From 5f1e62aefe2f5f06f64f4def058e4b4ad856b877 Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Tue, 3 Sep 2024 11:16:57 +0100 Subject: [PATCH 1/9] Update landing page to focus on language --- docs/codeql/index.html | 182 +++++++++++++++++++---------------------- 1 file changed, 86 insertions(+), 96 deletions(-) diff --git a/docs/codeql/index.html b/docs/codeql/index.html index 0d3ff357b4b5..fff024c8d84e 100644 --- a/docs/codeql/index.html +++ b/docs/codeql/index.html @@ -35,13 +35,6 @@ @@ -70,32 +68,30 @@

CodeQL documentation

-

Discover vulnerabilities across a codebase with CodeQL, our industry-leading semantic code - analysis - engine. CodeQL lets you query code as though it were data. Write a query to find all variants of a +

CodeQL enables you to query code as though it were data. Write a query to find all variants of a vulnerability, eradicating it forever. Then share your query to help others do the same.

-

- BACKGROUND INFORMATION -

+

+ CODEQL RELEASE INFORMATION +

-
- -
About CodeQL
- -
Learn more about how CodeQL works...
-
Supported languages and frameworks
View the languages, libraries, and frameworks supported in the - latest version of CodeQL...
+ latest release of CodeQL...
+
+
+ +
Change logs
+ +
Read about the improvements to the queries, libraries, and tooling in each release...
@@ -105,90 +101,83 @@

latest version of CodeQL...

- -
Academic publications
+ +
CodeQL cverage of CWEs
 -
Read academic articles published by the team behind CodeQL... -
+
Detailed information on the coverage of Common Weakness Enumerations (CWEs) in the latest release...
-
-

- CODEQL TOOLS -

+

+ LEARN TO WRITE CODEQL +

-
-
- -
CodeQL CLI
- -
The CodeQL command-line interface (CLI) is used - to create - databases for security research....
-
-
- -
CodeQL for Visual Studio Code
- -
CodeQL for Visual Studio Code adds rich language - support for CodeQL...
-
-
- -
Code scanning with CodeQL
- -
Use code scanning with CodeQL to analyze the code in a GitHub - repository to find - security - vulnerabilities...
-
- +
+ +
About CodeQL
+ +
Learn what CodeQL is and how it works...
+
+
+ +
Writing CodeQL queries
+ +
Get to know more about queries and learn some key + query-writing skills by solving puzzles...
+
+
+ +
CodeQL language guides
+ +
Experiment and learn how to write effective and efficient + queries for CodeQL databases generated from the languages supported in CodeQL + analysis...
+
+
+ +
Running CodeQL queries
+ +
Learn about the options available for running CodeQL queries on one or multiple codebases...
- - - - -
-
-

- CODEQL GUIDES -

+

+ CODEQL RESOURCES +

-
-
- -
Writing CodeQL queries
- -
Get to know more about queries and learn some key - query-writing skills by solving puzzles.....
-
-
- -
CodeQL language guides
- -
Experiment and learn how to write effective and efficient - queries for CodeQL databases generated from the languages supported in CodeQL - analysis...
+
+ +
CodeQL CLI releases
+ +
Download the latest version of the CodeQL CLI...
+
+
+ +
CodeQL extension for Visual Studio Code
+ +
Download the extension from the Visual Studio Code Marketplace...
+
+
+ +
CodeQL repository
+ +
Contribute to the source code of the libraries and queries for CodeQL...
-

+

CODEQL REFERENCE DOCS -

+
@@ -213,10 +202,8 @@

View the query help for the queries included in the code scanning query suites...

-
-
@@ -234,7 +221,7 @@

-

Product

+

Product

-

Platform

+

Platform

-

Support

+

Support

-

Company

+

Company
From f44905324eb43bd1e632ad42ff4ed260e63ef7b0 Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Tue, 3 Sep 2024 12:55:56 +0100 Subject: [PATCH 2/9] Add article on running queries --- docs/codeql/codeql-overview/codeql-tools.rst | 19 +++++------ docs/codeql/writing-codeql-queries/index.rst | 3 ++ .../running-codeql-queries.rst | 34 +++++++++++++++++++ 3 files changed, 46 insertions(+), 10 deletions(-) create mode 100644 docs/codeql/writing-codeql-queries/running-codeql-queries.rst diff --git a/docs/codeql/codeql-overview/codeql-tools.rst b/docs/codeql/codeql-overview/codeql-tools.rst index d58730e47024..f3d37880ab65 100644 --- a/docs/codeql/codeql-overview/codeql-tools.rst +++ b/docs/codeql/codeql-overview/codeql-tools.rst @@ -5,17 +5,16 @@ CodeQL tools ============ -GitHub provides the CodeQL command-line interface and CodeQL for Visual Studio -Code for performing CodeQL analysis on open source codebases. +GitHub provides the CodeQL command-line interface and CodeQL for Visual Studio Code for performing CodeQL analysis on open source codebases. For information on the use cases for each tool, see ":ref:`Running CodeQL queries `." CodeQL command-line interface ----------------------------- -The CodeQL command-line interface (CLI) is primarily used to create databases for -security research. You can also query CodeQL databases directly from the command line +The CodeQL command-line interface (CLI) is primarily used to create databases for +security research. You can also query CodeQL databases directly from the command line or using the Visual Studio Code extension. -The CodeQL CLI can be downloaded from `GitHub releases `__. -For more information, see "`CodeQL CLI `__" and the `CLI changelog `__. +The CodeQL CLI can be downloaded from "`GitHub releases `__." +For more information, see "`CodeQL CLI `__" and the ":ref:`Change log `." CodeQL packs ----------------------------- @@ -38,15 +37,15 @@ maintained by GitHub are: - ``codeql/python-all`` (`changelog `__, `source `__) - ``codeql/ruby-queries`` (`changelog `__, `source `__) - ``codeql/ruby-all`` (`changelog `__, `source `__) +- ``codeql/swift-queries`` (`changelog `__, `source `__) +- ``codeql/swift-all`` (`changelog `__, `source `__) For more information, see "`About CodeQL packs `__." CodeQL bundle ----------------------------- -The CodeQL bundle consists of the CodeQL CLI together with the standard CodeQL query and library packs -maintained by GitHub. The bundle can be downloaded from `GitHub releases `__. -Use this when running `code scanning with CodeQL `__ on GitHub Actions or in another CI system. +The CodeQL bundle consists of the CodeQL CLI together with the standard CodeQL query and library packs maintained by GitHub. The bundle is used by the CodeQL action in GitHub to generate code scanning results. If you use an external CI system, you can download the bundle from `GitHub releases `__, generate code scanning results, and upload them to GitHub. CodeQL for Visual Studio Code ----------------------------- @@ -54,4 +53,4 @@ CodeQL for Visual Studio Code You can analyze CodeQL databases in Visual Studio Code using the CodeQL extension, which provides an enhanced environment for writing and running custom queries and viewing the results. For more information, see "`CodeQL -for Visual Studio Code `__." \ No newline at end of file +for Visual Studio Code `__." diff --git a/docs/codeql/writing-codeql-queries/index.rst b/docs/codeql/writing-codeql-queries/index.rst index 0459156a49ba..1c4920830347 100644 --- a/docs/codeql/writing-codeql-queries/index.rst +++ b/docs/codeql/writing-codeql-queries/index.rst @@ -9,8 +9,11 @@ Get to know more about queries and learn some key query-writing skills by solvin - :ref:`QL tutorials `: Solve puzzles to learn the basics of QL before you analyze code with CodeQL. The tutorials teach you how to write queries and introduce you to key logic concepts along the way. +- :ref:`Running CodeQL queries `: Guide to running queries as you try out the tutorials and start to develop your own queries. + .. toctree:: :hidden: codeql-queries ql-tutorials + running-codeql-queries diff --git a/docs/codeql/writing-codeql-queries/running-codeql-queries.rst b/docs/codeql/writing-codeql-queries/running-codeql-queries.rst new file mode 100644 index 000000000000..4d4a255a2cc2 --- /dev/null +++ b/docs/codeql/writing-codeql-queries/running-codeql-queries.rst @@ -0,0 +1,34 @@ +:tocdepth: 1 + +.. _running-codeql-queries: + +Running CodeQL queries +====================== + +There are several options available for running one or more CodeQL queries on a codebase. The best option depends on what your aims are. + +Work through a CodeQL tutorial +------------------------------ + +If you're working through a CodeQL tutorial, the CodeQL extension for Visual Studio Code makes it easy to run the queries in the tutorial. Unless you want to run the query on a specific code base, it's easiest to run queries on one of the many CodeQL databases that are available on GitHub. To get started, see "`Installing CodeQL for Visual Studio Code `__". + +Develop a new CodeQL query +-------------------------- + +If you're developing a new query, the CodeQL extension for Visual Studio Code makes it easy to run a query and compare the results with previous runs as you refine the query. The extension also provides autocomplete suggestions, syntax highlighting, and other features that make it easier to write and debug queries. To get started, see "`Installing CodeQL for Visual Studio Code `__". + +When you're ready to test the query on a wide range of codebases, you can choose from the pre-defined sets of CodeQL databases or define a custom group of codebases to run the query against. For more information, see "`Running CodeQL queries at scale with multi-repository variant analysis `__". + +Run your query against a specific codebase +------------------------------------------- + +If the codebase that you want to run your query against doesn't have a CodeQL database, you can create one using the CodeQL CLI. For more information, see "`Setting up the CodeQL CLI `__" and "`Preparing your code for CodeQL analysis `__". + +Once you have created a CodeQL database, you can make the database available to the CodeQL extension in Visual Studio Code, or run the query using the CodeQL CLI. For more information, see "`Analyzing your code with CodeQL queries `__". + +Run the standard CodeQL queries +------------------------------- + +The easiest way to run the standard CodeQL queries on a repository hosted on the GitHub platform is to enable code scanning with CodeQL (this requires GitHub Actions to be enabled). When you enable default setup, you can choose from a default set of security queries or an extended set of security queries. Any results are shown as code scanning alerts on the **Security** tab of the repository. For more information, see "`Configuring default setup for code scanning `__". + +If you want to run the standard CodeQL queries on a repository that is not hosted on the GitHub platform, or where GitHub Actions are disabled, you can use the CodeQL CLI. For more information, see "`About the CodeQL CLI `__". From 44ca530087fcf83eff13cbc8c7afedce666584d6 Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Tue, 3 Sep 2024 12:59:29 +0100 Subject: [PATCH 3/9] Update template to match changes to landing page --- docs/codeql/_templates/layout.html | 33 ++++++++++++++---------------- 1 file changed, 15 insertions(+), 18 deletions(-) diff --git a/docs/codeql/_templates/layout.html b/docs/codeql/_templates/layout.html index df9c9a51f267..779c99cfe9f5 100644 --- a/docs/codeql/_templates/layout.html +++ b/docs/codeql/_templates/layout.html @@ -1,7 +1,7 @@ {# Override alabaster/layout.html template to customize the template used to generate the CodeQL documentation. - + The classes used in this template are provided by the GitHub Primer https://primer.style/css/. The CSS for the primer can be found at https://unpkg.com/@primer/css/dist/primer.css @@ -59,37 +59,34 @@ CodeQL resources
- @@ -165,12 +162,12 @@
    -
  • © +
  • © GitHub, Inc.
  • Terms
    • -
  • Privacy
From 68cbe35d960125ebabafa3b456969656a3d5a528 Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Tue, 3 Sep 2024 13:08:07 +0100 Subject: [PATCH 4/9] Fix a bad link --- docs/codeql/writing-codeql-queries/running-codeql-queries.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/codeql/writing-codeql-queries/running-codeql-queries.rst b/docs/codeql/writing-codeql-queries/running-codeql-queries.rst index 4d4a255a2cc2..0fc967c184c0 100644 --- a/docs/codeql/writing-codeql-queries/running-codeql-queries.rst +++ b/docs/codeql/writing-codeql-queries/running-codeql-queries.rst @@ -31,4 +31,4 @@ Run the standard CodeQL queries The easiest way to run the standard CodeQL queries on a repository hosted on the GitHub platform is to enable code scanning with CodeQL (this requires GitHub Actions to be enabled). When you enable default setup, you can choose from a default set of security queries or an extended set of security queries. Any results are shown as code scanning alerts on the **Security** tab of the repository. For more information, see "`Configuring default setup for code scanning `__". -If you want to run the standard CodeQL queries on a repository that is not hosted on the GitHub platform, or where GitHub Actions are disabled, you can use the CodeQL CLI. For more information, see "`About the CodeQL CLI `__". +If you want to run the standard CodeQL queries on a repository where GitHub Actions are disabled, you can use the CodeQL CLI in your existing CI system. For more information, see "`Using code scanning with your existing CI system `__". From e58bb88ee82958160a49e0f3f190b2de5cd5e882 Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Wed, 4 Sep 2024 15:17:35 +0100 Subject: [PATCH 5/9] Make more security researcher focused --- .../codeql-language-guides/codeql-for-cpp.rst | 4 ++ .../codeql-language-guides/codeql-for-go.rst | 4 +- .../codeql-for-java.rst | 4 +- .../codeql-for-javascript.rst | 2 + docs/codeql/codeql-overview/about-codeql.rst | 45 ++++++++++++------- 5 files changed, 41 insertions(+), 18 deletions(-) diff --git a/docs/codeql/codeql-language-guides/codeql-for-cpp.rst b/docs/codeql/codeql-language-guides/codeql-for-cpp.rst index 40d7fba1993f..00727647545e 100644 --- a/docs/codeql/codeql-language-guides/codeql-for-cpp.rst +++ b/docs/codeql/codeql-language-guides/codeql-for-cpp.rst @@ -28,6 +28,10 @@ Experiment and learn how to write effective and efficient queries for CodeQL dat - :doc:`CodeQL library for C and C++ `: When analyzing C or C++ code, you can use the large collection of classes in the CodeQL library for C and C++. +- `CodeQL CTF: U-Boot Challenge `__: Follow the steps that members of GitHub Security Lab went through to find 13 CWE vulnerabilities in U-Boot. + +- `CodeQL CTF: SEGV Hunt `__: Follow the steps that members of GitHub Security Lab went through to find unsafe uses of ``alloca`` in the GNU C Library (glibc). + - :doc:`Functions in C and C++ `: You can use CodeQL to explore functions in C and C++ code. - :doc:`Expressions, types, and statements in C and C++ `: You can use CodeQL to explore expressions, types, and statements in C and C++ code to find, for example, incorrect assignments. diff --git a/docs/codeql/codeql-language-guides/codeql-for-go.rst b/docs/codeql/codeql-language-guides/codeql-for-go.rst index 0eaefbb59226..360ff6bb82f2 100644 --- a/docs/codeql/codeql-language-guides/codeql-for-go.rst +++ b/docs/codeql/codeql-language-guides/codeql-for-go.rst @@ -17,7 +17,9 @@ Experiment and learn how to write effective and efficient queries for CodeQL dat - :doc:`CodeQL library for Go `: When you're analyzing a Go program, you can make use of the large collection of classes in the CodeQL library for Go. +- `CodeQL CTF: Go and don't return `__: Follow the steps that members of GitHub Security Lab went through to find a high severity vulnerability in MinIO, an Amazon S3-compatible object store. + - :doc:`Abstract syntax tree classes for working with Go programs `: CodeQL has a large selection of classes for representing the abstract syntax tree of Go programs. -- :doc:`Modeling data flow in Go libraries `: When analyzing a Go program, CodeQL does not examine the source code for external packages. +- :doc:`Modeling data flow in Go libraries `: When analyzing a Go program, CodeQL does not examine the source code for external packages. To track the flow of untrusted data through a library, you can create a model of the library. diff --git a/docs/codeql/codeql-language-guides/codeql-for-java.rst b/docs/codeql/codeql-language-guides/codeql-for-java.rst index f2bf306519b8..4efcc4d6789b 100644 --- a/docs/codeql/codeql-language-guides/codeql-for-java.rst +++ b/docs/codeql/codeql-language-guides/codeql-for-java.rst @@ -28,7 +28,9 @@ Experiment and learn how to write effective and efficient queries for CodeQL dat - :doc:`CodeQL library for Java and Kotlin `: When analyzing Java/Kotlin code, you can use the large collection of classes in the CodeQL library for Java/Kotlin. -- :doc:`Analyzing data flow in Java and Kotlin `: You can use CodeQL to track the flow of data through a Java/Kotlin program to its use. +- :doc:`Analyzing data flow in Java and Kotlin `: You can use CodeQL to track the flow of data through a Java/Kotlin program to its use. + +- `CodeQL CTF: CodeQL and Chill `__: Follow the steps that members of GitHub Security Lab went through to track the flow of tainted data from user-controlled bean properties to custom error messages, and identify the known injection vulnerabilities. - :doc:`Java and Kotlin types `: You can use CodeQL to find out information about data types used in Java/Kotlin code. This allows you to write queries to identify specific type-related issues. diff --git a/docs/codeql/codeql-language-guides/codeql-for-javascript.rst b/docs/codeql/codeql-language-guides/codeql-for-javascript.rst index 9c4073bce1bc..35df0b91752b 100644 --- a/docs/codeql/codeql-language-guides/codeql-for-javascript.rst +++ b/docs/codeql/codeql-language-guides/codeql-for-javascript.rst @@ -25,6 +25,8 @@ Experiment and learn how to write effective and efficient queries for CodeQL dat - :doc:`CodeQL library for TypeScript `: When you're analyzing a TypeScript program, you can make use of the large collection of classes in the CodeQL library for TypeScript. +- `CodeQL CTF: XSS-unsafe jQuery plugins `__: Follow the steps that members of GitHub Security Lab went through to find cross-site scripting vulnerabilities in Bootstrap's jQuery plugins. + - :doc:`Analyzing data flow in JavaScript and TypeScript `: This topic describes how data flow analysis is implemented in the CodeQL libraries for JavaScript/TypeScript and includes examples to help you write your own data flow queries. - :doc:`Using flow labels for precise data flow analysis `: You can associate flow labels with each value tracked by the flow analysis to determine whether the flow contains potential vulnerabilities. diff --git a/docs/codeql/codeql-overview/about-codeql.rst b/docs/codeql/codeql-overview/about-codeql.rst index eccc81c8754a..94b90fc7635b 100644 --- a/docs/codeql/codeql-overview/about-codeql.rst +++ b/docs/codeql/codeql-overview/about-codeql.rst @@ -5,15 +5,26 @@ About CodeQL ============ -CodeQL is the analysis engine used by developers to automate security checks, and by -security researchers to perform variant analysis. +CodeQL is a language and toolchain for code analysis. It is designed to allow security researchers to scale their knowledge of a single vulnerability to identify variants of that vulnerability across a wide range of codebases. It is also designed to allow developers to automate security checks and integrate them into their development workflows. -In CodeQL, code is treated like data. Security vulnerabilities, bugs, -and other errors are modeled as queries that can be executed against databases -extracted from code. You can run the standard CodeQL queries, written by GitHub -researchers and community contributors, or write your own to use in custom -analyses. Queries that find potential bugs highlight the result directly in the -source file. +Resources for learning CodeQL +----------------------------- + +- **CodeQL docs site:** contains information on the CodeQL language and libraries, with tutorials and guides to help you learn how to write your own queries. + + - :doc:`CodeQL queries <../writing-codeql-queries/codeql-queries>`: A general, language-neutral overview of the key components of a query. + + - :doc:`QL tutorials <../writing-codeql-queries/ql-tutorials>`: Solve puzzles to learn the basics of QL before you analyze code with CodeQL. The tutorials teach you how to write queries and introduce you to key logic concepts along the way. + + - :doc:`CodeQL language guides <../codeql-language-guides/index>`: Guides to the CodeQL libraries for each language, including the classes and predicates that are available for use in queries, with worked examples. + +- **GitHub Security Lab:** is GitHub's own security research team. They've created a range of resources to help you learn how to use CodeQL to find security vulnerabilities in real-world codebases. + + - `Secure code game `__: A series of interactive sessions that guide you from finding insecure code patterns manually, through to using CodeQL to find insecure code patterns automatically. + + - `Security Lab CTF `__: A series of Capture the Flag (CTF) challenges that are designed to help you learn how to use CodeQL to find security vulnerabilities in real-world codebases. + + - `Security Lab blog `__: A series of blog posts that describe how CodeQL is used by security researchers to find security vulnerabilities in real-world codebases. About variant analysis ---------------------- @@ -39,11 +50,13 @@ CodeQL analysis consists of three steps: #. Running CodeQL queries against the database #. Interpreting the query results +For information on the CodeQL toolchain and on running CodeQL to analyze a codebase, see the `CodeQL CLI `__, `CodeQL for Visual Studio Code `__, and `About code scanning with CodeQL `__ in GitHub docs. + Database creation ~~~~~~~~~~~~~~~~~ To create a database, CodeQL first extracts a single relational representation -of each source file in the codebase. +of each source file in the codebase. For compiled languages, extraction works by monitoring the normal build process. Each time a compiler is invoked to process a source file, a copy of that file is @@ -52,7 +65,7 @@ syntactic data about the abstract syntax tree and semantic data about name binding and type information. For interpreted languages, the extractor runs directly on the source code, -resolving dependencies to give an accurate representation of the codebase. +resolving dependencies to give an accurate representation of the codebase. There is one :ref:`extractor ` for each language supported by CodeQL to ensure that the extraction process is as accurate as possible. For @@ -72,7 +85,7 @@ against it. CodeQL queries are written in a specially-designed object-oriented query language called QL. You can run the queries checked out from the CodeQL repo (or custom queries that you've written yourself) using the `CodeQL for VS Code extension `__ or the `CodeQL CLI -`__. For more information about queries, see ":ref:`About CodeQL queries `." +`__. For more information about queries, see ":ref:`About CodeQL queries `." .. _interpret-query-results: @@ -95,7 +108,7 @@ code. Following interpretation, results are output for code review and triaging. In CodeQL for Visual Studio Code, interpreted query results are automatically displayed in the source code. Results generated by the CodeQL CLI can be output -into a number of different formats for use with different tools. +into a number of different formats for use with different tools. About CodeQL databases @@ -104,7 +117,7 @@ About CodeQL databases CodeQL databases contain queryable data extracted from a codebase, for a single language at a particular point in time. The database contains a full, hierarchical representation of the code, including a representation of the -abstract syntax tree, the data flow graph, and the control flow graph. +abstract syntax tree, the data flow graph, and the control flow graph. Each language has its own unique database schema that defines the relations used to create a database. The schema provides an interface between the initial @@ -114,13 +127,13 @@ every language construct. For each language, the CodeQL libraries define classes to provide a layer of abstraction over the database tables. This provides an object-oriented view of -the data which makes it easier to write queries. +the data which makes it easier to write queries. For example, in a CodeQL database for a Java program, two key tables are: - The ``expressions`` table containing a row for every single expression in the - source code that was analyzed during the build process. -- The ``statements`` table containing a row for every single statement in the + source code that was analyzed during the build process. +- The ``statements`` table containing a row for every single statement in the source code that was analyzed during the build process. The CodeQL library defines classes to provide a layer of abstraction over each From 4cdef853d22d66171d30e13f7e72fcca3859107f Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Wed, 4 Sep 2024 15:42:18 +0100 Subject: [PATCH 6/9] Add metadata to two key topics to help with SEO --- docs/codeql/codeql-overview/about-codeql.rst | 4 ++++ docs/codeql/writing-codeql-queries/running-codeql-queries.rst | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/docs/codeql/codeql-overview/about-codeql.rst b/docs/codeql/codeql-overview/about-codeql.rst index 94b90fc7635b..aa2d4a8ac69f 100644 --- a/docs/codeql/codeql-overview/about-codeql.rst +++ b/docs/codeql/codeql-overview/about-codeql.rst @@ -2,6 +2,10 @@ .. _about-codeql: +.. meta:: + :description: Introduction to CodeQL, a language and toolchain for code analysis. + :keywords: CodeQL, code analysis, CodeQL analysis, security vulnerabilities, variant analysis, resources, tutorials, interactive training, GitHub Security Lab, security researchers, CodeQL databases + About CodeQL ============ diff --git a/docs/codeql/writing-codeql-queries/running-codeql-queries.rst b/docs/codeql/writing-codeql-queries/running-codeql-queries.rst index 0fc967c184c0..8b2ec83fa3b5 100644 --- a/docs/codeql/writing-codeql-queries/running-codeql-queries.rst +++ b/docs/codeql/writing-codeql-queries/running-codeql-queries.rst @@ -2,6 +2,10 @@ .. _running-codeql-queries: +.. meta:: + :description: Overview of how to run CodeQL queries locally, in GitHub, or in your CI system. + :keywords: CodeQL, code analysis, CodeQL analysis, code scanning, GitHub code scanning, writing a new query, testing a new query, code scanning alerts + Running CodeQL queries ====================== From 529bee4d73922adf389cc8c180300e3e5a766369 Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Wed, 4 Sep 2024 15:57:01 +0100 Subject: [PATCH 7/9] Add link to MRVA --- docs/codeql/codeql-overview/about-codeql.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/codeql/codeql-overview/about-codeql.rst b/docs/codeql/codeql-overview/about-codeql.rst index aa2d4a8ac69f..93a18ab6fabf 100644 --- a/docs/codeql/codeql-overview/about-codeql.rst +++ b/docs/codeql/codeql-overview/about-codeql.rst @@ -45,6 +45,8 @@ queries. Then, develop or iterate over the query to automatically find logical variants of the same bug that could be missed using traditional manual techniques. +When you have a query that finds variants of a vulnerability, you can use multi-repository variant analysis to run that query across a large number of codebases, and identify all of the places where that vulnerability exists. For more information, see `Running CodeQL queries at scale with multi-repository variant analysis `__ in the GitHub docs. + CodeQL analysis --------------- From 967367bba6073654fad121e039f7e98937ba7d1e Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Fri, 6 Sep 2024 12:30:18 +0100 Subject: [PATCH 8/9] Apply suggestions from code review Co-authored-by: Joe Clark <31087804+jc-clark@users.noreply.github.com> --- docs/codeql/writing-codeql-queries/running-codeql-queries.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/codeql/writing-codeql-queries/running-codeql-queries.rst b/docs/codeql/writing-codeql-queries/running-codeql-queries.rst index 0fc967c184c0..2342c4781382 100644 --- a/docs/codeql/writing-codeql-queries/running-codeql-queries.rst +++ b/docs/codeql/writing-codeql-queries/running-codeql-queries.rst @@ -10,12 +10,12 @@ There are several options available for running one or more CodeQL queries on a Work through a CodeQL tutorial ------------------------------ -If you're working through a CodeQL tutorial, the CodeQL extension for Visual Studio Code makes it easy to run the queries in the tutorial. Unless you want to run the query on a specific code base, it's easiest to run queries on one of the many CodeQL databases that are available on GitHub. To get started, see "`Installing CodeQL for Visual Studio Code `__". +If you're working through a CodeQL tutorial, the CodeQL extension for Visual Studio Code allows you to run the queries in the tutorial. Unless you want to run the query on a specific code base, it's easiest to run queries on one of the many CodeQL databases that are available on GitHub. To get started, see "`Installing CodeQL for Visual Studio Code `__". Develop a new CodeQL query -------------------------- -If you're developing a new query, the CodeQL extension for Visual Studio Code makes it easy to run a query and compare the results with previous runs as you refine the query. The extension also provides autocomplete suggestions, syntax highlighting, and other features that make it easier to write and debug queries. To get started, see "`Installing CodeQL for Visual Studio Code `__". +If you're developing a new query, the CodeQL extension for Visual Studio Code allows you to run a query and compare the results with previous runs as you refine the query. The extension also provides autocomplete suggestions, syntax highlighting, and other features that make it easier to write and debug queries. To get started, see "`Installing CodeQL for Visual Studio Code `__". When you're ready to test the query on a wide range of codebases, you can choose from the pre-defined sets of CodeQL databases or define a custom group of codebases to run the query against. For more information, see "`Running CodeQL queries at scale with multi-repository variant analysis `__". From 7d49624e1cb2652843dde8480a0851b157c6765b Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Tue, 17 Sep 2024 11:09:48 +0100 Subject: [PATCH 9/9] Update docs/codeql/codeql-overview/about-codeql.rst Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com> --- docs/codeql/codeql-overview/about-codeql.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/codeql/codeql-overview/about-codeql.rst b/docs/codeql/codeql-overview/about-codeql.rst index 93a18ab6fabf..7e93eeb87317 100644 --- a/docs/codeql/codeql-overview/about-codeql.rst +++ b/docs/codeql/codeql-overview/about-codeql.rst @@ -56,7 +56,7 @@ CodeQL analysis consists of three steps: #. Running CodeQL queries against the database #. Interpreting the query results -For information on the CodeQL toolchain and on running CodeQL to analyze a codebase, see the `CodeQL CLI `__, `CodeQL for Visual Studio Code `__, and `About code scanning with CodeQL `__ in GitHub docs. +For information on the CodeQL toolchain and on running CodeQL to analyze a codebase, see the `CodeQL CLI `__, `CodeQL for Visual Studio Code `__, and `About code scanning with CodeQL `__ in the GitHub docs. Database creation ~~~~~~~~~~~~~~~~~