visual-studio-code) in a browser tab. [#742](https://github.com/github/vscode-codeql/pull/742)
+
+## 1.4.1 - 29 January 2021
+
+- Reword the telemetry modal dialog box. [#738](https://github.com/github/vscode-codeql/pull/738)
+
+## 1.4.0 - 29 January 2021
+
+- Fix bug where databases are not reregistered when the query server restarts. [#734](https://github.com/github/vscode-codeql/pull/734)
+- Fix bug where upgrade requests were erroneously being marked as failed. [#734](https://github.com/github/vscode-codeql/pull/734)
+- On a strictly opt-in basis, collect anonymized usage data from the VS Code extension, helping improve CodeQL's usability and performance. See the [telemetry documentation](https://codeql.github.com/docs/codeql-for-visual-studio-code/about-telemetry-in-codeql-for-visual-studio-code) for more information on exactly what data is collected and what it is used for. [#611](https://github.com/github/vscode-codeql/pull/611)
+
+## 1.3.10 - 20 January 2021
+
+- Include the full stack in error log messages to help with debugging. [#726](https://github.com/github/vscode-codeql/pull/726)
+
+## 1.3.9 - 12 January 2021
+
+- No changes visible to end users.
+
+## 1.3.8 - 17 December 2020
+
+- Ensure databases are unlocked when removing them from the workspace. This will ensure that after a database is removed from VS Code, queries can be run on it from the command line without restarting the IDE. Requires CodeQL CLI 2.4.1 or later. [#681](https://github.com/github/vscode-codeql/pull/681)
+- Fix bug when removing databases where sometimes the source folder would not also be removed from the workspace or the database files would not be deleted from the workspace storage location. [#692](https://github.com/github/vscode-codeql/pull/692)
+- Query results with no string representation will now be displayed with placeholder text in query results. Previously, they were omitted. [#694](https://github.com/github/vscode-codeql/pull/694)
+- Add a label for the language of a database in the databases view. This will only take effect for new databases created with the CodeQL CLI v2.4.1 or later. [#697](https://github.com/github/vscode-codeql/pull/697)
+- Add clearer error message when running a query using a missing or invalid qlpack. [#702](https://github.com/github/vscode-codeql/pull/702)
+- Add clearer error message when trying to run a command from the query history view if no item in the history is selected. [#702](https://github.com/github/vscode-codeql/pull/702)
+- Fix a bug where it is not possible to download some database archives. This fix specifically addresses large archives and archives whose central directories do not align with file headers. [#700](https://github.com/github/vscode-codeql/pull/700)
+- Avoid error dialogs when QL test discovery or database cleanup encounters a missing directory. [#706](https://github.com/github/vscode-codeql/pull/706)
+- Add descriptive text and a link in the results view. [#711](https://github.com/github/vscode-codeql/pull/711)
+- Fix the _Set Label_ command in the query history view. [#710](https://github.com/github/vscode-codeql/pull/710)
+- Add the _CodeQL: View AST_ command to the right-click context menu when a source file in a database source archive is open in the editor. [#712](https://github.com/github/vscode-codeql/pull/712)
+
+## 1.3.7 - 24 November 2020
+
+- Editors opened by navigating from the results view are no longer opened in _preview mode_. Now they are opened as a persistent editor. [#630](https://github.com/github/vscode-codeql/pull/630)
+- When comparing the results of a failed QL test run and the `.expected` file does not exist, an empty `.expected` file is created and compared against the `.actual` file. [#669](https://github.com/github/vscode-codeql/pull/669)
+- Alter structure of the _Test Explorer_ tree. It now follows the structure of the filesystem instead of the QL Packs. [#624](https://github.com/github/vscode-codeql/pull/624)
+- Alter structure of the _Test Explorer_ tree. It now follows the structure of the filesystem instead of the QL Packs. [#624](https://github.com/github/vscode-codeql/pull/624)
+- Add more structured output for tests. [#626](https://github.com/github/vscode-codeql/pull/626)
+- Whenever the extension restarts, orphaned databases will be cleaned up. These are databases whose files are located inside of the extension's storage area, but are not imported into the workspace.
+- After renaming a database, the database list is re-sorted. [#685](https://github.com/github/vscode-codeql/pull/685)
+- Add a `codeQl.resultsDisplay.pageSize` setting to configure the number of results displayed in a single results view page. Increase the default page size from 100 to 200. [#686](https://github.com/github/vscode-codeql/pull/686)
+- Update the AST Viewer to include edge labels (if available) in addition to the target node labels. So far, only C/C++ databases take advantage of this change. [#688](https://github.com/github/vscode-codeql/pull/688)
+
+## 1.3.6 - 4 November 2020
+
+- Fix URI encoding for databases that were created with special characters in their paths. [#648](https://github.com/github/vscode-codeql/pull/648)
+- Disable CodeQL Test commands from the command palette [#667](https://github.com/github/vscode-codeql/pull/667)
+- Fix display of booleans in results view. [#657](https://github.com/github/vscode-codeql/pull/657)
+- Avoid recursive selection changes in AST Viewer. [#668](https://github.com/github/vscode-codeql/pull/668)
+
+## 1.3.5 - 27 October 2020
+
+- Fix a bug where archived source folders for databases were not showing any contents.
+- Fix URI encoding for databases that were created with special characters in their paths.
+
+## 1.3.4 - 22 October 2020
+
+- Add friendly welcome message when the databases view is empty.
+- Add open query, open results, and remove query commands in the query history view title bar.
+- The maximum number of simultaneous queries launchable by the `CodeQL: Run Queries in Selected Files` command is now configurable by changing the `codeQL.runningQueries.maxQueries` setting.
+- Allow simultaneously run queries to be canceled in a single-click.
+- Prevent multiple upgrade dialogs from appearing when running simultaneous queries on upgradeable databases.
+- Fix sorting of results. Some pages of results would have the wrong sort order and columns.
+- Remember previous sort order when reloading query results.
+- Fix proper escaping of backslashes in SARIF message strings.
+- Allow setting `codeQL.runningQueries.numberOfThreads` and `codeQL.runningTests.numberOfThreads` to 0, (which is interpreted as 'use one thread per core on the machine').
+- Clear the problems view of all CodeQL query results when a database is removed.
+- Add a `View DIL` command on query history items. This opens a text editor containing the Datalog Intermediary Language representation of the compiled query.
+- Remove feature flag for the AST Viewer. For more information on how to use the AST Viewer, [see the documentation](https://help.semmle.com/codeql/codeql-for-vscode/procedures/exploring-the-structure-of-your-source-code.html).
+- The `codeQL.runningTests.numberOfThreads` setting is now used correctly when running tests.
+- Alter structure of the _Test Explorer_ tree. It now follows the structure of the filesystem instead of the qlpacks.
+- Ensure output of CodeQL test runs includes compilation error messages and test failure messages.
+
+## 1.3.3 - 16 September 2020
+
+- Fix display of raw results entities with label but no url.
+- Fix bug where sort order is forgotten when changing raw results page.
+- Avoid showing a location link in results view when a result item has an empty location.
+
+## 1.3.2 - 12 August 2020
+
+- Fix error with choosing qlpack search path.
+- Fix pagination when there are no results.
+- Suppress database downloaded from URL message when action canceled.
+- Fix QL test discovery to avoid showing duplicate tests in the test explorer.
+- Enable pagination of query results
+- Add experimental AST Viewer for Go and C++. To enable, add `"codeQL.experimentalAstViewer": true` to the user settings file.
+
+## 1.3.1 - 7 July 2020
+
+- Fix unzipping of large files.
+- Ensure compare order is consistent when selecting two queries to compare. The first query selected is always the _from_ query and the query selected later is always the _to_ query.
+- Ensure added databases have zipped source locations for databases added as archives or downloaded from the internet.
+- Fix bug where it is not possible to add databases starting with `db-*`.
+- Change styling of pagination section of the results page.
+- Fix display of query text for stored quick queries.
+
+## 1.3.0 - 22 June 2020
+
+- Report error when selecting invalid database.
+- Add descriptive message for database archive import failure.
+- Respect VS Code's i18n locale setting when formatting dates and sorting strings.
+- Allow the opening of large SARIF files externally from VS Code.
+- Add new 'CodeQL: Compare Query' command that shows the differences between two queries.
+- Allow multiple items in the query history view to be removed in one operation.
+- Allow multiple items in the databases view to be removed in one operation.
+- Allow multiple items in the databases view to be upgraded in one operation.
+- Allow multiple items in the databases view to have their external folders opened.
+- Allow all selected queries to be run in one command from the file explorer.
+
+## 1.2.2 - 8 June 2020
+
+- Fix auto-indentation rules.
+- Add ability to download platform-specific releases of the CodeQL CLI if they are available.
+- Fix handling of downloading prerelease versions of the CodeQL CLI.
+- Add pagination for displaying non-interpreted results.
+
+## 1.2.1 - 29 May 2020
+
+- Better formatting and autoindentation when adding QLDoc comments to `.ql` and `.qll` files.
+- Allow for more flexibility when opening a database in the workspace. A user can now choose the actual database folder, or the nested `db-*` folder.
+- Add query history menu command for viewing corresponding SARIF file.
+- Add ability for users to download databases directly from LGTM.com.
+
+## 1.2.0 - 19 May 2020
+
+- Enable 'Go to Definition' and 'Go to References' on source archive
+  files in CodeQL databases. This is handled by a CodeQL query.
+- Fix adding database archive files on Windows.
+- Enable adding remote and local database archive files from the
+  command palette.
+
+## 1.1.5 - 15 May 2020
+
+- Links in results are no longer underlined and monospaced.
+- Add the ability to choose a database either from an archive, a folder, or from the internet.
+- New icons for commands on the databases view.
+
+## 1.1.4 - 13 May 2020
+
+- Add the ability to download and install databases archives from the internet.
+
+## 1.1.3 - 8 May 2020
+
+- Add a suggestion in alerts view to view raw results, when there are
+  raw results but no alerts.
+- Add the ability to rename databases in the database view.
+- Add the ability to open the directory in the filesystem
+  of a database.
+
+## 1.1.2 - 28 April 2020
+
+- Implement syntax highlighting for the new `unique` aggregate.
+- Implement XML syntax highlighting for `.qhelp` files.
+- Add option to auto save queries before running them.
+- Add new command in query history to view the query text of the
+  selected query (note that this may be different from the current
+  contents of the query file if the file has been edited).
+- Add ability to sort CodeQL databases by name or by date added.
+
+## 1.1.1 - 23 March 2020
+
+- Fix quick evaluation in `.qll` files.
+- Add new command in query history view to view the log file of a
+  query.
+- Request user acknowledgment before updating the CodeQL binaries.
+- Warn when using the deprecated `codeql.cmd` launcher on Windows.
+
+## 1.1.0 - 17 March 2020
+
+- Add functionality for testing custom CodeQL queries by using the VS
+  Code Test Explorer extension and `codeql test`. See the documentation for
+  more details.
+- Add a "Show log" button to all information, error, and warning
+  popups that will display the CodeQL extension log.
+- Display a message when a query times out.
+- Show canceled queries in query history.
+- Improve error messages when attempting to run non-query files.
+
+## 1.0.6 - 28 February 2020
+
+- Add command to restart query server.
+- Enable support for future minor upgrades to the CodeQL CLI.
+
+## 1.0.5 - 13 February 2020
+
+- Add an icon next to any failed query runs in the query history
+  view.
+- Add the ability to sort alerts by alert message.
+
+## 1.0.4 - 24 January 2020
+
+- Disable word-based autocomplete by default.
+- Add command `CodeQL: Quick Query` for easy query creation without
+  having to choose a place in the filesystem to store the query file.
+
+## 1.0.3 - 13 January 2020
+
+- Reduce the frequency of CodeQL CLI update checks to help avoid hitting GitHub API limits of 60 requests per
+  hour for unauthenticated IPs.
+- Fix sorting of result sets with names containing special characters.
+
+## 1.0.2 - 13 December 2019
+
+- Fix rendering of negative numbers in results.
+- Allow customization of query history labels from settings and from
+  query history view context menu.
+- Show number of results in results view.
+- Add commands `CodeQL: Show Next Step on Path` and `CodeQL: Show Previous Step on Path` for navigating the steps on the currently
+  shown path result.
+
+## 1.0.1 - 21 November 2019
+
+- Change `codeQL.cli.executablePath` to a per-machine setting, so it can no longer be set at the user or workspace level. This helps prevent arbitrary code execution when using a VS Code workspace from an untrusted source.
+- Improve the highlighting of the selected query result within the source code.
+- Improve the performance of switching between result tables in the CodeQL Query Results view.
+- Fix the automatic upgrading of CodeQL databases when using upgrade scripts from the workspace.
+- Allow removal of items from the CodeQL Query History view.
+
+## 1.0.0 - 14 November 2019
+
+Initial release of CodeQL for Visual Studio Code.

extensions/ql-vscode/README.md

@@ -1,29 +1,31 @@
 # CodeQL extension for Visual Studio Code
 
-This project is an extension for Visual Studio Code that adds rich language support for [CodeQL](https://help.semmle.com/codeql) and allows you to easily find problems in codebases. In particular, the extension:
+This project is an extension for Visual Studio Code that adds rich language support for [CodeQL](https://codeql.github.com/docs/) and allows you to easily find problems in codebases. In particular, the extension:
 
-* Enables you to use CodeQL to query databases generated from source code.
-* Shows the flow of data through the results of path queries, which is essential for triaging security results.
-* Provides an easy way to run queries from the large, open source repository of [CodeQL security queries](https://github.com/Semmle/ql).
-* Adds IntelliSense to support you writing and editing your own CodeQL query and library files.
+- Enables you to use CodeQL to query databases generated from source code.
+- Shows the flow of data through the results of path queries, which is essential for triaging security results.
+- Provides an easy way to run queries from the large, open source repository of [CodeQL security queries](https://github.com/github/codeql).
+- Adds IntelliSense to support you writing and editing your own CodeQL query and library files.
+
+To see what has changed in the last few versions of the extension, see the [Changelog](https://github.com/github/vscode-codeql/blob/main/extensions/ql-vscode/CHANGELOG.md).
 
 ## Quick start overview
 
 The information in this `README` file describes the quickest way to start using CodeQL.
-For information about other configurations, see the separate [CodeQL help](https://help.semmle.com/codeql/codeql-for-vscode.html).
+For information about other configurations, see the separate [CodeQL help](https://codeql.github.com/docs/codeql-for-visual-studio-code/).
 
-**Quick start: Installing and configuring the extension**
+### Quick start: Installing and configuring the extension
 
 1. [Install the extension](#installing-the-extension).
 1. [Check access to the CodeQL CLI](#checking-access-to-the-codeql-cli).
 1. [Clone the CodeQL starter workspace](#cloning-the-codeql-starter-workspace).
 
-**Quick start: Using CodeQL**
+### Quick start: Using CodeQL
 
 1. [Import a database from LGTM](#importing-a-database-from-lgtm).
 1. [Run a query](#running-a-query).
 
------
+---
 
 ## Quick start: Installing and configuring the extension
 
@@ -38,19 +40,34 @@ The CodeQL extension requires a minimum of Visual Studio Code 1.39. Older versio
 
 ### Checking access to the CodeQL CLI
 
-The extension uses the [CodeQL CLI](https://help.semmle.com/codeql/codeql-cli.html) to compile and run queries. The extension automatically manages access to the CLI for you by default (recommended). To check for updates to the CodeQL CLI, you can use the **CodeQL: Check for CLI Updates** command.
+The extension uses the [CodeQL CLI](https://codeql.github.com/docs/codeql-cli/) to compile and run queries. The extension automatically manages access to the CLI for you by default (recommended). To check for updates to the CodeQL CLI, you can use the **CodeQL: Check for CLI Updates** command.
 
-If you want to override the default behavior and use a CodeQL CLI that's already on your machine, see [Configuring access to the CodeQL CLI](https://help.semmle.com/codeql/codeql-for-vscode/procedures/setting-up.html#configuring-access-to-the-codeql-cli).
+If you want to override the default behavior and use a CodeQL CLI that's already on your machine, see [Configuring access to the CodeQL CLI](https://codeql.github.com/docs/codeql-for-visual-studio-code/setting-up-codeql-in-visual-studio-code/#configuring-access-to-the-codeql-cli).
 
 If you have any difficulty with CodeQL CLI access, see the **CodeQL Extension Log** in the **Output** view for any error messages.
 
 ### Cloning the CodeQL starter workspace
 
 When you're working with CodeQL, you need access to the standard CodeQL libraries and queries.
-Initially, we recommend that you clone and use the ready-to-use starter workspace, https://github.com/github/vscode-codeql-starter/.
+Initially, we recommend that you clone and use the ready-to-use [starter workspace](https://github.com/github/vscode-codeql-starter/).
 This includes libraries and queries for the main supported languages, with folders set up ready for your custom queries. After cloning the workspace (use `git clone --recursive`), you can use it in the same way as any other VS Code workspace—with the added advantage that you can easily update the CodeQL libraries.
 
-For information about configuring an existing workspace for CodeQL, [see the documentation](https://help.semmle.com/codeql/codeql-for-vscode/procedures/setting-up.html#updating-an-existing-workspace-for-codeql).
+For information about configuring an existing workspace for CodeQL, [see the documentation](https://codeql.github.com/docs/codeql-for-visual-studio-code/setting-up-codeql-in-visual-studio-code/#updating-an-existing-workspace-for-codeql).
+
+## Upgrading CodeQL standard libraries
+
+You can easily keep up-to-date with the latest changes to the [CodeQL standard libraries](https://github.com/github/codeql).
+
+If you're using the [CodeQL starter workspace](https://github.com/github/vscode-codeql-starter/), you can pull in the latest standard libraries by running:
+
+```shell
+git pull
+git submodule update --recursive
+```
+
+in the starter workspace directory.
+
+If you're using your own clone of the CodeQL standard libraries, you can do a `git pull` from where you have the libraries checked out.
 
 ## Quick start: Using CodeQL
 
@@ -58,18 +75,15 @@ You can find all the commands contributed by the extension in the Command Palett
 
 ### Importing a database from LGTM
 
-While you can use the [CodeQL CLI to create your own databases](https://help.semmle.com/codeql/codeql-cli/procedures/create-codeql-database.html), the simplest way to start is by downloading a database from LGTM.com.
+While you can use the [CodeQL CLI to create your own databases](https://codeql.github.com/docs/codeql-cli/creating-codeql-databases/), the simplest way to start is by downloading a database from LGTM.com.
 
-1. Log in to LGTM.com.
-1. Find a project you're interested in and display the **Integrations** tab (for example, [Apache Kafka](https://lgtm.com/projects/g/apache/kafka/ci/)).
-1. Scroll to the **CodeQL databases for local analysis** section at the bottom of the page.
-1. Download databases for the languages that you want to explore.
-1. Unzip the databases.
-1. For each database that you want to import:
-    1. In the VS Code sidebar, go to **CodeQL** > **Databases** and click **+**.
-    1. Browse to the unzipped database folder (the parent folder that contains `db-<language>` and `src`) and select **Choose database** to add it.
-
-When the import is complete, each CodeQL database is displayed in the CodeQL sidebar under **Databases**.
+1. Open [LGTM.com](https://lgtm.com/#explore) in your browser.
+1. Search for a project you're interested in, for example [Apache Kafka](https://lgtm.com/projects/g/apache/kafka).
+1. Copy the link to that project, for example `https://lgtm.com/projects/g/apache/kafka`.
+1. In VS Code, open the Command Palette and choose the **CodeQL: Download Database from LGTM** command.
+1. Paste the link you copied earlier.
+1. Select the language for the database you want to download (only required if the project has databases for multiple languages).
+1. Once the CodeQL database has been imported, it is displayed in the Databases view.
 
 ### Running a query
 
@@ -77,7 +91,7 @@ The instructions below assume that you're using the CodeQL starter workspace, or
 
 1. Expand the `ql` folder and locate a query to run. The standard queries are grouped by target language and then type, for example: `ql/java/ql/src/Likely Bugs`.
 1. Open a query (`.ql`) file.
-3. Right-click in the query window and select **CodeQL: Run Query**. Alternatively, open the Command Palette (**Ctrl+Shift+P** or **Cmd+Shift+P**), type `Run Query`, then select **CodeQL: Run Query**.
+1. Right-click in the query window and select **CodeQL: Run Query**. Alternatively, open the Command Palette (**Ctrl+Shift+P** or **Cmd+Shift+P**), type `Run Query`, then select **CodeQL: Run Query**.
 
 The CodeQL extension runs the query on the current database using the CLI and reports progress in the bottom right corner of the application.
 When the results are ready, they're displayed in the CodeQL Query Results view. Use the dropdown menu to choose between different forms of result output.
@@ -86,13 +100,17 @@ If there are any problems running a query, a notification is displayed in the bo
 
 ## What next?
 
-For more information about the CodeQL extension, [see the documentation](https://help.semmle.com/codeql/codeql-for-vscode.html). Otherwise, you could:
+For more information about the CodeQL extension, [see the documentation](https://codeql.github.com/docs/codeql-for-visual-studio-code/). Otherwise, you could:
 
-* [Create a database for a different codebase](https://help.semmle.com/codeql/codeql-cli/procedures/create-codeql-database.html).
-* [Try out variant analysis](https://help.semmle.com/QL/learn-ql/ql-training.html).
-* [Learn more about CodeQL](https://help.semmle.com/QL/learn-ql/).
-* [Read how security researchers use CodeQL to find CVEs](https://securitylab.github.com/research).
+- [Create a database for a different codebase](https://codeql.github.com/docs/codeql-cli/creating-codeql-databases/).
+- [Try out variant analysis](https://help.semmle.com/QL/learn-ql/ql-training.html).
+- [Learn more about CodeQL](https://codeql.github.com/docs/).
+- [Read how security researchers use CodeQL to find CVEs](https://securitylab.github.com/research).
 
 ## License
 
 The CodeQL extension for Visual Studio Code is [licensed](LICENSE.md) under the MIT License. The version of CodeQL used by the CodeQL extension is subject to the [GitHub CodeQL Terms & Conditions](https://securitylab.github.com/tools/codeql/license).
+
+## Data and Telemetry
+
+If you specifically opt-in to permit GitHub to do so, GitHub will collect usage data and metrics for the purposes of helping the core developers to improve the CodeQL extension for VS Code. This data will not be shared with any parties outside of GitHub. IP addresses and installation IDs will be retained for a maximum of 30 days. Anonymous data will be retained for a maximum of 180 days. For more information about telemetry, [see the documentation](https://codeql.github.com/docs/codeql-for-visual-studio-code/about-telemetry-in-codeql-for-visual-studio-code).

extensions/ql-vscode/gulpfile.js/index.js

@@ -1,19 +0,0 @@
-'use strict';
-
-require('ts-node').register({});
-const gulp = require('gulp');
-const {
-  compileTypeScript,
-  watchTypeScript,
-  packageExtension,
-  compileTextMateGrammar,
-  copyTestData,
-  copyViewCss
-} = require('build-tasks');
-const { compileView } = require('./webpack');
-
-exports.buildWithoutPackage = gulp.parallel(compileTypeScript, compileTextMateGrammar, compileView, copyTestData, copyViewCss);
-exports.compileTextMateGrammar = compileTextMateGrammar;
-exports.default = gulp.series(exports.buildWithoutPackage, packageExtension);
-exports.watchTypeScript = watchTypeScript;
-exports.compileTypeScript = compileTypeScript;

extensions/ql-vscode/gulpfile.js/webpack.ts

@@ -1,27 +0,0 @@
-import * as webpack from 'webpack';
-import { config } from './webpack.config';
-
-export function compileView(cb: (err?: Error) => void) {
-  webpack(config).run((error, stats) => {
-    if (error) {
-      cb(error);
-    }
-    console.log(stats.toString({
-      errorDetails: true,
-      colors: true,
-      assets: false,
-      builtAt: false,
-      version: false,
-      hash: false,
-      entrypoints: false,
-      timings: false,
-      modules: false
-    }));
-    if (stats.hasErrors()) {
-      cb(new Error('Compilation errors detected.'));
-      return;
-    }
-
-    cb();
-  });
-}

extensions/ql-vscode/gulpfile.ts/appInsights.ts

@@ -0,0 +1,16 @@
+import * as gulp from 'gulp';
+import * as replace from 'gulp-replace';
+
+/** Inject the application insights key into the telemetry file */
+export function injectAppInsightsKey() {
+  if (!process.env.APP_INSIGHTS_KEY) {
+    // noop
+    console.log('APP_INSIGHTS_KEY environment variable is not set. So, cannot inject it into the application.');
+    return Promise.resolve();
+  }
+
+  // replace the key
+  return gulp.src(['out/telemetry.js'])
+    .pipe(replace(/REPLACE-APP-INSIGHTS-KEY/, process.env.APP_INSIGHTS_KEY))
+    .pipe(gulp.dest('out/'));
+}

extensions/ql-vscode/gulpfile.ts/deploy.ts

@@ -0,0 +1,73 @@
+import * as fs from 'fs-extra';
+import * as jsonc from 'jsonc-parser';
+import * as path from 'path';
+
+export interface DeployedPackage {
+  distPath: string;
+  name: string;
+  version: string;
+}
+
+const packageFiles = [
+  '.vscodeignore',
+  'CHANGELOG.md',
+  'README.md',
+  'language-configuration.json',
+  'snippets.json',
+  'media',
+  'node_modules',
+  'out'
+];
+
+async function copyPackage(sourcePath: string, destPath: string): Promise<void> {
+  for (const file of packageFiles) {
+    console.log(`copying ${path.resolve(sourcePath, file)} to ${path.resolve(destPath, file)}`);
+    await fs.copy(path.resolve(sourcePath, file), path.resolve(destPath, file));
+  }
+}
+
+export async function deployPackage(packageJsonPath: string): Promise<DeployedPackage> {
+  try {
+    const packageJson: any = jsonc.parse(await fs.readFile(packageJsonPath, 'utf8'));
+
+    // Default to development build; use flag --release to indicate release build.
+    const isDevBuild = !process.argv.includes('--release');
+    const distDir = path.join(__dirname, '../../../dist');
+    await fs.mkdirs(distDir);
+
+    if (isDevBuild) {
+      // NOTE: rootPackage.name had better not have any regex metacharacters
+      const oldDevBuildPattern = new RegExp('^' + packageJson.name + '[^/]+-dev[0-9.]+\\.vsix$');
+      // Dev package filenames are of the form
+      //    vscode-codeql-0.0.1-dev.2019.9.27.19.55.20.vsix
+      (await fs.readdir(distDir)).filter(name => name.match(oldDevBuildPattern)).map(build => {
+        console.log(`Deleting old dev build ${build}...`);
+        fs.unlinkSync(path.join(distDir, build));
+      });
+      const now = new Date();
+      packageJson.version = packageJson.version +
+        `-dev.${now.getUTCFullYear()}.${now.getUTCMonth() + 1}.${now.getUTCDate()}` +
+        `.${now.getUTCHours()}.${now.getUTCMinutes()}.${now.getUTCSeconds()}`;
+    }
+
+    const distPath = path.join(distDir, packageJson.name);
+    await fs.remove(distPath);
+    await fs.mkdirs(distPath);
+
+    await fs.writeFile(path.join(distPath, 'package.json'), JSON.stringify(packageJson, null, 2));
+
+    const sourcePath = path.join(__dirname, '..');
+    console.log(`Copying package '${packageJson.name}' and its dependencies to '${distPath}'...`);
+    await copyPackage(sourcePath, distPath);
+
+    return {
+      distPath: distPath,
+      name: packageJson.name,
+      version: packageJson.version
+    };
+  }
+  catch (e) {
+    console.error(e);
+    throw e;
+  }
+}

extensions/ql-vscode/gulpfile.ts/index.ts

@@ -0,0 +1,15 @@
+import * as gulp from 'gulp';
+import { compileTypeScript, watchTypeScript, copyViewCss } from './typescript';
+import { compileTextMateGrammar } from './textmate';
+import { copyTestData } from './tests';
+import { compileView } from './webpack';
+import { packageExtension } from './package';
+import { injectAppInsightsKey } from './appInsights';
+
+export const buildWithoutPackage =
+  gulp.parallel(
+    compileTypeScript, compileTextMateGrammar, compileView, copyTestData, copyViewCss
+  );
+
+export { compileTextMateGrammar, watchTypeScript, compileTypeScript, copyTestData, injectAppInsightsKey };
+export default gulp.series(buildWithoutPackage, injectAppInsightsKey, packageExtension);

extensions/ql-vscode/gulpfile.ts/package.ts

@@ -1,6 +1,6 @@
 import * as path from 'path';
 import { deployPackage } from './deploy';
-import * as child_process from 'child-process-promise';
+import * as childProcess from 'child-process-promise';
 
 export async function packageExtension(): Promise<void> {
   const deployedPackage = await deployPackage(path.resolve('package.json'));
@@ -9,7 +9,7 @@ export async function packageExtension(): Promise<void> {
     'package',
     '--out', path.resolve(deployedPackage.distPath, '..', `${deployedPackage.name}-${deployedPackage.version}.vsix`)
   ];
-  const proc = child_process.spawn('vsce', args, {
+  const proc = childProcess.spawn('./node_modules/.bin/vsce', args, {
     cwd: deployedPackage.distPath
   });
   proc.childProcess.stdout!.on('data', (data) => {

extensions/ql-vscode/gulpfile.ts/tests.ts

@@ -0,0 +1,17 @@
+import * as gulp from 'gulp';
+
+export function copyTestData() {
+  copyNoWorkspaceData();
+  copyCliIntegrationData();
+  return Promise.resolve();
+}
+
+function copyNoWorkspaceData() {
+  return gulp.src('src/vscode-tests/no-workspace/data/**/*')
+    .pipe(gulp.dest('out/vscode-tests/no-workspace/data'));
+}
+
+function copyCliIntegrationData() {
+  return gulp.src('src/vscode-tests/cli-integration/data/**/*')
+    .pipe(gulp.dest('out/vscode-tests/cli-integration/data'));
+}

extensions/ql-vscode/gulpfile.ts/textmate.ts

@@ -1,5 +1,5 @@
 import * as gulp from 'gulp';
-import * as js_yaml from 'js-yaml';
+import * as jsYaml from 'js-yaml';
 import * as through from 'through2';
 import * as PluginError from 'plugin-error';
 import * as Vinyl from 'vinyl';
@@ -13,9 +13,10 @@ import * as Vinyl from 'vinyl';
  */
 function replaceReferencesWithStrings(value: string, replacements: Map<string, string>): string {
   let result = value;
+  // eslint-disable-next-line no-constant-condition
   while (true) {
     const original = result;
-    for (const key of replacements.keys()) {
+    for (const key of Array.from(replacements.keys())) {
       result = result.replace(`(?#${key})`, `(?:${replacements.get(key)})`);
     }
     if (result === original) {
@@ -32,7 +33,7 @@ function replaceReferencesWithStrings(value: string, replacements: Map<string, s
  */
 function gatherMacros(yaml: any): Map<string, string> {
   const macros = new Map<string, string>();
-  for (var key in yaml.macros) {
+  for (const key in yaml.macros) {
     macros.set(key, yaml.macros[key]);
   }
 
@@ -55,7 +56,7 @@ function getNodeMatchText(rule: any): string {
   else if (rule.patterns !== undefined) {
     const patterns: string[] = [];
     // For a list of patterns, use the disjunction of those patterns.
-    for (var patternIndex in rule.patterns) {
+    for (const patternIndex in rule.patterns) {
       const pattern = rule.patterns[patternIndex];
       if (pattern.include !== null) {
         patterns.push('(?' + pattern.include + ')');
@@ -65,7 +66,7 @@ function getNodeMatchText(rule: any): string {
     return '(?:' + patterns.join('|') + ')';
   }
   else {
-    return ''
+    return '';
   }
 }
 
@@ -78,7 +79,7 @@ function getNodeMatchText(rule: any): string {
  */
 function gatherMatchTextForRules(yaml: any): Map<string, string> {
   const replacements = new Map<string, string>();
-  for (var key in yaml.repository) {
+  for (const key in yaml.repository) {
     const node = yaml.repository[key];
     replacements.set(key, getNodeMatchText(node));
   }
@@ -106,7 +107,7 @@ function visitAllRulesInFile(yaml: any, action: (rule: any) => void) {
  * @param action Callback to invoke on each rule.
  */
 function visitAllRulesInRuleMap(ruleMap: any, action: (rule: any) => void) {
-  for (var key in ruleMap) {
+  for (const key in ruleMap) {
     const rule = ruleMap[key];
     if ((typeof rule) === 'object') {
       action(rule);
@@ -124,7 +125,7 @@ function visitAllRulesInRuleMap(ruleMap: any, action: (rule: any) => void) {
  * @param action The transformation to make on each match pattern.
  */
 function visitAllMatchesInRule(rule: any, action: (match: any) => any) {
-  for (var key in rule) {
+  for (const key in rule) {
     switch (key) {
       case 'begin':
       case 'end':
@@ -184,10 +185,10 @@ function transformFile(yaml: any) {
   visitAllRulesInFile(yaml, (rule) => {
     visitAllMatchesInRule(rule, (match) => {
       if ((typeof match) === 'object') {
-        for (var key in match) {
+        for (const key in match) {
           return macros.get(key)!.replace('(?#)', `(?:${match[key]})`);
         }
-        throw new Error("No key in macro map.")
+        throw new Error('No key in macro map.');
       }
       else {
         return match;
@@ -218,14 +219,14 @@ function transformFile(yaml: any) {
 }
 
 export function transpileTextMateGrammar() {
-  return through.obj((file: Vinyl, encoding: string, callback: Function): void => {
+  return through.obj((file: Vinyl, _encoding: string, callback: Function): void => {
     if (file.isNull()) {
       callback(null, file);
     }
     else if (file.isBuffer()) {
       const buf: Buffer = file.contents;
       const yamlText: string = buf.toString('utf8');
-      const jsonData: any = js_yaml.safeLoad(yamlText);
+      const jsonData: any = jsYaml.safeLoad(yamlText);
       transformFile(jsonData);
 
       file.contents = Buffer.from(JSON.stringify(jsonData, null, 2), 'utf8');

extensions/ql-vscode/gulpfile.ts/tsconfig.json

@@ -1,28 +1,22 @@
 {
+  "$schema": "https://json.schemastore.org/tsconfig",
   "compilerOptions": {
     "declaration": true,
+    "strict": true,
     "module": "commonjs",
     "target": "es2017",
-    "outDir": "out",
-    "lib": [
-      "es6"
-    ],
+    "lib": ["es6"],
     "moduleResolution": "node",
     "sourceMap": true,
-    "rootDir": "../../src",
+    "rootDir": ".",
     "strictNullChecks": true,
     "noFallthroughCasesInSwitch": true,
     "preserveWatchOutput": true,
     "newLine": "lf",
     "noImplicitReturns": true,
-    "experimentalDecorators": true
+    "experimentalDecorators": true,
+    "noUnusedLocals": true,
+    "noUnusedParameters": true
   },
-  "include": [
-    "../../src/**/*.ts"
-  ],
-  "exclude": [
-    "../../node_modules",
-    "../../test",
-    "../../**/view"
-  ]
-}
+  "include": ["*.ts"]
+}

extensions/ql-vscode/gulpfile.ts/typescript.ts

@@ -0,0 +1,42 @@
+import * as colors from 'ansi-colors';
+import * as gulp from 'gulp';
+import * as sourcemaps from 'gulp-sourcemaps';
+import * as ts from 'gulp-typescript';
+
+function goodReporter(): ts.reporter.Reporter {
+  return {
+    error: (error, typescript) => {
+      if (error.tsFile) {
+        console.log('[' + colors.gray('gulp-typescript') + '] ' + colors.red(error.fullFilename
+          + '(' + (error.startPosition!.line + 1) + ',' + error.startPosition!.character + '): ')
+          + 'error TS' + error.diagnostic.code + ': ' + typescript.flattenDiagnosticMessageText(error.diagnostic.messageText, '\n'));
+      }
+      else {
+        console.log(error.message);
+      }
+    },
+  };
+}
+
+const tsProject = ts.createProject('tsconfig.json');
+
+export function compileTypeScript() {
+  return tsProject.src()
+    .pipe(sourcemaps.init())
+    .pipe(tsProject(goodReporter()))
+    .pipe(sourcemaps.write('.', {
+      includeContent: false,
+      sourceRoot: '.',
+    }))
+    .pipe(gulp.dest('out'));
+}
+
+export function watchTypeScript() {
+  gulp.watch('src/**/*.ts', compileTypeScript);
+}
+
+/** Copy CSS files for the results view into the output directory. */
+export function copyViewCss() {
+  return gulp.src('src/view/*.css')
+    .pipe(gulp.dest('out'));
+}

extensions/ql-vscode/gulpfile.ts/webpack.config.ts

@@ -4,21 +4,28 @@ import * as webpack from 'webpack';
 export const config: webpack.Configuration = {
   mode: 'development',
   entry: {
-    resultsView: './src/view/results.tsx'
+    resultsView: './src/view/results.tsx',
+    compareView: './src/compare/view/Compare.tsx',
   },
   output: {
     path: path.resolve(__dirname, '..', 'out'),
-    filename: "[name].js"
+    filename: '[name].js'
   },
-  devtool: 'source-map',
+  devtool: 'inline-source-map',
   resolve: {
-    extensions: ['.js', '.ts', '.tsx', '.json']
+    extensions: ['.js', '.ts', '.tsx', '.json'],
+    fallback: {
+      path: require.resolve('path-browserify')
+    }
   },
   module: {
     rules: [
       {
         test: /\.(ts|tsx)$/,
         loader: 'ts-loader',
+        options: {
+          configFile: 'src/view/tsconfig.json',
+        }
       },
       {
         test: /\.less$/,

extensions/ql-vscode/gulpfile.ts/webpack.ts

@@ -0,0 +1,30 @@
+import * as webpack from 'webpack';
+import { config } from './webpack.config';
+
+export function compileView(cb: (err?: Error) => void) {
+  webpack(config).run((error, stats) => {
+    if (error) {
+      cb(error);
+    }
+    if (stats) {
+      console.log(stats.toString({
+        errorDetails: true,
+        colors: true,
+        assets: false,
+        builtAt: false,
+        version: false,
+        hash: false,
+        entrypoints: false,
+        timings: false,
+        modules: false,
+        errors: true
+      }));
+      if (stats.hasErrors()) {
+        cb(new Error('Compilation errors detected.'));
+        return;
+      }
+    }
+
+    cb();
+  });
+}

extensions/ql-vscode/language-configuration.json

@@ -1,72 +1,34 @@
 {
-    "comments": {
-        // symbol used for single line comment. Remove this entry if your language does not support line comments
-        "lineComment": "//",
-        // symbols used for start and end a block comment. Remove this entry if your language does not support block comments
-        "blockComment": [
-            "/*",
-            "*/"
-        ]
-    },
-    // symbols used as brackets
-    "brackets": [
-        [
-            "{",
-            "}"
-        ],
-        [
-            "[",
-            "]"
-        ],
-        [
-            "(",
-            ")"
-        ]
-    ],
-    // symbols that are auto closed when typing
-    "autoClosingPairs": [
-        [
-            "{",
-            "}"
-        ],
-        [
-            "[",
-            "]"
-        ],
-        [
-            "(",
-            ")"
-        ],
-        [
-            "\"",
-            "\""
-        ],
-        [
-            "'",
-            "'"
-        ]
-    ],
-    // symbols that that can be used to surround a selection
-    "surroundingPairs": [
-        [
-            "{",
-            "}"
-        ],
-        [
-            "[",
-            "]"
-        ],
-        [
-            "(",
-            ")"
-        ],
-        [
-            "\"",
-            "\""
-        ],
-        [
-            "'",
-            "'"
-        ]
-    ]
-}
+  "comments": {
+    "lineComment": "//",
+    "blockComment": ["/*", "*/"]
+  },
+  "brackets": [
+    ["{", "}"],
+    ["[", "]"],
+    ["(", ")"]
+  ],
+  "autoClosingPairs": [
+    { "open": "{", "close": "}" },
+    { "open": "[", "close": "]" },
+    { "open": "(", "close": ")" },
+    { "open": "'", "close": "'", "notIn": ["string", "comment"] },
+    { "open": "\"", "close": "\"", "notIn": ["string"] },
+    { "open": "/**", "close": " */", "notIn": ["string"] }
+  ],
+  "autoCloseBefore": ";:.=}])> \n\t",
+  "surroundingPairs": [
+    ["{", "}"],
+    ["[", "]"],
+    ["(", ")"],
+    ["'", "'"],
+    ["\"", "\""]
+  ],
+  "folding": {
+    "markers": {
+      "start": "^\\s*//\\s*#?region\\b",
+      "end": "^\\s*//\\s*#?endregion\\b"
+    }
+  },
+  "wordPattern": "(-?\\d*\\.\\d\\w*)|([^\\~\\!\\@\\#\\%\\^\\&\\*\\(\\)\\-\\=\\+\\[\\{\\]\\}\\\\\\|\\;\\:\\'\\\"\\.\\<\\>\\/\\?\\s]+)"
+}

extensions/ql-vscode/media/dark/archive-plus.svg

@@ -0,0 +1,5 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M14.5 1H1.5L1 1.5V4.5L1.5 5H2V13.5L2.5 14H13.5L14 13.5V5H14.5L15 4.5V1.5L14.5 1ZM13.5 4H2.5H2V2H14V4H13.5ZM3 13V5H13V13H3ZM11 7H5V8H11V7Z" fill="#C5C5C5"/>
+<line y2="12" x2="8" y1="12" x1="16" stroke-width="1" stroke="green" fill="none"/>
+<line y2="8" x2="12" y1="16" x1="12" stroke-width="1" stroke="green" fill="none"/>
+</svg>

extensions/ql-vscode/media/dark/clear-all.svg

@@ -0,0 +1,7 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M10 12.6L10.7 13.3L12.3 11.7L13.9 13.3L14.7 12.6L13 11L14.7 9.40005L13.9 8.60005L12.3 10.3L10.7 8.60005L10 9.40005L11.6 11L10 12.6Z" fill="#C5C5C5"/>
+<path d="M1 4L15 4L15 3L1 3L1 4Z" fill="#C5C5C5"/>
+<path d="M1 7L15 7L15 6L1 6L1 7Z" fill="#C5C5C5"/>
+<path d="M9 9.5L9 9L1 9L1 10L9 10L9 9.5Z" fill="#C5C5C5"/>
+<path d="M9 13L9 12.5L9 12L1 12L1 13L9 13Z" fill="#C5C5C5"/>
+</svg>

extensions/ql-vscode/media/dark/cloud-download.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M11.9565 6H12.0064C12.8004 6 13.5618 6.31607 14.1232 6.87868C14.6846 7.44129 15 8.20435 15 9C15 9.79565 14.6846 10.5587 14.1232 11.1213C13.5618 11.6839 12.8004 12 12.0064 12V11C12.5357 11 13.0434 10.7893 13.4176 10.4142C13.7919 10.0391 14.0021 9.53044 14.0021 9C14.0021 8.46957 13.7919 7.96086 13.4176 7.58579C13.0434 7.21072 12.5357 7 12.0064 7H11.0924L10.9687 6.143C10.8938 5.60541 10.6456 5.10711 10.2618 4.72407C9.87801 4.34103 9.37977 4.09427 8.84303 4.02143C8.30629 3.94859 7.76051 4.05365 7.2889 4.3206C6.81729 4.58754 6.44573 5.00173 6.23087 5.5L5.89759 6.262L5.08933 6.073C4.90382 6.02699 4.71364 6.0025 4.52255 6C3.86093 6 3.22641 6.2634 2.75858 6.73224C2.29075 7.20108 2.02792 7.83696 2.02792 8.5C2.02792 9.16304 2.29075 9.79893 2.75858 10.2678C3.22641 10.7366 3.86093 11 4.52255 11H5.02148V12H4.52255C4.02745 12.0043 3.5371 11.903 3.08403 11.7029C2.63096 11.5028 2.22553 11.2084 1.89461 10.8394C1.5637 10.4703 1.31488 10.0349 1.16465 9.56211C1.01442 9.08932 0.966217 8.58992 1.02324 8.09704C1.08026 7.60416 1.24121 7.12906 1.4954 6.70326C1.74959 6.27745 2.09121 5.91068 2.49762 5.62727C2.90402 5.34385 3.36591 5.15027 3.85264 5.05937C4.33938 4.96847 4.83984 4.98232 5.32083 5.1C5.6241 4.40501 6.14511 3.82799 6.80496 3.45635C7.4648 3.08472 8.22753 2.9387 8.9776 3.04044C9.72768 3.14217 10.4242 3.4861 10.9618 4.02014C11.4993 4.55418 11.8485 5.24923 11.9565 6ZM6.70719 11.1214L8.0212 12.4354V7H9.01506V12.3992L10.2929 11.1214L11 11.8285L8.85356 13.9749H8.14645L6.00008 11.8285L6.70719 11.1214Z" fill="#C5C5C5"/>
+</svg>

extensions/ql-vscode/media/dark/edit.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M13.23 1H11.77L3.52002 9.25L3.35999 9.46997L1 13.59L2.41003 15L6.53003 12.64L6.75 12.48L15 4.22998V2.77002L13.23 1ZM2.41003 13.59L3.92004 10.59L5.37 12.04L2.41003 13.59ZM6.23999 11.53L4.46997 9.76001L12.47 1.76001L14.24 3.53003L6.23999 11.53Z" fill="#C5C5C5"/>
+</svg>

extensions/ql-vscode/media/dark/folder-opened-plus.svg

@@ -0,0 +1,5 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M0.5 14H12.5L12.98 13.63L15.61 6.63L15.13 6H13V3.5L12.5 3H6.70996L5.84998 2.15002L5.5 2H0.5L0 2.5V13.5L0.5 14ZM1 3H5.29004L6.15002 3.84998L6.5 4H12V6H8.5L8.15002 6.15002L7.29004 7H2.5L2.03003 7.33997L1.03003 10.42L1 3ZM12.13 13H1.18994L2.85999 8H7.5L7.84998 7.84998L8.70996 7H14.5L12.13 13Z" fill="#C5C5C5"/>
+<line y2="12" x2="8" y1="12" x1="16" stroke-width="1" stroke="green" fill="none"/>
+<line y2="8" x2="12" y1="16" x1="12" stroke-width="1" stroke="green" fill="none"/>
+</svg>

extensions/ql-vscode/media/dark/lgtm-plus.svg

@@ -0,0 +1,5 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 32 32" fill="none">
+  <path d="M16.010 6.49c-3.885 0-7.167 0.906-9.328 2.813-0.063-0.12-0.109-0.219-0.188-0.339-0.224-0.365-0.438-0.776-1.104-1.188-0.411-0.26-0.87-0.438-1.349-0.516-0.208-0.021-0.422-0.021-0.63 0l0.135-0.016c-1.214 0-1.922 0.724-2.385 1.354-0.458 0.625-0.755 1.328-0.948 2.099-0.38 1.542-0.385 3.536 1.083 5.026 0.766 0.781 1.667 1.151 2.484 1.37 0.156 0.042 0.297 0.052 0.448 0.083 0.531 2.521 2.104 4.656 4.208 5.839v0.005c1.24 0.693 2.417 1.010 3.297 1.349 1.234 0.479 2.536 1 4.052 1.135l0.078 0.005h0.198c1.745 0 3.063-0.703 4.203-1.141 0.875-0.333 2.052-0.641 3.302-1.344 0.578-0.323 1.115-0.719 1.594-1.172 1.318-1.234 2.229-2.839 2.625-4.599 1.115-0.182 2.141-0.719 2.922-1.536 1.464-1.484 1.458-3.479 1.078-5.021-0.193-0.771-0.49-1.474-0.948-2.099-0.458-0.63-1.172-1.354-2.385-1.354l0.135 0.016c-0.208-0.021-0.422-0.021-0.63 0-0.479 0.078-0.938 0.255-1.344 0.516-0.667 0.411-0.88 0.823-1.104 1.182-0.073 0.12-0.12 0.219-0.188 0.333-2.156-1.901-5.432-2.802-9.313-2.802zM16.042 8.313c4.745 0 8.016 1.422 9.411 3.964 0.839-0.323 1.453-2.521 2.146-2.948 0.563-0.344 0.885-0.26 0.885-0.26 1.271 0 2.578 3.729 0.953 5.38-0.859 0.875-2.443 1.12-3.229 1.057-0.063 2.542-1.542 4.833-3.5 5.932-1 0.563-2.068 0.854-3.063 1.234-1.229 0.469-2.38 1.016-3.547 1.016h-0.125c-1.161-0.099-2.318-0.542-3.547-1.016-0.995-0.38-2.068-0.682-3.063-1.24-1.948-1.099-3.427-3.391-3.49-5.927-0.781 0.068-2.385-0.177-3.245-1.057-1.625-1.651-0.318-5.38 0.948-5.38 0 0 0.328-0.083 0.885 0.26 0.698 0.427 1.318 2.646 2.161 2.953 1.391-2.547 4.667-3.969 9.417-3.969zM10.875 11.422c-2.276-0.042-4.146 1.792-4.146 4.068 0 2.281 1.87 4.115 4.146 4.073 5.328-0.099 5.328-8.047 0-8.141zM21.208 11.422c-5.427 0-5.427 8.141 0 8.141s5.427-8.141 0-8.141zM11.453 13.708c2.349 0.063 2.349 3.552 0 3.615-1.182 0-2.042-1.115-1.75-2.255 0.318 0.771 1.469 0.547 1.464-0.292 0-0.406-0.318-0.745-0.729-0.76 0.302-0.203 0.656-0.313 1.016-0.307zM20.641 13.708c2.344 0.063 2.344 3.552 0 3.615-1.182 0-2.047-1.115-1.755-2.255 0.229 0.552 0.979 0.641 1.328 0.146 0.344-0.49 0.010-1.167-0.589-1.193 0.297-0.208 0.651-0.313 1.016-0.313zM15.359 19.906c-0.318 0.026-0.5 0.193-0.5 0.635 0 0.281 0.182 0.484 0.5 0.484 0.229 0 0.266-0.323 0.047-0.375-0.031-0.005-0.172-0.057-0.172-0.182 0-0.12 0-0.167 0.24-0.198 0.104-0.016 0.156-0.141 0.125-0.24s-0.125-0.135-0.24-0.125zM16.724 19.906c-0.115-0.005-0.208 0.026-0.24 0.125s0.021 0.224 0.125 0.24c0.24 0.031 0.24 0.078 0.24 0.198 0 0.125-0.141 0.177-0.172 0.182-0.219 0.052-0.182 0.375 0.042 0.375 0.323 0 0.51-0.203 0.51-0.484 0-0.443-0.188-0.609-0.505-0.635z" fill="#C5C5C5"/>
+  <line y2="24" x2="16" y1="26" x1="32" stroke-width="2" stroke="green" fill="none"/>
+  <line y2="16" x2="24" y1="32" x1="24" stroke-width="1" stroke="green" fill="none"/>
+</svg>

extensions/ql-vscode/media/dark/preview.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M2 2H14L15 3V13L14 14H2L1 13V3L2 2ZM2 13H14V3H2V13ZM13 4H3V7H13V4ZM12 6H4V5H12V6ZM9 12H13V8H9V12ZM10 9H12V11H10V9ZM7 8H3V9H7V8ZM3 11H7V12H3V11Z" fill="#C5C5C5"/>
+</svg>

extensions/ql-vscode/media/dark/sort-alpha.svg

@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Capa_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" fill="none"
+	 viewBox="0 0 432 432" style="enable-background:new 0 0 432 432;" xml:space="preserve">
+<g>
+	<g>
+		<g>
+			<polygon points="234.24,9.067 183.893,59.413 284.587,59.413" fill="#C5C5C5"/>
+			<polygon points="301.44,304.32 427.947,120.853 427.947,93.973 250.88,93.973 250.88,128.107 376.32,128.107 250.027,310.72
+				250.027,338.24 432,338.24 432,304.32" fill="#C5C5C5"/>
+			<polygon points="234.24,422.933 283.947,373.227 184.533,373.227" fill="#C5C5C5"/>
+			<path d="M226.773,338.24L130.987,93.76H96L0,338.24h39.253l19.627-52.267h109.013l19.627,52.267H226.773z M71.893,250.987
+				L113.28,140.48l41.387,110.507H71.893z" fill="#C5C5C5"/>
+		</g>
+	</g>
+</g>
+</svg>

extensions/ql-vscode/media/dark/sort-date.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M7 2L6 3V6H7V3H14V5.45306L14.2071 5.29286L15 6.08576V3L14 2H7ZM8 4H10V6H8V4ZM5 9H3V11H5V9ZM2 7L1 8V13L2 14H9L10 13V8L9 7H2ZM2 13V8H9V13H2ZM8 10H6V12H8V10ZM13 4H12V7.86388L10.818 6.68192L10.1109 7.38903L12.1465 9.42454L12.8536 9.42454L14.889 7.38908L14.1819 6.68197L13 7.86388V4Z" fill="#C5C5C5"/>
+</svg>

extensions/ql-vscode/media/dark/sort-num.svg

@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Capa_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" fill="none"
+	 viewBox="0 0 432 432" style="enable-background:new 0 0 432 432;" xml:space="preserve">
+<g>
+	<g>
+		<g>
+			<polygon points="234.24,9.067 183.893,59.413 284.587,59.413" fill="#C5C5C5"/>
+			<path d="m 259.24622,341.40906 v -32.34375 q 13.35937,6.32812 27.07031,9.66797 13.71094,3.33984 26.89453,3.33984 35.15625,0 53.61328,-23.55469 18.63282,-23.73047 21.26953,-71.89453 -10.19531,15.11719 -25.83984,23.20313 -15.64453,8.08593 -34.62891,8.08593 -39.375,0 -62.40234,-23.73046 -22.85156,-23.90625 -22.85156,-65.21485 0,-40.42969 23.90625,-64.86328 23.90625,-24.433594 63.63281,-24.433594 45.52734,0 69.43359,34.980474 24.08204,34.80468 24.08204,101.25 0,62.05078 -29.53125,99.14062 -29.35547,36.91406 -79.10157,36.91406 -13.35937,0 -27.07031,-2.63672 -13.71094,-2.63671 -28.47656,-7.91015 z m 70.66406,-111.26953 q 23.90625,0 37.79297,-16.34766 14.0625,-16.34766 14.0625,-44.82422 0,-28.30078 -14.0625,-44.64844 -13.88672,-16.52343 -37.79297,-16.52343 -23.90625,0 -37.96875,16.52343 -13.88672,16.34766 -13.88672,44.64844 0,28.47656 13.88672,44.82422 14.0625,16.34766 37.96875,16.34766 z" fill="#C5C5C5" />
+			<polygon points="234.24,422.933 283.947,373.227 184.533,373.227" fill="#C5C5C5"/>
+			<path d="M 35.300905,316.97546 H 93.308718 V 116.76062 L 30.203249,129.41687 V 97.07312 L 92.957155,84.41687 h 35.507815 v 232.55859 h 58.00781 v 29.88282 H 35.300905 Z" fill="#C5C5C5"/>
+		</g>
+	</g>
+</g>
+</svg>

extensions/ql-vscode/media/dark/trash.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M10 3H12H13V4H12V13L11 14H4L3 13V4H2V3H5V2C5 1.73478 5.10531 1.48038 5.29285 1.29285C5.48038 1.10531 5.73478 1 6 1H9C9.26522 1 9.51962 1.10531 9.70715 1.29285C9.89469 1.48038 10 1.73478 10 2V3ZM9 2H6V3H9V2ZM4 13H11V4H4V13ZM6 5H5V12H6V5ZM7 5H8V12H7V5ZM9 5H10V12H9V5Z" fill="#C5C5C5"/>
+</svg>

extensions/ql-vscode/media/light/archive-plus.svg

@@ -0,0 +1,5 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M14.5 1H1.5L1 1.5V4.5L1.5 5H2V13.5L2.5 14H13.5L14 13.5V5H14.5L15 4.5V1.5L14.5 1ZM13.5 4H2.5H2V2H14V4H13.5ZM3 13V5H13V13H3ZM11 7H5V8H11V7Z" fill="#424242"/>
+<line y2="12" x2="8" y1="12" x1="16" stroke-width="1" stroke="green" fill="none"/>
+<line y2="8" x2="12" y1="16" x1="12" stroke-width="1" stroke="green" fill="none"/>
+</svg>

extensions/ql-vscode/media/light/clear-all.svg

@@ -0,0 +1,7 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M10.0001 12.6L10.7001 13.3L12.3001 11.7L13.9001 13.3L14.7001 12.6L13.0001 11L14.7001 9.40005L13.9001 8.60005L12.3001 10.3L10.7001 8.60005L10.0001 9.40005L11.6001 11L10.0001 12.6Z" fill="#424242"/>
+<path d="M1.00006 4L15.0001 4L15.0001 3L1.00006 3L1.00006 4Z" fill="#424242"/>
+<path d="M1.00006 7L15.0001 7L15.0001 6L1.00006 6L1.00006 7Z" fill="#424242"/>
+<path d="M9.00006 9.5L9.00006 9L1.00006 9L1.00006 10L9.00006 10L9.00006 9.5Z" fill="#424242"/>
+<path d="M9.00006 13L9.00006 12.5L9.00006 12L1.00006 12L1.00006 13L9.00006 13Z" fill="#424242"/>
+</svg>

extensions/ql-vscode/media/light/cloud-download.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M11.9565 6H12.0064C12.8004 6 13.5618 6.31607 14.1232 6.87868C14.6846 7.44129 15 8.20435 15 9C15 9.79565 14.6846 10.5587 14.1232 11.1213C13.5618 11.6839 12.8004 12 12.0064 12V11C12.5357 11 13.0434 10.7893 13.4176 10.4142C13.7919 10.0391 14.0021 9.53044 14.0021 9C14.0021 8.46957 13.7919 7.96086 13.4176 7.58579C13.0434 7.21072 12.5357 7 12.0064 7H11.0924L10.9687 6.143C10.8938 5.60541 10.6456 5.10711 10.2618 4.72407C9.87801 4.34103 9.37977 4.09427 8.84303 4.02143C8.30629 3.94859 7.76051 4.05365 7.2889 4.3206C6.81729 4.58754 6.44573 5.00173 6.23087 5.5L5.89759 6.262L5.08933 6.073C4.90382 6.02699 4.71364 6.0025 4.52255 6C3.86093 6 3.22641 6.2634 2.75858 6.73224C2.29075 7.20108 2.02792 7.83696 2.02792 8.5C2.02792 9.16304 2.29075 9.79893 2.75858 10.2678C3.22641 10.7366 3.86093 11 4.52255 11H5.02148V12H4.52255C4.02745 12.0043 3.5371 11.903 3.08403 11.7029C2.63096 11.5028 2.22553 11.2084 1.89461 10.8394C1.5637 10.4703 1.31488 10.0349 1.16465 9.56211C1.01442 9.08932 0.966217 8.58992 1.02324 8.09704C1.08026 7.60416 1.24121 7.12906 1.4954 6.70326C1.74959 6.27745 2.09121 5.91068 2.49762 5.62727C2.90402 5.34385 3.36591 5.15027 3.85264 5.05937C4.33938 4.96847 4.83984 4.98232 5.32083 5.1C5.6241 4.40501 6.14511 3.82799 6.80496 3.45635C7.4648 3.08472 8.22753 2.9387 8.9776 3.04044C9.72768 3.14217 10.4242 3.4861 10.9618 4.02014C11.4993 4.55418 11.8485 5.24923 11.9565 6ZM6.70719 11.1214L8.0212 12.4354V7H9.01506V12.3992L10.2929 11.1214L11 11.8285L8.85356 13.9749H8.14645L6.00008 11.8285L6.70719 11.1214Z" fill="#424242"/>
+</svg>

extensions/ql-vscode/media/light/edit.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M13.2302 1H11.7703L3.52026 9.25L3.36023 9.46997L1.00024 13.59L2.41028 15L6.53027 12.64L6.75024 12.48L15.0002 4.22998V2.77002L13.2302 1ZM2.41028 13.59L3.92029 10.59L5.37024 12.04L2.41028 13.59ZM6.24023 11.53L4.47021 9.76001L12.4702 1.76001L14.2402 3.53003L6.24023 11.53Z" fill="#424242"/>
+</svg>

extensions/ql-vscode/media/light/folder-opened-plus.svg

@@ -0,0 +1,12 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0)">
+<path d="M0.499817 14H12.4998L12.9798 13.63L15.6098 6.63L15.1298 6H12.9998V3.5L12.4998 3H6.70978L5.84979 2.15002L5.49982 2H0.499817L-0.000183105 2.5V13.5L0.499817 14ZM0.999817 3H5.28986L6.14984 3.84998L6.49982 4H11.9998V6H8.49982L8.14984 6.15002L7.28986 7H2.49982L2.02985 7.33997L1.02985 10.42L0.999817 3ZM12.1298 13H1.18976L2.8598 8H7.49982L7.84979 7.84998L8.70978 7H14.4998L12.1298 13Z" fill="#424242"/>
+<line y2="12" x2="8" y1="12" x1="16" stroke-width="1" stroke="green" fill="none"/>
+<line y2="8" x2="12" y1="16" x1="12" stroke-width="1" stroke="green" fill="none"/>
+</g>
+<defs>
+<clipPath id="clip0">
+<path d="M-0.000183105 0H15.9998V16H-0.000183105V0Z" fill="white"/>
+</clipPath>
+</defs>
+</svg>

extensions/ql-vscode/media/light/lgtm-plus.svg

@@ -0,0 +1,5 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 32 32" fill="none">
+  <path d="M16.010 6.49c-3.885 0-7.167 0.906-9.328 2.813-0.063-0.12-0.109-0.219-0.188-0.339-0.224-0.365-0.438-0.776-1.104-1.188-0.411-0.26-0.87-0.438-1.349-0.516-0.208-0.021-0.422-0.021-0.63 0l0.135-0.016c-1.214 0-1.922 0.724-2.385 1.354-0.458 0.625-0.755 1.328-0.948 2.099-0.38 1.542-0.385 3.536 1.083 5.026 0.766 0.781 1.667 1.151 2.484 1.37 0.156 0.042 0.297 0.052 0.448 0.083 0.531 2.521 2.104 4.656 4.208 5.839v0.005c1.24 0.693 2.417 1.010 3.297 1.349 1.234 0.479 2.536 1 4.052 1.135l0.078 0.005h0.198c1.745 0 3.063-0.703 4.203-1.141 0.875-0.333 2.052-0.641 3.302-1.344 0.578-0.323 1.115-0.719 1.594-1.172 1.318-1.234 2.229-2.839 2.625-4.599 1.115-0.182 2.141-0.719 2.922-1.536 1.464-1.484 1.458-3.479 1.078-5.021-0.193-0.771-0.49-1.474-0.948-2.099-0.458-0.63-1.172-1.354-2.385-1.354l0.135 0.016c-0.208-0.021-0.422-0.021-0.63 0-0.479 0.078-0.938 0.255-1.344 0.516-0.667 0.411-0.88 0.823-1.104 1.182-0.073 0.12-0.12 0.219-0.188 0.333-2.156-1.901-5.432-2.802-9.313-2.802zM16.042 8.313c4.745 0 8.016 1.422 9.411 3.964 0.839-0.323 1.453-2.521 2.146-2.948 0.563-0.344 0.885-0.26 0.885-0.26 1.271 0 2.578 3.729 0.953 5.38-0.859 0.875-2.443 1.12-3.229 1.057-0.063 2.542-1.542 4.833-3.5 5.932-1 0.563-2.068 0.854-3.063 1.234-1.229 0.469-2.38 1.016-3.547 1.016h-0.125c-1.161-0.099-2.318-0.542-3.547-1.016-0.995-0.38-2.068-0.682-3.063-1.24-1.948-1.099-3.427-3.391-3.49-5.927-0.781 0.068-2.385-0.177-3.245-1.057-1.625-1.651-0.318-5.38 0.948-5.38 0 0 0.328-0.083 0.885 0.26 0.698 0.427 1.318 2.646 2.161 2.953 1.391-2.547 4.667-3.969 9.417-3.969zM10.875 11.422c-2.276-0.042-4.146 1.792-4.146 4.068 0 2.281 1.87 4.115 4.146 4.073 5.328-0.099 5.328-8.047 0-8.141zM21.208 11.422c-5.427 0-5.427 8.141 0 8.141s5.427-8.141 0-8.141zM11.453 13.708c2.349 0.063 2.349 3.552 0 3.615-1.182 0-2.042-1.115-1.75-2.255 0.318 0.771 1.469 0.547 1.464-0.292 0-0.406-0.318-0.745-0.729-0.76 0.302-0.203 0.656-0.313 1.016-0.307zM20.641 13.708c2.344 0.063 2.344 3.552 0 3.615-1.182 0-2.047-1.115-1.755-2.255 0.229 0.552 0.979 0.641 1.328 0.146 0.344-0.49 0.010-1.167-0.589-1.193 0.297-0.208 0.651-0.313 1.016-0.313zM15.359 19.906c-0.318 0.026-0.5 0.193-0.5 0.635 0 0.281 0.182 0.484 0.5 0.484 0.229 0 0.266-0.323 0.047-0.375-0.031-0.005-0.172-0.057-0.172-0.182 0-0.12 0-0.167 0.24-0.198 0.104-0.016 0.156-0.141 0.125-0.24s-0.125-0.135-0.24-0.125zM16.724 19.906c-0.115-0.005-0.208 0.026-0.24 0.125s0.021 0.224 0.125 0.24c0.24 0.031 0.24 0.078 0.24 0.198 0 0.125-0.141 0.177-0.172 0.182-0.219 0.052-0.182 0.375 0.042 0.375 0.323 0 0.51-0.203 0.51-0.484 0-0.443-0.188-0.609-0.505-0.635z" fill="#424242"/>
+  <line y2="24" x2="16" y1="26" x1="32" stroke-width="2" stroke="green" fill="none"/>
+  <line y2="16" x2="24" y1="32" x1="24" stroke-width="1" stroke="green" fill="none"/>
+</svg>

extensions/ql-vscode/media/light/preview.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M2.00024 2H14.0002L15.0002 3V13L14.0002 14H2.00024L1.00024 13V3L2.00024 2ZM2.00024 13H14.0002V3H2.00024V13ZM13.0002 4H3.00024V7H13.0002V4ZM12.0002 6H4.00024V5H12.0002V6ZM9.00024 12H13.0002V8H9.00024V12ZM10.0002 9H12.0002V11H10.0002V9ZM7.00024 8H3.00024V9H7.00024V8ZM3.00024 11H7.00024V12H3.00024V11Z" fill="#424242"/>
+</svg>

extensions/ql-vscode/media/light/sort-alpha.svg

@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Capa_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="0 0 432 432" style="enable-background:new 0 0 432 432;" xml:space="preserve">
+<g>
+	<g>
+		<g>
+			<polygon points="234.24,9.067 183.893,59.413 284.587,59.413 			"/>
+			<polygon points="301.44,304.32 427.947,120.853 427.947,93.973 250.88,93.973 250.88,128.107 376.32,128.107 250.027,310.72 
+				250.027,338.24 432,338.24 432,304.32 			"/>
+			<polygon points="234.24,422.933 283.947,373.227 184.533,373.227 			"/>
+			<path d="M226.773,338.24L130.987,93.76H96L0,338.24h39.253l19.627-52.267h109.013l19.627,52.267H226.773z M71.893,250.987
+				L113.28,140.48l41.387,110.507H71.893z"/>
+		</g>
+	</g>
+</g>
+</svg>

extensions/ql-vscode/media/light/sort-date.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M7 2L6 3V6H7V3H14V5.45306L14.2071 5.29286L15 6.08576V3L14 2H7ZM8 4H10V6H8V4ZM5 9H3V11H5V9ZM2 7L1 8V13L2 14H9L10 13V8L9 7H2ZM2 13V8H9V13H2ZM8 10H6V12H8V10ZM13 4H12V7.86388L10.818 6.68192L10.1109 7.38903L12.1465 9.42454L12.8536 9.42454L14.889 7.38908L14.1819 6.68197L13 7.86388V4Z" fill="#424242"/>
+</svg>

extensions/ql-vscode/media/light/sort-num.svg

@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Capa_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="0 0 432 432" style="enable-background:new 0 0 432 432;" xml:space="preserve">
+<g>
+	<g>
+		<g>
+			<polygon points="234.24,9.067 183.893,59.413 284.587,59.413" />
+			<path d="m 259.24622,341.40906 v -32.34375 q 13.35937,6.32812 27.07031,9.66797 13.71094,3.33984 26.89453,3.33984 35.15625,0 53.61328,-23.55469 18.63282,-23.73047 21.26953,-71.89453 -10.19531,15.11719 -25.83984,23.20313 -15.64453,8.08593 -34.62891,8.08593 -39.375,0 -62.40234,-23.73046 -22.85156,-23.90625 -22.85156,-65.21485 0,-40.42969 23.90625,-64.86328 23.90625,-24.433594 63.63281,-24.433594 45.52734,0 69.43359,34.980474 24.08204,34.80468 24.08204,101.25 0,62.05078 -29.53125,99.14062 -29.35547,36.91406 -79.10157,36.91406 -13.35937,0 -27.07031,-2.63672 -13.71094,-2.63671 -28.47656,-7.91015 z m 70.66406,-111.26953 q 23.90625,0 37.79297,-16.34766 14.0625,-16.34766 14.0625,-44.82422 0,-28.30078 -14.0625,-44.64844 -13.88672,-16.52343 -37.79297,-16.52343 -23.90625,0 -37.96875,16.52343 -13.88672,16.34766 -13.88672,44.64844 0,28.47656 13.88672,44.82422 14.0625,16.34766 37.96875,16.34766 z" />
+			<polygon points="234.24,422.933 283.947,373.227 184.533,373.227" />
+			<path d="M 35.300905,316.97546 H 93.308718 V 116.76062 L 30.203249,129.41687 V 97.07312 L 92.957155,84.41687 h 35.507815 v 232.55859 h 58.00781 v 29.88282 H 35.300905 Z" />
+		</g>
+	</g>
+</g>
+</svg>

extensions/ql-vscode/media/light/trash.svg

@@ -0,0 +1,3 @@
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M10.0002 3H12.0002H13.0002V4H12.0002V13L11.0002 14H4.00024L3.00024 13V4H2.00024V3H5.00024V2C5.00024 1.73478 5.10555 1.48038 5.29309 1.29285C5.48063 1.10531 5.73503 1 6.00024 1H9.00024C9.26546 1 9.51986 1.10531 9.7074 1.29285C9.89493 1.48038 10.0002 1.73478 10.0002 2V3ZM9.00024 2H6.00024V3H9.00024V2ZM4.00024 13H11.0002V4H4.00024V13ZM6.00024 5H5.00024V12H6.00024V5ZM7.00024 5H8.00024V12H7.00024V5ZM9.00024 5H10.0002V12H9.00024V5Z" fill="#424242"/>
+</svg>

extensions/ql-vscode/media/logo.svg

@@ -1,14 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<svg width="27px" height="16px" viewBox="0 0 27 16" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
-    <!-- Generator: Sketch 59 (86127) - https://sketch.com -->
-    <title>Slice</title>
-    <desc>Created with Sketch.</desc>
-    <g id="light" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
-        <g id="QL" transform="translate(1.000000, 1.000000)">
-            <rect id="Rectangle-41" stroke="#2088FF" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" x="0" y="0" width="25" height="14" rx="2"></rect>
-            <line x1="17" y1="5" x2="19" y2="5" id="Stroke-15" stroke="#2088FF" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"></line>
-            <line x1="17" y1="9" x2="21" y2="9" id="Stroke-15" stroke="#2088FF" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"></line>
-            <path d="M8.85227273,7 C8.85227273,7.51894199 8.76988719,7.97537682 8.60511364,8.36931818 C8.44034009,8.76325955 8.21591051,9.08711994 7.93181818,9.34090909 L8.76420455,10.3863636 L7.61647727,10.3863636 L7.14772727,9.80965909 C6.83143781,9.92897787 6.49147909,9.98863636 6.12784091,9.98863636 C5.61079287,9.98863636 5.14678236,9.8712133 4.73579545,9.63636364 C4.32480855,9.40151398 4.00000119,9.06108178 3.76136364,8.61505682 C3.52272608,8.16903186 3.40340909,7.63068497 3.40340909,7 C3.40340909,6.36552713 3.52272608,5.8257598 3.76136364,5.38068182 C4.00000119,4.93560384 4.32480855,4.59611859 4.73579545,4.36221591 C5.14678236,4.12831322 5.61079287,4.01136364 6.12784091,4.01136364 C6.642995,4.01136364 7.10605855,4.12831322 7.51704545,4.36221591 C7.92803236,4.59611859 8.2533132,4.93560384 8.49289773,5.38068182 C8.73248226,5.8257598 8.85227273,6.36552713 8.85227273,7 Z M5.70170455,7.88636364 L6.74715909,7.88636364 L7.17897727,8.44034091 C7.31344764,8.27935526 7.41808675,8.07859969 7.49289773,7.83806818 C7.56770871,7.59753668 7.60511364,7.31818341 7.60511364,7 C7.60511364,6.38257267 7.47064528,5.91145996 7.20170455,5.58664773 C6.93276381,5.2618355 6.57481284,5.09943182 6.12784091,5.09943182 C5.68086898,5.09943182 5.32291801,5.2618355 5.05397727,5.58664773 C4.78503653,5.91145996 4.65056818,6.38257267 4.65056818,7 C4.65056818,7.61553338 4.78503653,8.08617261 5.05397727,8.41193182 C5.32291801,8.73769102 5.68086898,8.90056818 6.12784091,8.90056818 C6.23958389,8.90056818 6.34564344,8.89015162 6.44602273,8.86931818 L5.70170455,7.88636364 Z M10.1813315,10 L10.1813315,4 L11.4114451,4 L11.4114451,8.98579545 L13.9057633,8.98579545 L13.9057633,10 L10.1813315,10 Z" fill="#2088FF" fill-rule="nonzero"></path>
-        </g>
-    </g>
-</svg>
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M8.19789 8C8.19789 8.51894 8.1155 8.97538 7.95073 9.36932C7.78595 9.76326 7.56152 10.0871 7.27743 10.3409L8.10982 11.3864H6.96209L6.49334 10.8097C6.17705 10.929 5.83709 10.9886 5.47346 10.9886C4.95641 10.9886 4.4924 10.8712 4.08141 10.6364C3.67042 10.4015 3.34562 10.0611 3.10698 9.61506C2.86834 9.16903 2.74902 8.63068 2.74902 8C2.74902 7.36553 2.86834 6.82576 3.10698 6.38068C3.34562 5.9356 3.67042 5.59612 4.08141 5.36222C4.4924 5.12831 4.95641 5.01136 5.47346 5.01136C5.98861 5.01136 6.45167 5.12831 6.86266 5.36222C7.27365 5.59612 7.59893 5.9356 7.83851 6.38068C8.0781 6.82576 8.19789 7.36553 8.19789 8ZM5.04732 8.88636H6.09277L6.52459 9.44034C6.65906 9.27936 6.7637 9.0786 6.83851 8.83807C6.91332 8.59754 6.95073 8.31818 6.95073 8C6.95073 7.38257 6.81626 6.91146 6.54732 6.58665C6.27838 6.26184 5.92043 6.09943 5.47346 6.09943C5.02648 6.09943 4.66853 6.26184 4.39959 6.58665C4.13065 6.91146 3.99618 7.38257 3.99618 8C3.99618 8.61553 4.13065 9.08617 4.39959 9.41193C4.66853 9.73769 5.02648 9.90057 5.47346 9.90057C5.5852 9.90057 5.69126 9.89015 5.79164 9.86932L5.04732 8.88636ZM9.52695 11V5H10.7571V9.9858H13.2514V11H9.52695Z" fill="#24292F"/>
+<path fill-rule="evenodd" clip-rule="evenodd" d="M13 1.5H3C2.17157 1.5 1.5 2.17157 1.5 3V13C1.5 13.8284 2.17157 14.5 3 14.5H13C13.8284 14.5 14.5 13.8284 14.5 13V3C14.5 2.17157 13.8284 1.5 13 1.5ZM3 0C1.34315 0 0 1.34315 0 3V13C0 14.6569 1.34315 16 3 16H13C14.6569 16 16 14.6569 16 13V3C16 1.34315 14.6569 0 13 0H3Z" fill="#24292F"/>
+</svg>

extensions/ql-vscode/snippets.json

@@ -0,0 +1,134 @@
+{
+  "Query Metadata": {
+    "prefix": "querymetadata",
+    "body": [
+      "/**",
+      " * @name $1",
+      " * @description $2",
+      " * @kind $3",
+      " * @id $4",
+      " * @tags $5",
+      " */"
+    ],
+    "description": "Metadata for a query"
+  },
+  "Class": {
+    "prefix": "class",
+    "body": ["class $1 extends $2 {", "\t$0", "}"],
+    "description": "A class"
+  },
+  "From/Where/Select": {
+    "prefix": "from",
+    "body": ["from $1", "where $2", "select $3"],
+    "description": "A from/where/select statement"
+  },
+  "Predicate": {
+    "prefix": "predicate",
+    "body": ["predicate $1($2) {", "\t$0", "}"],
+    "description": "A predicate"
+  },
+  "Dataflow Tracking Class": {
+    "prefix": "dataflowtracking",
+    "body": [
+      "class $1 extends DataFlow::Configuration {",
+      "\t$1() { this = \"$1\" }",
+      "\t",
+      "\toverride predicate isSource(DataFlow::Node node) {",
+      "\t\t${2:none()}",
+      "\t}",
+      "\t",
+      "\toverride predicate isSink(DataFlow::Node node) {",
+      "\t\t${3:none()}",
+      "\t}",
+      "}"
+    ],
+    "description": "Boilerplate for a dataflow tracking class"
+  },
+  "Taint Tracking Class": {
+    "prefix": "tainttracking",
+    "body": [
+      "class $1 extends TaintTracking::Configuration {",
+      "\t$1() { this = \"$1\" }",
+      "\t",
+      "\toverride predicate isSource(DataFlow::Node node) {",
+      "\t\t${2:none()}",
+      "\t}",
+      "\t",
+      "\toverride predicate isSink(DataFlow::Node node) {",
+      "\t\t${3:none()}",
+      "\t}",
+      "}"
+    ],
+    "description": "Boilerplate for a taint tracking class"
+  },
+  "Count": {
+    "prefix": "count",
+    "body": ["count($1 | $2 | $3)"],
+    "description": "A count aggregate"
+  },
+  "Max": {
+    "prefix": "max",
+    "body": ["max($1 | $2 | $3)"],
+    "description": "A max aggregate"
+  },
+  "Min": {
+    "prefix": "min",
+    "body": ["min($1 | $2 | $3)"],
+    "description": "A min aggregate"
+  },
+  "Average": {
+    "prefix": "avg",
+    "body": ["avg($1 | $2 | $3)"],
+    "description": "An average aggregate"
+  },
+  "Sum": {
+    "prefix": "sum",
+    "body": ["sum($1 | $2 | $3)"],
+    "description": "A sum aggregate"
+  },
+  "Concatenation": {
+    "prefix": "concat",
+    "body": ["concat($1 | $2 | $3)"],
+    "description": "A concatenation aggregate"
+  },
+  "Rank": {
+    "prefix": "rank",
+    "body": ["rank[$1]($2 | $3 | $4)"],
+    "description": "A rank aggregate"
+  },
+  "Strict Sum": {
+    "prefix": "strictsum",
+    "body": ["strictsum($1 | $2 | $3)"],
+    "description": "A strict sum aggregate"
+  },
+  "Strict Concatenation": {
+    "prefix": "strictconcat",
+    "body": ["strictconcat($1 | $2 | $3)"],
+    "description": "A strict concatenation aggregate"
+  },
+  "Strict Count": {
+    "prefix": "strictcount",
+    "body": ["strictcount($1 | $2 | $3)"],
+    "description": "A strict count aggregate"
+  },
+  "Unique": {
+    "prefix": "unique",
+    "body": ["unique($1 | $2 | $3)"],
+    "description": "A unique aggregate"
+  },
+  "Exists": {
+    "prefix": "exists",
+    "body": ["exists($1 | $2 | $3)"],
+    "description": "An exists quantifier"
+  },
+  "For All": {
+    "prefix": "forall",
+    "body": ["forall($1 | $2 | $3)"],
+    "description": "A for all quantifier"
+  },
+  "For All and Exists": {
+    "prefix": "forex",
+    "body": ["forex($1 | $2 | $3)"],
+    "description": "A for all and exists quantifier"
+  }
+}

extensions/ql-vscode/src/archive-filesystem-provider.ts

@@ -51,7 +51,10 @@ export type Entry = File | Directory;
  */
 export type DirectoryHierarchyMap = Map<string, Map<string, vscode.FileType>>;
 
-export type ZipFileReference = { sourceArchiveZipPath: string, pathWithinSourceArchive: string };
+export type ZipFileReference = {
+  sourceArchiveZipPath: string;
+  pathWithinSourceArchive: string;
+};
 
 /** Encodes a reference to a source file within a zipped source archive into a single URI. */
 export function encodeSourceArchiveUri(ref: ZipFileReference): vscode.Uri {
@@ -81,13 +84,26 @@ export function encodeSourceArchiveUri(ref: ZipFileReference): vscode.Uri {
   // This lets us separate the paths, ignoring the leading slash if we added one.
   const sourceArchiveZipPathEndIndex = sourceArchiveZipPathStartIndex + sourceArchiveZipPath.length;
   const authority = `${sourceArchiveZipPathStartIndex}-${sourceArchiveZipPathEndIndex}`;
-  return vscode.Uri.parse(zipArchiveScheme + ':/').with({
+  return vscode.Uri.parse(zipArchiveScheme + ':/', true).with({
     path: encodedPath,
     authority,
   });
 }
 
-const sourceArchiveUriAuthorityPattern = /^(\d+)\-(\d+)$/;
+/**
+ * Convenience method to create a codeql-zip-archive with a path to the root
+ * archive
+ *
+ * @param pathToArchive the filesystem path to the root of the archive
+ */
+export function encodeArchiveBasePath(sourceArchiveZipPath: string) {
+  return encodeSourceArchiveUri({
+    sourceArchiveZipPath,
+    pathWithinSourceArchive: ''
+  });
+}
+
+const sourceArchiveUriAuthorityPattern = /^(\d+)-(\d+)$/;
 
 class InvalidSourceArchiveUriError extends Error {
   constructor(uri: vscode.Uri) {
@@ -97,6 +113,14 @@ class InvalidSourceArchiveUriError extends Error {
 
 /** Decodes an encoded source archive URI into its corresponding paths. Inverse of `encodeSourceArchiveUri`. */
 export function decodeSourceArchiveUri(uri: vscode.Uri): ZipFileReference {
+  if (!uri.authority) {
+    // Uri is malformed, but this is recoverable
+    void logger.log(`Warning: ${new InvalidSourceArchiveUriError(uri).message}`);
+    return {
+      pathWithinSourceArchive: '/',
+      sourceArchiveZipPath: uri.path
+    };
+  }
   const match = sourceArchiveUriAuthorityPattern.exec(uri.authority);
   if (match === null)
     throw new InvalidSourceArchiveUriError(uri);
@@ -105,7 +129,7 @@ export function decodeSourceArchiveUri(uri: vscode.Uri): ZipFileReference {
   if (isNaN(zipPathStartIndex) || isNaN(zipPathEndIndex))
     throw new InvalidSourceArchiveUriError(uri);
   return {
-    pathWithinSourceArchive: uri.path.substring(zipPathEndIndex),
+    pathWithinSourceArchive: uri.path.substring(zipPathEndIndex) || '/',
     sourceArchiveZipPath: uri.path.substring(zipPathStartIndex, zipPathEndIndex),
   };
 }
@@ -117,7 +141,7 @@ function ensureFile(map: DirectoryHierarchyMap, file: string) {
   const dirname = path.dirname(file);
   if (dirname === '.') {
     const error = `Ill-formed path ${file} in zip archive (expected absolute path)`;
-    logger.log(error);
+    void logger.log(error);
     throw new Error(error);
   }
   ensureDir(map, dirname);
@@ -139,8 +163,8 @@ function ensureDir(map: DirectoryHierarchyMap, dir: string) {
 }
 
 type Archive = {
-  unzipped: unzipper.CentralDirectory,
-  dirMap: DirectoryHierarchyMap,
+  unzipped: unzipper.CentralDirectory;
+  dirMap: DirectoryHierarchyMap;
 };
 
 export class ArchiveFileSystemProvider implements vscode.FileSystemProvider {
@@ -163,14 +187,14 @@ export class ArchiveFileSystemProvider implements vscode.FileSystemProvider {
   // metadata
 
   async stat(uri: vscode.Uri): Promise<vscode.FileStat> {
-    return await this._lookup(uri, false);
+    return await this._lookup(uri);
   }
 
   async readDirectory(uri: vscode.Uri): Promise<[string, vscode.FileType][]> {
     const ref = decodeSourceArchiveUri(uri);
     const archive = await this.getArchive(ref.sourceArchiveZipPath);
-    let contents = archive.dirMap.get(ref.pathWithinSourceArchive);
-    const result = contents === undefined ? [] : Array.from(contents.entries());
+    const contents = archive.dirMap.get(ref.pathWithinSourceArchive);
+    const result = contents === undefined ? undefined : Array.from(contents.entries());
     if (result === undefined) {
       throw vscode.FileSystemError.FileNotFound(uri);
     }
@@ -180,7 +204,7 @@ export class ArchiveFileSystemProvider implements vscode.FileSystemProvider {
   // file contents
 
   async readFile(uri: vscode.Uri): Promise<Uint8Array> {
-    const data = (await this._lookupAsFile(uri, false)).data;
+    const data = (await this._lookupAsFile(uri)).data;
     if (data) {
       return data;
     }
@@ -189,25 +213,25 @@ export class ArchiveFileSystemProvider implements vscode.FileSystemProvider {
 
   // write operations, all disabled
 
-  writeFile(uri: vscode.Uri, content: Uint8Array, options: { create: boolean, overwrite: boolean }): void {
+  writeFile(_uri: vscode.Uri, _content: Uint8Array, _options: { create: boolean; overwrite: boolean }): void {
     throw this.readOnlyError;
   }
 
-  rename(oldUri: vscode.Uri, newUri: vscode.Uri, options: { overwrite: boolean }): void {
+  rename(_oldUri: vscode.Uri, _newUri: vscode.Uri, _options: { overwrite: boolean }): void {
     throw this.readOnlyError;
   }
 
-  delete(uri: vscode.Uri): void {
+  delete(_uri: vscode.Uri): void {
     throw this.readOnlyError;
   }
 
-  createDirectory(uri: vscode.Uri): void {
+  createDirectory(_uri: vscode.Uri): void {
     throw this.readOnlyError;
   }
 
   // content lookup
 
-  private async _lookup(uri: vscode.Uri, silent: boolean): Promise<Entry> {
+  private async _lookup(uri: vscode.Uri): Promise<Entry> {
     const ref = decodeSourceArchiveUri(uri);
     const archive = await this.getArchive(ref.sourceArchiveZipPath);
 
@@ -235,11 +259,11 @@ export class ArchiveFileSystemProvider implements vscode.FileSystemProvider {
     if (archive.dirMap.has(reqPath)) {
       return new Directory(reqPath);
     }
-    throw vscode.FileSystemError.FileNotFound(uri);
+    throw vscode.FileSystemError.FileNotFound(`uri '${uri.toString()}', interpreted as '${reqPath}' in archive '${ref.sourceArchiveZipPath}'`);
   }
 
-  private async _lookupAsFile(uri: vscode.Uri, silent: boolean): Promise<File> {
-    let entry = await this._lookup(uri, silent);
+  private async _lookupAsFile(uri: vscode.Uri): Promise<File> {
+    const entry = await this._lookup(uri);
     if (entry instanceof File) {
       return entry;
     }
@@ -254,7 +278,7 @@ export class ArchiveFileSystemProvider implements vscode.FileSystemProvider {
 
   watch(_resource: vscode.Uri): vscode.Disposable {
     // ignore, fires for all changes...
-    return new vscode.Disposable(() => { });
+    return new vscode.Disposable(() => { /**/ });
   }
 }
 

extensions/ql-vscode/src/astViewer.ts

@@ -0,0 +1,204 @@
+import {
+  window,
+  TreeDataProvider,
+  EventEmitter,
+  Event,
+  ProviderResult,
+  TreeItemCollapsibleState,
+  TreeItem,
+  TreeView,
+  TextEditorSelectionChangeEvent,
+  TextEditorSelectionChangeKind,
+  Location,
+  Range
+} from 'vscode';
+import * as path from 'path';
+
+import { DatabaseItem } from './databases';
+import { UrlValue, BqrsId } from './pure/bqrs-cli-types';
+import { showLocation } from './interface-utils';
+import { isStringLoc, isWholeFileLoc, isLineColumnLoc } from './pure/bqrs-utils';
+import { commandRunner } from './commandRunner';
+import { DisposableObject } from './pure/disposable-object';
+import { showAndLogErrorMessage } from './helpers';
+
+export interface AstItem {
+  id: BqrsId;
+  label?: string;
+  location?: UrlValue;
+  fileLocation?: Location;
+  children: ChildAstItem[];
+  order: number;
+}
+
+export interface ChildAstItem extends AstItem {
+  parent: ChildAstItem | AstItem;
+}
+
+class AstViewerDataProvider extends DisposableObject implements TreeDataProvider<AstItem> {
+
+  public roots: AstItem[] = [];
+  public db: DatabaseItem | undefined;
+
+  private _onDidChangeTreeData =
+    this.push(new EventEmitter<AstItem | undefined>());
+  readonly onDidChangeTreeData: Event<AstItem | undefined> =
+    this._onDidChangeTreeData.event;
+
+  constructor() {
+    super();
+    this.push(
+      commandRunner('codeQLAstViewer.gotoCode',
+        async (item: AstItem) => {
+          await showLocation(item.fileLocation);
+        })
+    );
+  }
+
+  refresh(): void {
+    this._onDidChangeTreeData.fire(undefined);
+  }
+  getChildren(item?: AstItem): ProviderResult<AstItem[]> {
+    const children = item ? item.children : this.roots;
+    return children.sort((c1, c2) => (c1.order - c2.order));
+  }
+
+  getParent(item: ChildAstItem): ProviderResult<AstItem> {
+    return item.parent;
+  }
+
+  getTreeItem(item: AstItem): TreeItem {
+    const line = this.extractLineInfo(item?.location);
+
+    const state = item.children.length
+      ? TreeItemCollapsibleState.Collapsed
+      : TreeItemCollapsibleState.None;
+    const treeItem = new TreeItem(item.label || '', state);
+    treeItem.description = line ? `Line ${line}` : '';
+    treeItem.id = String(item.id);
+    treeItem.tooltip = `${treeItem.description} ${treeItem.label}`;
+    treeItem.command = {
+      command: 'codeQLAstViewer.gotoCode',
+      title: 'Go To Code',
+      tooltip: `Go To ${item.location}`,
+      arguments: [item]
+    };
+    return treeItem;
+  }
+
+  private extractLineInfo(loc?: UrlValue) {
+    if (!loc) {
+      return '';
+    } else if (isStringLoc(loc)) {
+      return loc;
+    } else if (isWholeFileLoc(loc)) {
+      return loc.uri;
+    } else if (isLineColumnLoc(loc)) {
+      return loc.startLine;
+    } else {
+      return '';
+    }
+  }
+}
+
+export class AstViewer extends DisposableObject {
+  private treeView: TreeView<AstItem>;
+  private treeDataProvider: AstViewerDataProvider;
+  private currentFile: string | undefined;
+
+  constructor() {
+    super();
+
+    this.treeDataProvider = new AstViewerDataProvider();
+    this.treeView = window.createTreeView('codeQLAstViewer', {
+      treeDataProvider: this.treeDataProvider,
+      showCollapseAll: true
+    });
+
+    this.push(this.treeView);
+    this.push(this.treeDataProvider);
+    this.push(
+      commandRunner('codeQLAstViewer.clear', async () => {
+        this.clear();
+      })
+    );
+    this.push(window.onDidChangeTextEditorSelection(this.updateTreeSelection, this));
+  }
+
+  updateRoots(roots: AstItem[], db: DatabaseItem, fileName: string) {
+    this.treeDataProvider.roots = roots;
+    this.treeDataProvider.db = db;
+    this.treeDataProvider.refresh();
+    this.treeView.message = `AST for ${path.basename(fileName)}`;
+    this.currentFile = fileName;
+    // Handle error on reveal. This could happen if
+    // the tree view is disposed during the reveal.
+    this.treeView.reveal(roots[0], { focus: false })?.then(
+      () => { /**/ },
+      err => showAndLogErrorMessage(err)
+    );
+  }
+
+  private updateTreeSelection(e: TextEditorSelectionChangeEvent) {
+    function isInside(selectedRange: Range, astRange?: Range): boolean {
+      return !!astRange?.contains(selectedRange);
+    }
+
+    // Recursively iterate all children until we find the node with the smallest
+    // range that contains the selection.
+    // Some nodes do not have a location, but their children might, so must
+    // recurse though location-less AST nodes to see if children are correct.
+    function findBest(selectedRange: Range, items?: AstItem[]): AstItem | undefined {
+      if (!items || !items.length) {
+        return;
+      }
+      for (const item of items) {
+        let candidate: AstItem | undefined = undefined;
+        if (isInside(selectedRange, item.fileLocation?.range)) {
+          candidate = item;
+        }
+        // always iterate through children since the location of an AST node in code QL does not
+        // always cover the complete text of the node.
+        candidate = findBest(selectedRange, item.children) || candidate;
+        if (candidate) {
+          return candidate;
+        }
+      }
+      return;
+    }
+
+    // Avoid recursive tree-source code updates.
+    if (e.kind === TextEditorSelectionChangeKind.Command) {
+      return;
+    }
+
+    if (
+      this.treeView.visible &&
+      e.textEditor.document.uri.fsPath === this.currentFile &&
+      e.selections.length === 1
+    ) {
+      const selection = e.selections[0];
+      const range = selection.anchor.isBefore(selection.active)
+        ? new Range(selection.anchor, selection.active)
+        : new Range(selection.active, selection.anchor);
+
+      const targetItem = findBest(range, this.treeDataProvider.roots);
+      if (targetItem) {
+        // Handle error on reveal. This could happen if
+        // the tree view is disposed during the reveal.
+        this.treeView.reveal(targetItem)?.then(
+          () => { /**/ },
+          err => showAndLogErrorMessage(err)
+        );
+      }
+    }
+  }
+
+  private clear() {
+    this.treeDataProvider.roots = [];
+    this.treeDataProvider.db = undefined;
+    this.treeDataProvider.refresh();
+    this.treeView.message = undefined;
+    this.currentFile = undefined;
+  }
+}

extensions/ql-vscode/src/authentication.ts

@@ -0,0 +1,62 @@
+import * as vscode from 'vscode';
+import * as Octokit from '@octokit/rest';
+
+const GITHUB_AUTH_PROVIDER_ID = 'github';
+
+// 'repo' scope should be enough for triggering workflows. For a comprehensive list, see:
+// https://docs.github.com/apps/building-oauth-apps/understanding-scopes-for-oauth-apps
+const SCOPES = ['repo'];
+
+/** 
+ * Handles authentication to GitHub, using the VS Code [authentication API](https://code.visualstudio.com/api/references/vscode-api#authentication).
+ */
+export class Credentials {
+  private octokit: Octokit.Octokit | undefined;
+
+  // Explicitly make the constructor private, so that we can't accidentally call the constructor from outside the class
+  // without also initializing the class.
+  // eslint-disable-next-line @typescript-eslint/no-empty-function
+  private constructor() { }
+
+  static async initialize(context: vscode.ExtensionContext): Promise<Credentials> {
+    const c = new Credentials();
+    c.registerListeners(context);
+    c.octokit = await c.createOctokit(false);
+    return c;
+  }
+
+  private async createOctokit(createIfNone: boolean): Promise<Octokit.Octokit | undefined> {
+    const session = await vscode.authentication.getSession(GITHUB_AUTH_PROVIDER_ID, SCOPES, { createIfNone });
+
+    if (session) {
+      return new Octokit.Octokit({
+        auth: session.accessToken
+      });
+    } else {
+      return undefined;
+    }
+  }
+
+  registerListeners(context: vscode.ExtensionContext): void {
+    // Sessions are changed when a user logs in or logs out.
+    context.subscriptions.push(vscode.authentication.onDidChangeSessions(async e => {
+      if (e.provider.id === GITHUB_AUTH_PROVIDER_ID) {
+        this.octokit = await this.createOctokit(false);
+      }
+    }));
+  }
+
+  async getOctokit(): Promise<Octokit.Octokit> {
+    if (this.octokit) {
+      return this.octokit;
+    }
+
+    this.octokit = await this.createOctokit(true);
+    // octokit shouldn't be undefined, since we've set "createIfNone: true".
+    // The following block is mainly here to prevent a compiler error.
+    if (!this.octokit) {
+      throw new Error('Did not initialize Octokit.');
+    }
+    return this.octokit;
+  }
+}

extensions/ql-vscode/src/cli-version.ts

@@ -1,96 +1,24 @@
-import { runCodeQlCliCommand } from "./cli";
-import { Logger } from "./logging";
+import * as semver from 'semver';
+import { runCodeQlCliCommand } from './cli';
+import { Logger } from './logging';
 
 /**
  * Get the version of a CodeQL CLI.
  */
-export async function getCodeQlCliVersion(codeQlPath: string, logger: Logger): Promise<Version | undefined> {
-  const output: string = await runCodeQlCliCommand(
-    codeQlPath,
-    ["version"],
-    ["--format=terse"],
-    "Checking CodeQL version",
-    logger
-  );
-  return tryParseVersionString(output.trim());
-}
-
-/**
- * Try to parse a version string, returning undefined if we can't parse it.
- * 
- * Version strings must contain a major, minor, and patch version.  They may optionally
- * start with "v" and may optionally contain some "tail" string after the major, minor, and
- * patch versions, for example as in `v2.1.0+baf5bff`.
- */
-export function tryParseVersionString(versionString: string): Version | undefined {
-  const match = versionString.match(versionRegex);
-  if (match === null) {
+export async function getCodeQlCliVersion(codeQlPath: string, logger: Logger): Promise<semver.SemVer | undefined> {
+  try {
+    const output: string = await runCodeQlCliCommand(
+      codeQlPath,
+      ['version'],
+      ['--format=terse'],
+      'Checking CodeQL version',
+      logger
+    );
+    return semver.parse(output.trim()) || undefined;
+  } catch (e) {
+    // Failed to run the version command. This might happen if the cli version is _really_ old, or it is corrupted.
+    // Either way, we can't determine compatibility.
+    void logger.log(`Failed to run 'codeql version'. Reason: ${e.message}`);
     return undefined;
   }
-  return {
-    buildMetadata: match[5],
-    majorVersion: Number.parseInt(match[1], 10),
-    minorVersion: Number.parseInt(match[2], 10),
-    patchVersion: Number.parseInt(match[3], 10),
-    prereleaseVersion: match[4],
-    rawString: versionString,
-  }
-}
-
-/**
- * Regex for parsing semantic versions
- * 
- * From the semver spec https://semver.org/#is-there-a-suggested-regular-expression-regex-to-check-a-semver-string
- */
-const versionRegex = new RegExp(String.raw`^v?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)` +
-  String.raw`(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?` +
-  String.raw`(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$`);
-
-/**
- * A version of the CodeQL CLI.
- */
-export interface Version {
-  /**
-   * Build metadata
-   * 
-   * For example, this will be `abcdef0` for version 2.1.0-alpha.1+abcdef0.
-   * Build metadata must be ignored when comparing versions. 
-   */
-  buildMetadata: string | undefined;
-
-  /**
-   * Major version number
-   * 
-   * For example, this will be `2` for version 2.1.0-alpha.1+abcdef0.
-   */
-  majorVersion: number;
-
-  /**
-   * Minor version number
-   * 
-   * For example, this will be `1` for version 2.1.0-alpha.1+abcdef0.
-   */
-  minorVersion: number;
-
-  /**
-   * Patch version number
-   * 
-   * For example, this will be `0` for version 2.1.0-alpha.1+abcdef0.
-   */
-  patchVersion: number;
-
-  /**
-   * Prerelease version
-   * 
-   * For example, this will be `alpha.1` for version 2.1.0-alpha.1+abcdef0.
-   * The prerelease version must be considered when comparing versions.
-   */
-  prereleaseVersion: string | undefined;
-
-  /**
-   * Raw version string
-   * 
-   * For example, this will be `2.1.0-alpha.1+abcdef0` for version 2.1.0-alpha.1+abcdef0.
-   */
-  rawString: string;
 }

extensions/ql-vscode/src/commandRunner.ts

@@ -0,0 +1,241 @@
+import {
+  CancellationToken,
+  ProgressOptions,
+  window as Window,
+  commands,
+  Disposable,
+  ProgressLocation
+} from 'vscode';
+import { showAndLogErrorMessage, showAndLogWarningMessage } from './helpers';
+import { logger } from './logging';
+import { telemetryListener } from './telemetry';
+
+export class UserCancellationException extends Error {
+  /**
+   * @param message The error message
+   * @param silent If silent is true, then this exception will avoid showing a warning message to the user.
+   */
+  constructor(message?: string, public readonly silent = false) {
+    super(message);
+  }
+}
+
+export interface ProgressUpdate {
+  /**
+   * The current step
+   */
+  step: number;
+  /**
+   * The maximum step. This *should* be constant for a single job.
+   */
+  maxStep: number;
+  /**
+   * The current progress message
+   */
+  message: string;
+}
+
+export type ProgressCallback = (p: ProgressUpdate) => void;
+
+/**
+ * A task that handles command invocations from `commandRunner`
+ * and includes a progress monitor.
+ *
+ *
+ * Arguments passed to the command handler are passed along,
+ * untouched to this `ProgressTask` instance.
+ *
+ * @param progress a progress handler function. Call this
+ * function with a `ProgressUpdate` instance in order to
+ * denote some progress being achieved on this task.
+ * @param token a cencellation token
+ * @param args arguments passed to this task passed on from
+ * `commands.registerCommand`.
+ */
+export type ProgressTask<R> = (
+  progress: ProgressCallback,
+  token: CancellationToken,
+  ...args: any[]
+) => Thenable<R>;
+
+/**
+ * A task that handles command invocations from `commandRunner`.
+ * Arguments passed to the command handler are passed along,
+ * untouched to this `NoProgressTask` instance.
+ *
+ * @param args arguments passed to this task passed on from
+ * `commands.registerCommand`.
+ */
+type NoProgressTask = ((...args: any[]) => Promise<any>);
+
+/**
+ * This mediates between the kind of progress callbacks we want to
+ * write (where we *set* current progress position and give
+ * `maxSteps`) and the kind vscode progress api expects us to write
+ * (which increment progress by a certain amount out of 100%).
+ *
+ * Where possible, the `commandRunner` function below should be used
+ * instead of this function. The commandRunner is meant for wrapping
+ * top-level commands and provides error handling and other support
+ * automatically.
+ *
+ * Only use this function if you need a progress monitor and the
+ * control flow does not always come from a command (eg- during
+ * extension activation, or from an internal language server
+ * request).
+ */
+export function withProgress<R>(
+  options: ProgressOptions,
+  task: ProgressTask<R>,
+  ...args: any[]
+): Thenable<R> {
+  let progressAchieved = 0;
+  return Window.withProgress(options,
+    (progress, token) => {
+      return task(p => {
+        const { message, step, maxStep } = p;
+        const increment = 100 * (step - progressAchieved) / maxStep;
+        progressAchieved = step;
+        progress.report({ message, increment });
+      }, token, ...args);
+    });
+}
+
+/**
+ * A generic wrapper for command registration. This wrapper adds uniform error handling for commands.
+ *
+ * In this variant of the command runner, no progress monitor is used.
+ *
+ * @param commandId The ID of the command to register.
+ * @param task The task to run. It is passed directly to `commands.registerCommand`. Any
+ * arguments to the command handler are passed on to the task.
+ */
+export function commandRunner(
+  commandId: string,
+  task: NoProgressTask,
+): Disposable {
+  return commands.registerCommand(commandId, async (...args: any[]) => {
+    const startTime = Date.now();
+    let error: Error | undefined;
+
+    try {
+      return await task(...args);
+    } catch (e) {
+      error = e;
+      const errorMessage = `${e.message || e} (${commandId})`;
+      if (e instanceof UserCancellationException) {
+        // User has cancelled this action manually
+        if (e.silent) {
+          void logger.log(errorMessage);
+        } else {
+          void showAndLogWarningMessage(errorMessage);
+        }
+      } else {
+        // Include the full stack in the error log only.
+        const fullMessage = e.stack
+          ? `${errorMessage}\n${e.stack}`
+          : errorMessage;
+        void showAndLogErrorMessage(errorMessage, {
+          fullMessage
+        });
+      }
+      return undefined;
+    } finally {
+      const executionTime = Date.now() - startTime;
+      telemetryListener.sendCommandUsage(commandId, executionTime, error);
+    }
+  });
+}
+
+/**
+ * A generic wrapper for command registration.  This wrapper adds uniform error handling,
+ * progress monitoring, and cancellation for commands.
+ *
+ * @param commandId The ID of the command to register.
+ * @param task The task to run. It is passed directly to `commands.registerCommand`. Any
+ * arguments to the command handler are passed on to the task after the progress callback
+ * and cancellation token.
+ * @param progressOptions Progress options to be sent to the progress monitor.
+ */
+export function commandRunnerWithProgress<R>(
+  commandId: string,
+  task: ProgressTask<R>,
+  progressOptions: Partial<ProgressOptions>
+): Disposable {
+  return commands.registerCommand(commandId, async (...args: any[]) => {
+    const startTime = Date.now();
+    let error: Error | undefined;
+    const progressOptionsWithDefaults = {
+      location: ProgressLocation.Notification,
+      ...progressOptions
+    };
+    try {
+      return await withProgress(progressOptionsWithDefaults, task, ...args);
+    } catch (e) {
+      error = e;
+      const errorMessage = `${e.message || e} (${commandId})`;
+      if (e instanceof UserCancellationException) {
+        // User has cancelled this action manually
+        if (e.silent) {
+          void logger.log(errorMessage);
+        } else {
+          void showAndLogWarningMessage(errorMessage);
+        }
+      } else {
+        // Include the full stack in the error log only.
+        const fullMessage = e.stack
+          ? `${errorMessage}\n${e.stack}`
+          : errorMessage;
+        void showAndLogErrorMessage(errorMessage, {
+          fullMessage
+        });
+      }
+      return undefined;
+    } finally {
+      const executionTime = Date.now() - startTime;
+      telemetryListener.sendCommandUsage(commandId, executionTime, error);
+    }
+  });
+}
+
+/**
+ * Displays a progress monitor that indicates how much progess has been made
+ * reading from a stream.
+ *
+ * @param readable The stream to read progress from
+ * @param messagePrefix A prefix for displaying the message
+ * @param totalNumBytes Total number of bytes in this stream
+ * @param progress The progress callback used to set messages
+ */
+export function reportStreamProgress(
+  readable: NodeJS.ReadableStream,
+  messagePrefix: string,
+  totalNumBytes?: number,
+  progress?: ProgressCallback
+) {
+  if (progress && totalNumBytes) {
+    let numBytesDownloaded = 0;
+    const bytesToDisplayMB = (numBytes: number): string => `${(numBytes / (1024 * 1024)).toFixed(1)} MB`;
+    const updateProgress = () => {
+      progress({
+        step: numBytesDownloaded,
+        maxStep: totalNumBytes,
+        message: `${messagePrefix} [${bytesToDisplayMB(numBytesDownloaded)} of ${bytesToDisplayMB(totalNumBytes)}]`,
+      });
+    };
+
+    // Display the progress straight away rather than waiting for the first chunk.
+    updateProgress();
+
+    readable.on('data', data => {
+      numBytesDownloaded += data.length;
+      updateProgress();
+    });
+  } else if (progress) {
+    progress({
+      step: 1,
+      maxStep: 2,
+      message: `${messagePrefix} (Size unknown)`,
+    });
+  }
+}

extensions/ql-vscode/src/compare/compare-interface.ts

@@ -0,0 +1,277 @@
+import { DisposableObject } from '../pure/disposable-object';
+import {
+  WebviewPanel,
+  ExtensionContext,
+  window as Window,
+  ViewColumn,
+  Uri,
+} from 'vscode';
+import * as path from 'path';
+
+import { tmpDir } from '../run-queries';
+import { CompletedQuery } from '../query-results';
+import {
+  FromCompareViewMessage,
+  ToCompareViewMessage,
+  QueryCompareResult,
+} from '../pure/interface-types';
+import { Logger } from '../logging';
+import { CodeQLCliServer } from '../cli';
+import { DatabaseManager } from '../databases';
+import { getHtmlForWebview, jumpToLocation } from '../interface-utils';
+import { transformBqrsResultSet, RawResultSet, BQRSInfo } from '../pure/bqrs-cli-types';
+import resultsDiff from './resultsDiff';
+
+interface ComparePair {
+  from: CompletedQuery;
+  to: CompletedQuery;
+}
+
+export class CompareInterfaceManager extends DisposableObject {
+  private comparePair: ComparePair | undefined;
+  private panel: WebviewPanel | undefined;
+  private panelLoaded = false;
+  private panelLoadedCallBacks: (() => void)[] = [];
+
+  constructor(
+    private ctx: ExtensionContext,
+    private databaseManager: DatabaseManager,
+    private cliServer: CodeQLCliServer,
+    private logger: Logger,
+    private showQueryResultsCallback: (
+      item: CompletedQuery
+    ) => Promise<void>
+  ) {
+    super();
+  }
+
+  async showResults(
+    from: CompletedQuery,
+    to: CompletedQuery,
+    selectedResultSetName?: string
+  ) {
+    this.comparePair = { from, to };
+    this.getPanel().reveal(undefined, true);
+
+    await this.waitForPanelLoaded();
+    const [
+      commonResultSetNames,
+      currentResultSetName,
+      fromResultSet,
+      toResultSet,
+    ] = await this.findCommonResultSetNames(
+      from,
+      to,
+      selectedResultSetName
+    );
+    if (currentResultSetName) {
+      let rows: QueryCompareResult | undefined;
+      let message: string | undefined;
+      try {
+        rows = this.compareResults(fromResultSet, toResultSet);
+      } catch (e) {
+        message = e.message;
+      }
+
+      await this.postMessage({
+        t: 'setComparisons',
+        stats: {
+          fromQuery: {
+            // since we split the description into several rows
+            // only run interpolation if the label is user-defined
+            // otherwise we will wind up with duplicated rows
+            name: from.options.label
+              ? from.interpolate(from.getLabel())
+              : from.queryName,
+            status: from.statusString,
+            time: from.time,
+          },
+          toQuery: {
+            name: to.options.label
+              ? to.interpolate(to.getLabel())
+              : to.queryName,
+            status: to.statusString,
+            time: to.time,
+          },
+        },
+        columns: fromResultSet.schema.columns,
+        commonResultSetNames,
+        currentResultSetName: currentResultSetName,
+        rows,
+        message,
+        datebaseUri: to.database.databaseUri,
+      });
+    }
+  }
+
+  getPanel(): WebviewPanel {
+    if (this.panel == undefined) {
+      const { ctx } = this;
+      const panel = (this.panel = Window.createWebviewPanel(
+        'compareView',
+        'Compare CodeQL Query Results',
+        { viewColumn: ViewColumn.Active, preserveFocus: true },
+        {
+          enableScripts: true,
+          enableFindWidget: true,
+          retainContextWhenHidden: true,
+          localResourceRoots: [
+            Uri.file(tmpDir.name),
+            Uri.file(path.join(this.ctx.extensionPath, 'out')),
+          ],
+        }
+      ));
+      this.panel.onDidDispose(
+        () => {
+          this.panel = undefined;
+          this.comparePair = undefined;
+        },
+        null,
+        ctx.subscriptions
+      );
+
+      const scriptPathOnDisk = Uri.file(
+        ctx.asAbsolutePath('out/compareView.js')
+      );
+
+      const stylesheetPathOnDisk = Uri.file(
+        ctx.asAbsolutePath('out/resultsView.css')
+      );
+
+      panel.webview.html = getHtmlForWebview(
+        panel.webview,
+        scriptPathOnDisk,
+        stylesheetPathOnDisk
+      );
+      panel.webview.onDidReceiveMessage(
+        async (e) => this.handleMsgFromView(e),
+        undefined,
+        ctx.subscriptions
+      );
+    }
+    return this.panel;
+  }
+
+  private waitForPanelLoaded(): Promise<void> {
+    return new Promise((resolve) => {
+      if (this.panelLoaded) {
+        resolve();
+      } else {
+        this.panelLoadedCallBacks.push(resolve);
+      }
+    });
+  }
+
+  private async handleMsgFromView(
+    msg: FromCompareViewMessage
+  ): Promise<void> {
+    switch (msg.t) {
+      case 'compareViewLoaded':
+        this.panelLoaded = true;
+        this.panelLoadedCallBacks.forEach((cb) => cb());
+        this.panelLoadedCallBacks = [];
+        break;
+
+      case 'changeCompare':
+        await this.changeTable(msg.newResultSetName);
+        break;
+
+      case 'viewSourceFile':
+        await jumpToLocation(msg, this.databaseManager, this.logger);
+        break;
+
+      case 'openQuery':
+        await this.openQuery(msg.kind);
+        break;
+    }
+  }
+
+  private postMessage(msg: ToCompareViewMessage): Thenable<boolean> {
+    return this.getPanel().webview.postMessage(msg);
+  }
+
+  private async findCommonResultSetNames(
+    from: CompletedQuery,
+    to: CompletedQuery,
+    selectedResultSetName: string | undefined
+  ): Promise<[string[], string, RawResultSet, RawResultSet]> {
+    const fromSchemas = await this.cliServer.bqrsInfo(
+      from.query.resultsPaths.resultsPath
+    );
+    const toSchemas = await this.cliServer.bqrsInfo(
+      to.query.resultsPaths.resultsPath
+    );
+    const fromSchemaNames = fromSchemas['result-sets'].map(
+      (schema) => schema.name
+    );
+    const toSchemaNames = toSchemas['result-sets'].map(
+      (schema) => schema.name
+    );
+    const commonResultSetNames = fromSchemaNames.filter((name) =>
+      toSchemaNames.includes(name)
+    );
+    const currentResultSetName =
+      selectedResultSetName || commonResultSetNames[0];
+    const fromResultSet = await this.getResultSet(
+      fromSchemas,
+      currentResultSetName,
+      from.query.resultsPaths.resultsPath
+    );
+    const toResultSet = await this.getResultSet(
+      toSchemas,
+      currentResultSetName,
+      to.query.resultsPaths.resultsPath
+    );
+    return [
+      commonResultSetNames,
+      currentResultSetName,
+      fromResultSet,
+      toResultSet,
+    ];
+  }
+
+  private async changeTable(newResultSetName: string) {
+    if (!this.comparePair?.from || !this.comparePair.to) {
+      return;
+    }
+    await this.showResults(
+      this.comparePair.from,
+      this.comparePair.to,
+      newResultSetName
+    );
+  }
+
+  private async getResultSet(
+    bqrsInfo: BQRSInfo,
+    resultSetName: string,
+    resultsPath: string
+  ): Promise<RawResultSet> {
+    const schema = bqrsInfo['result-sets'].find(
+      (schema) => schema.name === resultSetName
+    );
+    if (!schema) {
+      throw new Error(`Schema ${resultSetName} not found.`);
+    }
+    const chunk = await this.cliServer.bqrsDecode(
+      resultsPath,
+      resultSetName
+    );
+    return transformBqrsResultSet(schema, chunk);
+  }
+
+  private compareResults(
+    fromResults: RawResultSet,
+    toResults: RawResultSet
+  ): QueryCompareResult {
+    // Only compare columns that have the same name
+    return resultsDiff(fromResults, toResults);
+  }
+
+  private async openQuery(kind: 'from' | 'to') {
+    const toOpen =
+      kind === 'from' ? this.comparePair?.from : this.comparePair?.to;
+    if (toOpen) {
+      await this.showQueryResultsCallback(toOpen);
+    }
+  }
+}

extensions/ql-vscode/src/compare/resultsDiff.ts

@@ -0,0 +1,58 @@
+import { RawResultSet } from '../pure/bqrs-cli-types';
+import { QueryCompareResult } from '../pure/interface-types';
+
+/**
+ * Compare the rows of two queries. Use deep equality to determine if
+ * rows have been added or removed across two invocations of a query.
+ *
+ * Assumptions:
+ *
+ * 1. Queries have the same sort order
+ * 2. Queries have same number and order of columns
+ * 3. Rows are not changed or re-ordered, they are only added or removed
+ *
+ * @param fromResults the source query
+ * @param toResults the target query
+ *
+ * @throws Error when:
+ *  1. number of columns do not match
+ *  2. If either query is empty
+ *  3. If the queries are 100% disjoint
+ */
+export default function resultsDiff(
+  fromResults: RawResultSet,
+  toResults: RawResultSet
+): QueryCompareResult {
+
+  if (fromResults.schema.columns.length !== toResults.schema.columns.length) {
+    throw new Error('CodeQL Compare: Columns do not match.');
+  }
+
+  if (!fromResults.rows.length) {
+    throw new Error('CodeQL Compare: Source query has no results.');
+  }
+
+  if (!toResults.rows.length) {
+    throw new Error('CodeQL Compare: Target query has no results.');
+  }
+
+  const results = {
+    from: arrayDiff(fromResults.rows, toResults.rows),
+    to: arrayDiff(toResults.rows, fromResults.rows),
+  };
+
+  if (
+    fromResults.rows.length === results.from.length &&
+    toResults.rows.length === results.to.length
+  ) {
+    throw new Error('CodeQL Compare: No overlap between the selected queries.');
+  }
+
+  return results;
+}
+
+function arrayDiff<T>(source: readonly T[], toRemove: readonly T[]): T[] {
+  // Stringify the object so that we can compare hashes in the set
+  const rest = new Set(toRemove.map((item) => JSON.stringify(item)));
+  return source.filter((element) => !rest.has(JSON.stringify(element)));
+}

extensions/ql-vscode/src/compare/view/.eslintrc.js

@@ -0,0 +1,13 @@
+module.exports = {
+  env: {
+    browser: true
+  },
+  extends: [
+    "plugin:react/recommended"
+  ],
+  settings: {
+    react: {
+      version: 'detect'
+    }
+  }
+}

extensions/ql-vscode/src/compare/view/Compare.tsx

@@ -0,0 +1,84 @@
+import * as React from 'react';
+import { useState, useEffect } from 'react';
+import * as Rdom from 'react-dom';
+
+import {
+  ToCompareViewMessage,
+  SetComparisonsMessage,
+} from '../../pure/interface-types';
+import CompareSelector from './CompareSelector';
+import { vscode } from '../../view/vscode-api';
+import CompareTable from './CompareTable';
+
+const emptyComparison: SetComparisonsMessage = {
+  t: 'setComparisons',
+  stats: {},
+  rows: undefined,
+  columns: [],
+  commonResultSetNames: [],
+  currentResultSetName: '',
+  datebaseUri: '',
+  message: 'Empty comparison'
+};
+
+export function Compare(_: Record<string, never>): JSX.Element {
+  const [comparison, setComparison] = useState<SetComparisonsMessage>(
+    emptyComparison
+  );
+
+  const message = comparison.message || 'Empty comparison';
+  const hasRows = comparison.rows && (comparison.rows.to.length || comparison.rows.from.length);
+
+  useEffect(() => {
+    window.addEventListener('message', (evt: MessageEvent) => {
+      if (evt.origin === window.origin) {
+        const msg: ToCompareViewMessage = evt.data;
+        switch (msg.t) {
+          case 'setComparisons':
+            setComparison(msg);
+        }
+      } else {
+        // sanitize origin
+        const origin = evt.origin.replace(/\n|\r/g, '');
+        console.error(`Invalid event origin ${origin}`);
+      }
+    });
+  });
+  if (!comparison) {
+    return <div>Waiting for results to load.</div>;
+  }
+
+  try {
+    return (
+      <>
+        <div className="vscode-codeql__compare-header">
+          <div className="vscode-codeql__compare-header-item">
+            Table to compare:
+          </div>
+          <CompareSelector
+            availableResultSets={comparison.commonResultSetNames}
+            currentResultSetName={comparison.currentResultSetName}
+            updateResultSet={(newResultSetName: string) =>
+              vscode.postMessage({ t: 'changeCompare', newResultSetName })
+            }
+          />
+        </div>
+        {hasRows ? (
+          <CompareTable comparison={comparison}></CompareTable>
+        ) : (
+          <div className="vscode-codeql__compare-message">{message}</div>
+        )}
+      </>
+    );
+  } catch (err) {
+    console.error(err);
+    return <div>Error!</div>;
+  }
+}
+
+Rdom.render(
+  <Compare />,
+  document.getElementById('root'),
+  // Post a message to the extension when fully loaded.
+  () => vscode.postMessage({ t: 'compareViewLoaded' })
+);

extensions/ql-vscode/src/compare/view/CompareSelector.tsx

@@ -0,0 +1,22 @@
+import * as React from 'react';
+
+interface Props {
+  availableResultSets: string[];
+  currentResultSetName: string;
+  updateResultSet: (newResultSet: string) => void;
+}
+
+export default function CompareSelector(props: Props) {
+  return (
+    <select
+      value={props.currentResultSetName}
+      onChange={(e) => props.updateResultSet(e.target.value)}
+    >
+      {props.availableResultSets.map((resultSet) => (
+        <option key={resultSet} value={resultSet}>
+          {resultSet}
+        </option>
+      ))}
+    </select>
+  );
+}

extensions/ql-vscode/src/compare/view/CompareTable.tsx

@@ -0,0 +1,96 @@
+import * as React from 'react';
+
+import { SetComparisonsMessage } from '../../pure/interface-types';
+import RawTableHeader from '../../view/RawTableHeader';
+import { className } from '../../view/result-table-utils';
+import { ResultRow } from '../../pure/bqrs-cli-types';
+import RawTableRow from '../../view/RawTableRow';
+import { vscode } from '../../view/vscode-api';
+
+interface Props {
+  comparison: SetComparisonsMessage;
+}
+
+export default function CompareTable(props: Props) {
+  const comparison = props.comparison;
+  const rows = props.comparison.rows!;
+
+  async function openQuery(kind: 'from' | 'to') {
+    vscode.postMessage({
+      t: 'openQuery',
+      kind,
+    });
+  }
+
+  function createRows(rows: ResultRow[], databaseUri: string) {
+    return (
+      <tbody>
+        {rows.map((row, rowIndex) => (
+          <RawTableRow
+            key={rowIndex}
+            rowIndex={rowIndex}
+            row={row}
+            databaseUri={databaseUri}
+          />
+        ))}
+      </tbody>
+    );
+  }
+
+  return (
+    <table className='vscode-codeql__compare-body'>
+      <thead>
+        <tr>
+          <td>
+            <a
+              onClick={() => openQuery('from')}
+              className='vscode-codeql__compare-open'
+            >
+              {comparison.stats.fromQuery?.name}
+            </a>
+          </td>
+          <td>
+            <a
+              onClick={() => openQuery('to')}
+              className='vscode-codeql__compare-open'
+            >
+              {comparison.stats.toQuery?.name}
+            </a>
+          </td>
+        </tr>
+        <tr>
+          <td>{comparison.stats.fromQuery?.time}</td>
+          <td>{comparison.stats.toQuery?.time}</td>
+        </tr>
+        <tr>
+          <th>{rows.from.length} rows removed</th>
+          <th>{rows.to.length} rows added</th>
+        </tr>
+      </thead>
+      <tbody>
+        <tr>
+          <td>
+            <table className={className}>
+              <RawTableHeader
+                columns={comparison.columns}
+                schemaName={comparison.currentResultSetName}
+                preventSort={true}
+              />
+              {createRows(rows.from, comparison.datebaseUri)}
+            </table>
+          </td>
+          <td>
+            <table className={className}>
+              <RawTableHeader
+                columns={comparison.columns}
+                schemaName={comparison.currentResultSetName}
+                preventSort={true}
+              />
+              {createRows(rows.to, comparison.datebaseUri)}
+            </table>
+          </td>
+        </tr>
+      </tbody>
+    </table>
+  );
+}

extensions/ql-vscode/src/compare/view/tsconfig.json

@@ -0,0 +1,23 @@
+{
+  "compilerOptions": {
+    "module": "esnext",
+    "moduleResolution": "node",
+    "target": "es6",
+    "outDir": "out",
+    "lib": [
+      "es6",
+      "dom"
+    ],
+    "jsx": "react",
+    "sourceMap": true,
+    "rootDir": "..",
+    "strict": true,
+    "noUnusedLocals": true,
+    "noImplicitReturns": true,
+    "noFallthroughCasesInSwitch": true,
+    "experimentalDecorators": true
+  },
+  "exclude": [
+    "node_modules"
+  ]
+}

extensions/ql-vscode/src/config.ts

@@ -1,10 +1,10 @@
-import { DisposableObject } from 'semmle-vscode-utils';
-import { workspace, Event, EventEmitter, ConfigurationChangeEvent } from 'vscode';
+import { DisposableObject } from './pure/disposable-object';
+import { workspace, Event, EventEmitter, ConfigurationChangeEvent, ConfigurationTarget } from 'vscode';
 import { DistributionManager } from './distribution';
 import { logger } from './logging';
 
 /** Helper class to look up a labelled (and possibly nested) setting. */
-class Setting {
+export class Setting {
   name: string;
   parent?: Setting;
 
@@ -27,50 +27,104 @@ class Setting {
     }
     return workspace.getConfiguration(this.parent.qualifiedName).get<T>(this.name)!;
   }
+
+  updateValue<T>(value: T, target: ConfigurationTarget): Thenable<void> {
+    if (this.parent === undefined) {
+      throw new Error('Cannot update the value of a root setting.');
+    }
+    return workspace.getConfiguration(this.parent.qualifiedName).update(this.name, value, target);
+  }
+
 }
 
 const ROOT_SETTING = new Setting('codeQL');
 
-// Distribution configuration
+// Global configuration
+const TELEMETRY_SETTING = new Setting('telemetry', ROOT_SETTING);
+const AST_VIEWER_SETTING = new Setting('astViewer', ROOT_SETTING);
+const GLOBAL_TELEMETRY_SETTING = new Setting('telemetry');
 
+export const LOG_TELEMETRY = new Setting('logTelemetry', TELEMETRY_SETTING);
+export const ENABLE_TELEMETRY = new Setting('enableTelemetry', TELEMETRY_SETTING);
+
+export const GLOBAL_ENABLE_TELEMETRY = new Setting('enableTelemetry', GLOBAL_TELEMETRY_SETTING);
+
+// Distribution configuration
 const DISTRIBUTION_SETTING = new Setting('cli', ROOT_SETTING);
-const CUSTOM_CODEQL_PATH_SETTING = new Setting('executablePath', DISTRIBUTION_SETTING);
+export const CUSTOM_CODEQL_PATH_SETTING = new Setting('executablePath', DISTRIBUTION_SETTING);
 const INCLUDE_PRERELEASE_SETTING = new Setting('includePrerelease', DISTRIBUTION_SETTING);
 const PERSONAL_ACCESS_TOKEN_SETTING = new Setting('personalAccessToken', DISTRIBUTION_SETTING);
+const QUERY_HISTORY_SETTING = new Setting('queryHistory', ROOT_SETTING);
+const QUERY_HISTORY_FORMAT_SETTING = new Setting('format', QUERY_HISTORY_SETTING);
 
 /** When these settings change, the distribution should be updated. */
 const DISTRIBUTION_CHANGE_SETTINGS = [CUSTOM_CODEQL_PATH_SETTING, INCLUDE_PRERELEASE_SETTING, PERSONAL_ACCESS_TOKEN_SETTING];
 
 export interface DistributionConfig {
-  customCodeQlPath?: string;
+  readonly customCodeQlPath?: string;
+  updateCustomCodeQlPath: (newPath: string | undefined) => Promise<void>;
   includePrerelease: boolean;
   personalAccessToken?: string;
   ownerName?: string;
   repositoryName?: string;
-  onDidChangeDistributionConfiguration?: Event<void>;
+  onDidChangeConfiguration?: Event<void>;
 }
 
 // Query server configuration
 
 const RUNNING_QUERIES_SETTING = new Setting('runningQueries', ROOT_SETTING);
 const NUMBER_OF_THREADS_SETTING = new Setting('numberOfThreads', RUNNING_QUERIES_SETTING);
+const SAVE_CACHE_SETTING = new Setting('saveCache', RUNNING_QUERIES_SETTING);
+const CACHE_SIZE_SETTING = new Setting('cacheSize', RUNNING_QUERIES_SETTING);
 const TIMEOUT_SETTING = new Setting('timeout', RUNNING_QUERIES_SETTING);
 const MEMORY_SETTING = new Setting('memory', RUNNING_QUERIES_SETTING);
 const DEBUG_SETTING = new Setting('debug', RUNNING_QUERIES_SETTING);
+const MAX_PATHS = new Setting('maxPaths', RUNNING_QUERIES_SETTING);
+const RUNNING_TESTS_SETTING = new Setting('runningTests', ROOT_SETTING);
+const RESULTS_DISPLAY_SETTING = new Setting('resultsDisplay', ROOT_SETTING);
+
+export const ADDITIONAL_TEST_ARGUMENTS_SETTING = new Setting('additionalTestArguments', RUNNING_TESTS_SETTING);
+export const NUMBER_OF_TEST_THREADS_SETTING = new Setting('numberOfThreads', RUNNING_TESTS_SETTING);
+export const MAX_QUERIES = new Setting('maxQueries', RUNNING_QUERIES_SETTING);
+export const AUTOSAVE_SETTING = new Setting('autoSave', RUNNING_QUERIES_SETTING);
+export const PAGE_SIZE = new Setting('pageSize', RESULTS_DISPLAY_SETTING);
+const CUSTOM_LOG_DIRECTORY_SETTING = new Setting('customLogDirectory', RUNNING_QUERIES_SETTING);
 
 /** When these settings change, the running query server should be restarted. */
-const QUERY_SERVER_RESTARTING_SETTINGS = [NUMBER_OF_THREADS_SETTING, MEMORY_SETTING, DEBUG_SETTING];
+const QUERY_SERVER_RESTARTING_SETTINGS = [NUMBER_OF_THREADS_SETTING, SAVE_CACHE_SETTING, CACHE_SIZE_SETTING, MEMORY_SETTING, DEBUG_SETTING, CUSTOM_LOG_DIRECTORY_SETTING];
 
 export interface QueryServerConfig {
-  codeQlPath: string,
-  debug: boolean,
-  numThreads: number,
-  queryMemoryMb?: number,
-  timeoutSecs: number,
-  onDidChangeQueryServerConfiguration?: Event<void>;
+  codeQlPath: string;
+  debug: boolean;
+  numThreads: number;
+  saveCache: boolean;
+  cacheSize: number;
+  queryMemoryMb?: number;
+  timeoutSecs: number;
+  customLogDirectory?: string;
+  onDidChangeConfiguration?: Event<void>;
 }
 
-abstract class ConfigListener extends DisposableObject {
+/** When these settings change, the query history should be refreshed. */
+const QUERY_HISTORY_SETTINGS = [QUERY_HISTORY_FORMAT_SETTING];
+
+export interface QueryHistoryConfig {
+  format: string;
+  onDidChangeConfiguration: Event<void>;
+}
+
+const CLI_SETTINGS = [ADDITIONAL_TEST_ARGUMENTS_SETTING, NUMBER_OF_TEST_THREADS_SETTING, NUMBER_OF_THREADS_SETTING, MAX_PATHS];
+
+export interface CliConfig {
+  additionalTestArguments: string[];
+  numberTestThreads: number;
+  numberThreads: number;
+  maxPaths: number;
+  onDidChangeConfiguration?: Event<void>;
+}
+
+
+export abstract class ConfigListener extends DisposableObject {
   protected readonly _onDidChangeConfiguration = this.push(new EventEmitter<void>());
 
   constructor() {
@@ -95,13 +149,17 @@ abstract class ConfigListener extends DisposableObject {
 
   protected abstract handleDidChangeConfiguration(e: ConfigurationChangeEvent): void;
   private updateConfiguration(): void {
-    this._onDidChangeConfiguration.fire();
+    this._onDidChangeConfiguration.fire(undefined);
+  }
+
+  public get onDidChangeConfiguration(): Event<void> {
+    return this._onDidChangeConfiguration.event;
   }
 }
 
 export class DistributionConfigListener extends ConfigListener implements DistributionConfig {
   public get customCodeQlPath(): string | undefined {
-    return CUSTOM_CODEQL_PATH_SETTING.getValue() ? CUSTOM_CODEQL_PATH_SETTING.getValue() : undefined;
+    return CUSTOM_CODEQL_PATH_SETTING.getValue() || undefined;
   }
 
   public get includePrerelease(): boolean {
@@ -109,11 +167,11 @@ export class DistributionConfigListener extends ConfigListener implements Distri
   }
 
   public get personalAccessToken(): string | undefined {
-    return PERSONAL_ACCESS_TOKEN_SETTING.getValue() ? PERSONAL_ACCESS_TOKEN_SETTING.getValue() : undefined;
+    return PERSONAL_ACCESS_TOKEN_SETTING.getValue() || undefined;
   }
 
-  public get onDidChangeDistributionConfiguration(): Event<void> {
-    return this._onDidChangeConfiguration.event;
+  public async updateCustomCodeQlPath(newPath: string | undefined) {
+    await CUSTOM_CODEQL_PATH_SETTING.updateValue(newPath, ConfigurationTarget.Global);
   }
 
   protected handleDidChangeConfiguration(e: ConfigurationChangeEvent): void {
@@ -122,7 +180,7 @@ export class DistributionConfigListener extends ConfigListener implements Distri
 }
 
 export class QueryServerConfigListener extends ConfigListener implements QueryServerConfig {
-  private constructor(private _codeQlPath: string) {
+  public constructor(private _codeQlPath = '') {
     super();
   }
 
@@ -133,7 +191,7 @@ export class QueryServerConfigListener extends ConfigListener implements QuerySe
       config.push(distributionManager.onDidChangeDistribution(async () => {
         const codeQlPath = await distributionManager.getCodeQlPathWithoutVersionCheck();
         config._codeQlPath = codeQlPath!;
-        config._onDidChangeConfiguration.fire();
+        config._onDidChangeConfiguration.fire(undefined);
       }));
     }
     return config;
@@ -143,10 +201,22 @@ export class QueryServerConfigListener extends ConfigListener implements QuerySe
     return this._codeQlPath;
   }
 
+  public get customLogDirectory(): string | undefined {
+    return CUSTOM_LOG_DIRECTORY_SETTING.getValue<string>() || undefined;
+  }
+
   public get numThreads(): number {
     return NUMBER_OF_THREADS_SETTING.getValue<number>();
   }
 
+  public get saveCache(): boolean {
+    return SAVE_CACHE_SETTING.getValue<boolean>();
+  }
+
+  public get cacheSize(): number {
+    return CACHE_SIZE_SETTING.getValue<number | null>() || 0;
+  }
+
   /** Gets the configured query timeout, in seconds. This looks up the setting at the time of access. */
   public get timeoutSecs(): number {
     return TIMEOUT_SETTING.getValue<number | null>() || 0;
@@ -158,7 +228,7 @@ export class QueryServerConfigListener extends ConfigListener implements QuerySe
       return undefined;
     }
     if (memory == 0 || typeof (memory) !== 'number') {
-      logger.log(`Ignoring value '${memory}' for setting ${MEMORY_SETTING.qualifiedName}`);
+      void logger.log(`Ignoring value '${memory}' for setting ${MEMORY_SETTING.qualifiedName}`);
       return undefined;
     }
     return memory;
@@ -168,11 +238,94 @@ export class QueryServerConfigListener extends ConfigListener implements QuerySe
     return DEBUG_SETTING.getValue<boolean>();
   }
 
-  public get onDidChangeQueryServerConfiguration(): Event<void> {
-    return this._onDidChangeConfiguration.event;
-  }
-
   protected handleDidChangeConfiguration(e: ConfigurationChangeEvent): void {
     this.handleDidChangeConfigurationForRelevantSettings(QUERY_SERVER_RESTARTING_SETTINGS, e);
   }
 }
+
+export class QueryHistoryConfigListener extends ConfigListener implements QueryHistoryConfig {
+  protected handleDidChangeConfiguration(e: ConfigurationChangeEvent): void {
+    this.handleDidChangeConfigurationForRelevantSettings(QUERY_HISTORY_SETTINGS, e);
+  }
+
+  public get format(): string {
+    return QUERY_HISTORY_FORMAT_SETTING.getValue<string>();
+  }
+}
+
+export class CliConfigListener extends ConfigListener implements CliConfig {
+  public get additionalTestArguments(): string[] {
+    return ADDITIONAL_TEST_ARGUMENTS_SETTING.getValue();
+  }
+
+  public get numberTestThreads(): number {
+    return NUMBER_OF_TEST_THREADS_SETTING.getValue();
+  }
+
+  public get numberThreads(): number {
+    return NUMBER_OF_THREADS_SETTING.getValue<number>();
+  }
+
+  public get maxPaths(): number {
+    return MAX_PATHS.getValue<number>();
+  }
+
+  protected handleDidChangeConfiguration(e: ConfigurationChangeEvent): void {
+    this.handleDidChangeConfigurationForRelevantSettings(CLI_SETTINGS, e);
+  }
+}
+
+// Enable experimental features
+
+/**
+ * Any settings below are deliberately not in package.json so that
+ * they do not appear in the settings ui in vscode itself. If users
+ * want to enable experimental features, they can add them directly in
+ * their vscode settings json file.
+ */
+
+/**
+ * Enables canary features of this extension. Recommended for all internal users.
+ */
+export const CANARY_FEATURES = new Setting('canary', ROOT_SETTING);
+
+export function isCanary() {
+  return !!CANARY_FEATURES.getValue<boolean>();
+}
+
+/**
+ * Avoids caching in the AST viewer if the user is also a canary user.
+ */
+export const NO_CACHE_AST_VIEWER = new Setting('disableCache', AST_VIEWER_SETTING);
+
+// Settings for remote queries
+const REMOTE_QUERIES_SETTING = new Setting('remoteQueries', ROOT_SETTING);
+
+/**
+ * Lists of GitHub repositories that you want to query remotely via the "Run Remote query" command.
+ * Note: This command is only available for internal users.
+ * 
+ * This setting should be a JSON object where each key is a user-specified name (string),
+ * and the value is an array of GitHub repositories (of the form `<owner>/<repo>`).
+ */
+const REMOTE_REPO_LISTS = new Setting('repositoryLists', REMOTE_QUERIES_SETTING);
+
+export function getRemoteRepositoryLists(): Record<string, string[]> | undefined {
+  return REMOTE_REPO_LISTS.getValue<Record<string, string[]>>() || undefined;
+}
+
+/**
+ * The name of the "controller" repository that you want to use with the "Run Remote query" command.
+ * Note: This command is only available for internal users.
+ *
+ * This setting should be a GitHub repository of the form `<owner>/<repo>`.
+ */
+const REMOTE_CONTROLLER_REPO = new Setting('controllerRepo', REMOTE_QUERIES_SETTING);
+
+export function getRemoteControllerRepo(): string | undefined {
+  return REMOTE_CONTROLLER_REPO.getValue<string>() || undefined;
+}
+
+export async function setRemoteControllerRepo(repo: string | undefined) {
+  await REMOTE_CONTROLLER_REPO.updateValue(repo, ConfigurationTarget.Global);
+}

extensions/ql-vscode/src/contextual/astBuilder.ts

@@ -0,0 +1,147 @@
+import { QueryWithResults } from '../run-queries';
+import { CodeQLCliServer } from '../cli';
+import { DecodedBqrsChunk, BqrsId, EntityValue } from '../pure/bqrs-cli-types';
+import { DatabaseItem } from '../databases';
+import { ChildAstItem, AstItem } from '../astViewer';
+import fileRangeFromURI from './fileRangeFromURI';
+
+/**
+ * A class that wraps a tree of QL results from a query that
+ * has an @kind of graph
+ */
+export default class AstBuilder {
+
+  private roots: AstItem[] | undefined;
+  private bqrsPath: string;
+  constructor(
+    queryResults: QueryWithResults,
+    private cli: CodeQLCliServer,
+    public db: DatabaseItem,
+    public fileName: string
+  ) {
+    this.bqrsPath = queryResults.query.resultsPaths.resultsPath;
+  }
+
+  async getRoots(): Promise<AstItem[]> {
+    if (!this.roots) {
+      this.roots = await this.parseRoots();
+    }
+    return this.roots;
+  }
+
+  private async parseRoots(): Promise<AstItem[]> {
+    const options = { entities: ['id', 'url', 'string'] };
+    const [nodeTuples, edgeTuples, graphProperties] = await Promise.all([
+      await this.cli.bqrsDecode(this.bqrsPath, 'nodes', options),
+      await this.cli.bqrsDecode(this.bqrsPath, 'edges', options),
+      await this.cli.bqrsDecode(this.bqrsPath, 'graphProperties', options),
+    ]);
+
+    if (!this.isValidGraph(graphProperties)) {
+      throw new Error('AST is invalid');
+    }
+
+    const idToItem = new Map<BqrsId, AstItem>();
+    const parentToChildren = new Map<BqrsId, BqrsId[]>();
+    const childToParent = new Map<BqrsId, BqrsId>();
+    const astOrder = new Map<BqrsId, number>();
+    const edgeLabels = new Map<BqrsId, string>();
+    const roots = [];
+
+    // Build up the parent-child relationships
+    edgeTuples.tuples.forEach(tuple => {
+      const [source, target, tupleType, value] = tuple as [EntityValue, EntityValue, string, string];
+      const sourceId = source.id!;
+      const targetId = target.id!;
+
+      switch (tupleType) {
+        case 'semmle.order':
+          astOrder.set(targetId, Number(value));
+          break;
+
+        case 'semmle.label': {
+          childToParent.set(targetId, sourceId);
+          let children = parentToChildren.get(sourceId);
+          if (!children) {
+            parentToChildren.set(sourceId, children = []);
+          }
+          children.push(targetId);
+
+          // ignore values that indicate a numeric order.
+          if (!Number.isFinite(Number(value))) {
+            edgeLabels.set(targetId, value);
+          }
+          break;
+        }
+
+        default:
+        // ignore other tupleTypes since they are not needed by the ast viewer
+      }
+    });
+
+    // populate parents and children
+    nodeTuples.tuples.forEach(tuple => {
+      const [entity, tupleType, value] = tuple as [EntityValue, string, string];
+      const id = entity.id!;
+
+      switch (tupleType) {
+        case 'semmle.order':
+          astOrder.set(id, Number(value));
+          break;
+
+        case 'semmle.label': {
+          // If an edge label exists, include it and separate from the node label using ':'
+          const nodeLabel = value ?? entity.label;
+          const edgeLabel = edgeLabels.get(id);
+          const label = [edgeLabel, nodeLabel].filter(e => e).join(': ');
+          const item = {
+            id,
+            label,
+            location: entity.url,
+            fileLocation: fileRangeFromURI(entity.url, this.db),
+            children: [] as ChildAstItem[],
+            order: Number.MAX_SAFE_INTEGER
+          };
+
+          idToItem.set(id, item);
+          const parent = idToItem.get(childToParent.has(id) ? childToParent.get(id)! : -1);
+
+          if (parent) {
+            const astItem = item as ChildAstItem;
+            astItem.parent = parent;
+            parent.children.push(astItem);
+          }
+          const children = parentToChildren.has(id) ? parentToChildren.get(id)! : [];
+          children.forEach(childId => {
+            const child = idToItem.get(childId) as ChildAstItem | undefined;
+            if (child) {
+              child.parent = item;
+              item.children.push(child);
+            }
+          });
+          break;
+        }
+
+        default:
+        // ignore other tupleTypes since they are not needed by the ast viewer
+      }
+    });
+
+    // find the roots and add the order
+    for (const [, item] of idToItem) {
+      item.order = astOrder.has(item.id)
+        ? astOrder.get(item.id)!
+        : Number.MAX_SAFE_INTEGER;
+
+      if (!('parent' in item)) {
+        roots.push(item);
+      }
+    }
+    return roots;
+  }
+
+  private isValidGraph(graphProperties: DecodedBqrsChunk) {
+    const tuple = graphProperties?.tuples?.find(t => t[0] === 'semmle.graphKind');
+    return tuple?.[1] === 'tree';
+  }
+}