Update CodeQL tool scripts to work with latest version (2.19.4). Old scripts don't work anymore with this version.

Author: davewichers

scripts/runCodeQL.sh

@@ -3,13 +3,13 @@
 # Prerequisites:
 # 1) Install codeql in a tools/ directory that is a peer to the folder containing BenchmarkJava. For example, if you have a git/ folder, which contains BenchmarkJava, BenchmarkUtils, etc., then the tools/ folder would be at the same level as the git/ folder.  i.e., relative to BenchmarkJava, it is at ../../tools/code-ql-home.
 # 2) Then the owasp-benchmark database has to be initialized by running this:
-# ../../tools/codeql-home/codeql/codeql database create owasp-benchmark --language=java
+# ../tools/codeql-home/codeql/codeql database create owasp-benchmark --language=java
 
 # Mac Users: "If you are using macOS on Apple Silicon (for example, Apple M1), ensure that the Xcode command-line developer tools and Rosetta 2 are installed."
 ## For Xcode command line, run: xcode-select -p 1>/dev/null;echo $?   - If this returns 0, its installed, if 2, its not installed.
 ## For Rosetta 2, run: lsbom -f /Library/Apple/System/Library/Receipts/com.apple.pkg.RosettaUpdateAuto.bom - And if it returns a list of files, it's installed.
 
 # This then runs the codeql scan:
 benchmark_version=$(scripts/getBenchmarkVersion.sh)
-../../tools/codeql-home/codeql/codeql database analyze owasp-benchmark java-code-scanning.qls --format=sarifv2.1.0 --output=results/Benchmark_$benchmark_version-codeql_java-code-scanning_qls.sarif
+../tools/codeql-home/codeql/codeql database analyze owasp-benchmark codeql/java-queries --format=sarifv2.1.0 --output=results/Benchmark_$benchmark_version-codeql_java-queries.sarif
 

scripts/runCodeQLFull.sh

@@ -1,3 +1,11 @@
-#a This translates the current app, and builds up the rules databases. This only has to be run once after each code change.
-../../tools/codeql-home/codeql/codeql database create owasp-benchmark --language=java --overwrite
+# First, you have to get the platform binaries from: https://github.com/github/codeql-cli-binaries/releases
+# And then install them in a tools directory, that is a peer to your HOME_FOLDER. HOME_FOLDER should contain BenchmarkJava, BenchmarkUtils, etc.
+# The unzipped codeql-binaries codeql/ folder should be put in tools/codeql-home/
+# NOTE: This tool requires Java 11+
+
+# You have to download the rulepacks now. This does this.
+../tools/codeql-home/codeql/codeql pack download codeql/java-queries
+
+# This translates the current app, and builds up the rules databases. This only has to be run once after each code change.
+../tools/codeql-home/codeql/codeql database create owasp-benchmark --language=java --overwrite --command="mvn clean package"