You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/codeql/codeql-overview/codeql-tools.rst
+9-10Lines changed: 9 additions & 10 deletions
Original file line number
Diff line number
Diff line change
@@ -5,17 +5,16 @@
5
5
CodeQL tools
6
6
============
7
7
8
-
GitHub provides the CodeQL command-line interface and CodeQL for Visual Studio
9
-
Code for performing CodeQL analysis on open source codebases.
8
+
GitHub provides the CodeQL command-line interface and CodeQL for Visual Studio Code for performing CodeQL analysis on open source codebases. For information on the use cases for each tool, see ":ref:`Running CodeQL queries <running-codeql-queries>`."
10
9
11
10
CodeQL command-line interface
12
11
-----------------------------
13
12
14
-
The CodeQL command-line interface (CLI) is primarily used to create databases for
15
-
security research. You can also query CodeQL databases directly from the command line
13
+
The CodeQL command-line interface (CLI) is primarily used to create databases for
14
+
security research. You can also query CodeQL databases directly from the command line
16
15
or using the Visual Studio Code extension.
17
-
The CodeQL CLI can be downloaded from `GitHub releases <https://github.com/github/codeql-cli-binaries/releases>`__.
18
-
For more information, see "`CodeQL CLI <https://docs.github.com/en/code-security/codeql-cli>`__" and the `CLI changelog <https://github.com/github/codeql-cli-binaries/blob/main/CHANGELOG.md>`__.
16
+
The CodeQL CLI can be downloaded from "`GitHub releases <https://github.com/github/codeql-cli-binaries/releases>`__."
17
+
For more information, see "`CodeQL CLI <https://docs.github.com/en/code-security/codeql-cli>`__" and the ":ref:`Change log <codeql-changes>`."
For more information, see "`About CodeQL packs <https://docs.github.com/en/code-security/codeql-cli/codeql-cli-reference/about-codeql-packs>`__."
43
44
44
45
CodeQL bundle
45
46
-----------------------------
46
47
47
-
The CodeQL bundle consists of the CodeQL CLI together with the standard CodeQL query and library packs
48
-
maintained by GitHub. The bundle can be downloaded from `GitHub releases <https://github.com/github/codeql-action/releases>`__.
49
-
Use this when running `code scanning with CodeQL <https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql>`__ on GitHub Actions or in another CI system.
48
+
The CodeQL bundle consists of the CodeQL CLI together with the standard CodeQL query and library packs maintained by GitHub. The bundle is used by the CodeQL action in GitHub to generate code scanning results. If you use an external CI system, you can download the bundle from `GitHub releases <https://github.com/github/codeql-action/releases>`__, generate code scanning results, and upload them to GitHub.
50
49
51
50
CodeQL for Visual Studio Code
52
51
-----------------------------
53
52
54
53
You can analyze CodeQL databases in Visual Studio Code using the CodeQL
55
54
extension, which provides an enhanced environment for writing and running custom
56
55
queries and viewing the results. For more information, see "`CodeQL
57
-
for Visual Studio Code <https://docs.github.com/en/code-security/codeql-for-vs-code/>`__."
56
+
for Visual Studio Code <https://docs.github.com/en/code-security/codeql-for-vs-code/>`__."
Copy file name to clipboardExpand all lines: docs/codeql/writing-codeql-queries/index.rst
+3Lines changed: 3 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -9,8 +9,11 @@ Get to know more about queries and learn some key query-writing skills by solvin
9
9
10
10
- :ref:`QL tutorials <ql-tutorials>`: Solve puzzles to learn the basics of QL before you analyze code with CodeQL. The tutorials teach you how to write queries and introduce you to key logic concepts along the way.
11
11
12
+
- :ref:`Running CodeQL queries <running-codeql-queries>`: Guide to running queries as you try out the tutorials and start to develop your own queries.
There are several options available for running one or more CodeQL queries on a codebase. The best option depends on what your aims are.
9
+
10
+
Work through a CodeQL tutorial
11
+
------------------------------
12
+
13
+
If you're working through a CodeQL tutorial, the CodeQL extension for Visual Studio Code makes it easy to run the queries in the tutorial. Unless you want to run the query on a specific code base, it's easiest to run queries on one of the many CodeQL databases that are available on GitHub. To get started, see "`Installing CodeQL for Visual Studio Code <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/installing-codeql-for-vs-code>`__".
14
+
15
+
Develop a new CodeQL query
16
+
--------------------------
17
+
18
+
If you're developing a new query, the CodeQL extension for Visual Studio Code makes it easy to run a query and compare the results with previous runs as you refine the query. The extension also provides autocomplete suggestions, syntax highlighting, and other features that make it easier to write and debug queries. To get started, see "`Installing CodeQL for Visual Studio Code <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/installing-codeql-for-vs-code>`__".
19
+
20
+
When you're ready to test the query on a wide range of codebases, you can choose from the pre-defined sets of CodeQL databases or define a custom group of codebases to run the query against. For more information, see "`Running CodeQL queries at scale with multi-repository variant analysis <https://docs.github.com/en/code-security/codeql-for-vs-code/getting-started-with-codeql-for-vs-code/running-codeql-queries-at-scale-with-multi-repository-variant-analysis>`__".
21
+
22
+
Run your query against a specific codebase
23
+
-------------------------------------------
24
+
25
+
If the codebase that you want to run your query against doesn't have a CodeQL database, you can create one using the CodeQL CLI. For more information, see "`Setting up the CodeQL CLI <https://docs.github.com/en/code-security/codeql-cli/getting-started-with-the-codeql-cli/setting-up-the-codeql-cli>`__" and "`Preparing your code for CodeQL analysis <https://docs.github.com/en/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis>`__".
26
+
27
+
Once you have created a CodeQL database, you can make the database available to the CodeQL extension in Visual Studio Code, or run the query using the CodeQL CLI. For more information, see "`Analyzing your code with CodeQL queries <https://docs.github.com/en/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries>`__".
28
+
29
+
Run the standard CodeQL queries
30
+
-------------------------------
31
+
32
+
The easiest way to run the standard CodeQL queries on a repository hosted on the GitHub platform is to enable code scanning with CodeQL (this requires GitHub Actions to be enabled). When you enable default setup, you can choose from a default set of security queries or an extended set of security queries. Any results are shown as code scanning alerts on the **Security** tab of the repository. For more information, see "`Configuring default setup for code scanning <https://docs.github.com/en/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning>`__".
33
+
34
+
If you want to run the standard CodeQL queries on a repository that is not hosted on the GitHub platform, or where GitHub Actions are disabled, you can use the CodeQL CLI. For more information, see "`About the CodeQL CLI <https://docs.github.com/en/code-security/codeql-cli/getting-started-with-the-codeql-cli/about-the-codeql-cli>`__".
0 commit comments