eaa26e5ef7
This commit adds the AST Viewer for viewing the QL AST of a file in a database. The different components are as follows: 1. There is a new view `codeQLAstViewer`, which displays the AST 2. This view is backed by the `AstViewerDataProvider` and `AstViewer` classes in astView.ts 3. To generate an AST, we use contextual queries, similar to how Find references/declarations are implemented. In particular, in `definitions.ts` there is `TemplatePrintAstProvider` which provides an AST for a given source buffer. - Similar to the other queries, we first determine which database the buffer belongs to. - Based on that, we generate a synthetic qlpack and run the templatized `printAst.ql` query - We plug in the archive-relative path name of the source file. - After the query is run, we wrap the results in an `AstBuilder` instance. - When requested, the `AstBuilder` will generate the full AST of the file from the BQRS results. - The AST roots (all top-level elements, functions, variable declarations, etc, are roots) are passed to the `AstViewer` instance, which handles the display lifecycle and other VS Code-specific functions. There are a few unrelated pieces here, which can be pulled out to another PR if required: - The `codeQLQueryHistory` view now has a _welcome_ message to make it more obvious to users how to start. - `definitions.ts` is moved to the `contextual` subfolder. - `fileRangeFromURI` is extracted from `definitions.ts` to its own file so it can be reused. Also, note that this relies on https://github.com/github/codeql/pull/3931 for the C/C++ query to be available in the QL sources. Other languages will need similar queries.
CodeQL for Visual Studio Code
This project is an extension for Visual Studio Code that adds rich language support for CodeQL. It's used to find problems in code bases using CodeQL. It's written primarily in TypeScript.
The extension is released. You can download it from the Visual Studio Marketplace.
To see what has changed in the last few versions of the extension, see the Changelog.
Features
- Enables you to use CodeQL to query databases and discover problems in codebases.
- Shows the flow of data through the results of path queries, which is essential for triaging security results.
- Provides an easy way to run queries from the large, open source repository of CodeQL security queries.
- Adds IntelliSense to support you writing and editing your own CodeQL query and library files.
Project goals and scope
This project will track new feature development in CodeQL and, whenever appropriate, bring that functionality to the Visual Studio Code experience.
Contributing
This project welcomes contributions. See CONTRIBUTING.md for details on how to build, install, and contribute.
License
The CodeQL extension for Visual Studio Code is licensed under the MIT License. The version of CodeQL used by the CodeQL extension is subject to the CodeQL Research Terms & Conditions.
When using the GitHub logos, be sure to follow the GitHub logo guidelines.