c0187a5650
This adds a new filtering on SARIF code snippets for very large code snippets (defined as 8MB or more). If less than 1% of such a snippet is highlighted, it will not include the code snippet in the analysed results, and it will thus not be shown in the UI. This is to avoid very large SARIF files that can cause the extension host to crash when the analysis results are send to the UI. I don't think any of these snippets would ever be useful to show, so it should be fine to just not include them.
CodeQL for Visual Studio Code
This project is an extension for Visual Studio Code that adds rich language support for CodeQL. It's used to find problems in code bases using CodeQL. It's written primarily in TypeScript.
The extension is released. You can download it from the Visual Studio Marketplace.
To see what has changed in the last few versions of the extension, see the Changelog.
Features
- Enables you to use CodeQL to query databases and discover problems in codebases.
- Shows the flow of data through the results of path queries, which is essential for triaging security results.
- Provides an easy way to run queries from the large, open source repository of CodeQL security queries.
- Adds IntelliSense to support you writing and editing your own CodeQL query and library files.
Project goals and scope
This project will track new feature development in CodeQL and, whenever appropriate, bring that functionality to the Visual Studio Code experience.
Contributing
This project welcomes contributions. See CONTRIBUTING.md for details on how to build, install, and contribute.
License
The CodeQL extension for Visual Studio Code is licensed under the MIT License. The version of CodeQL used by the CodeQL extension is subject to the CodeQL Research Terms & Conditions.
When using the GitHub logos, be sure to follow the GitHub logo guidelines.