6e4124115f
After some testing of the wizard with a single rooted workspace
(`github/code-scanning`) we discovered a general VSCode extension
bug whereby after we download a database, we don't select it.
This isn't an issue in the wizard, but it does affect us as it means
we'll generate the QL pack, download the db for you but then you won't
know that we haven't selected your database.
So let's make sure our flow works for this case by explicitly selecting
the database once it's downloaded.
We've noticed by testing that we need to set the current database item
before we call `addDatabaseSourceArchiveFolder()`. Once that method is
called, the call to `setCurrentDatabaseItem()` is ignored.
We've had to make some changes to the openDatabase() method to select
a database item by default, since most places where we call `openDatabase()`
also immediately select the item.
There is one exception [1] in the test-runner.ts file, where we set the
current database item under special conditions.
For this reason, we've made the behaviour configurable and tried to add
some descriptive naming to the params so that it's easy to understand
what the config is doing.
[1]: 4170e7f7a7/extensions/ql-vscode/src/test-runner.ts (L120-L124)
CodeQL for Visual Studio Code
This project is an extension for Visual Studio Code that adds rich language support for CodeQL. It's used to find problems in code bases using CodeQL. It's written primarily in TypeScript.
The extension is released. You can download it from the Visual Studio Marketplace.
To see what has changed in the last few versions of the extension, see the Changelog.
Features
- Enables you to use CodeQL to query databases and discover problems in codebases.
- Shows the flow of data through the results of path queries, which is essential for triaging security results.
- Provides an easy way to run queries from the large, open source repository of CodeQL security queries.
- Adds IntelliSense to support you writing and editing your own CodeQL query and library files.
- Supports you running CodeQL queries against thousands of repositories on GitHub using multi-repository variant analysis.
Project goals and scope
This project will track new feature development in CodeQL and, whenever appropriate, bring that functionality to the Visual Studio Code experience.
Dependencies
This extension depends on the following two extensions for required functionality. They will be installed automatically when you install VS Code CodeQL.
Contributing
This project welcomes contributions. See CONTRIBUTING.md for details on how to build, install, and contribute.
License
The CodeQL extension for Visual Studio Code is licensed under the MIT License. The version of CodeQL used by the CodeQL extension is subject to the CodeQL Research Terms & Conditions.
When using the GitHub logos, be sure to follow the GitHub logo guidelines.