feat: Update default query suite to "default" and enhance logging for CodeQL commands

GeekMasher · GeekMasher · commit c00922019eb4 · 2025-06-26T12:29:04.000+01:00
diff --git a/src/providers/uiProvider.ts b/src/providers/uiProvider.ts
@@ -183,7 +183,7 @@ export class UiProvider implements vscode.WebviewViewProvider {
       githubOwner: config.get<string>("github.owner", ""),
       githubRepo: config.get<string>("github.repo", ""),
       githubLanguages: config.get<string[]>("github.languages", []),
-      suites: config.get<string[]>("suites", ["code-scanning"]),
+      suites: config.get<string[]>("suites", ["default"]),
       languages: languages,
       codeqlPath: config.get<string>("codeqlPath", "codeql"),
       threatModel: threatModel,
@@ -1911,8 +1911,8 @@ export class UiProvider implements vscode.WebviewViewProvider {
             <label for="suites">Query Suite:</label>
             <div id="suitesContainer">
                 <div class="suite-radio">
-                    <input type="radio" id="suite-code-scanning" name="suite" value="code-scanning">
-                    <label for="suite-code-scanning">
+                    <input type="radio" id="suite-default" name="suite" value="default">
+                    <label for="suite-default">
                         <span class="suite-name">Default</span>
                         <span class="suite-description">Basic code scanning queries for CI/CD</span>
                     </label>
@@ -2010,16 +2010,16 @@ export class UiProvider implements vscode.WebviewViewProvider {
 
         function getSelectedSuite() {
             const selectedRadio = document.querySelector('input[name="suite"]:checked');
-            return selectedRadio ? selectedRadio.value : 'code-scanning';
+            return selectedRadio ? selectedRadio.value : 'default';
         }
 
         function setSelectedSuite(suite) {
             const radioButton = document.querySelector('input[name="suite"][value="' + suite + '"]');
             if (radioButton) {
                 radioButton.checked = true;
             } else {
-                // Default to code-scanning if suite not found
-                const defaultRadio = document.querySelector('input[name="suite"][value="code-scanning"]');
+                // Default to default if suite not found
+                const defaultRadio = document.querySelector('input[name="suite"][value="default"]');
                 if (defaultRadio) defaultRadio.checked = true;
             }
 
@@ -2371,8 +2371,8 @@ export class UiProvider implements vscode.WebviewViewProvider {
                     const config = message.config;
                     console.log('Configuration loaded:', config);
                     
-                    // Set selected suite (take first suite if multiple, default to code-scanning)
-                    const selectedSuite = config.suites && config.suites.length > 0 ? config.suites[0] : 'code-scanning';
+                    // Set selected suite (take first suite if multiple, default to default)
+                    const selectedSuite = config.suites && config.suites.length > 0 ? config.suites[0] : 'default';
                     setSelectedSuite(selectedSuite);
                     
                     // Set selected threat model (default to Remote)
@@ -2568,7 +2568,7 @@ export class UiProvider implements vscode.WebviewViewProvider {
         setTimeout(() => {
             // Ensure a suite is always selected
             if (!document.querySelector('input[name="suite"]:checked')) {
-                const defaultSuite = document.querySelector('input[name="suite"][value="code-scanning"]');
+                const defaultSuite = document.querySelector('input[name="suite"][value="default"]');
                 if (defaultSuite) defaultSuite.checked = true;
             }
             
diff --git a/src/services/codeqlService.ts b/src/services/codeqlService.ts
@@ -836,14 +836,11 @@ export class CodeQLService {
     var command = `${codeqlPath} database create --overwrite --language ${language} -s "${source}"`;
     // Add BMN
     if (language === "cpp" || language === "csharp" || language === "java") {
-        command += ` --build-mode=none`;
+      command += ` --build-mode=none`;
     }
-    command += ` "${databasePath}"`
+    command += ` "${databasePath}"`;
 
-    this.logger.info(
-      "CodeQLService",
-      `CodeQL Create Command: ${command}`
-    )
+    this.logger.info("CodeQLService", `CodeQL Create Command: ${command}`);
 
     try {
       progress.report({ message: `Creating ${language} database...` });
@@ -877,7 +874,7 @@ export class CodeQLService {
   ): Promise<any> {
     const config = vscode.workspace.getConfiguration("codeql-scanner");
     const codeqlPath = config.get<string>("codeqlPath", "codeql");
-    const suite = config.get<string>("suite", "code-scanning");
+    const suites = config.get<Array<string>>("suites", ["default"]);
     const threatModel = config
       .get<string>("threatModel", "Remote")
       .toLowerCase();
@@ -889,7 +886,20 @@ export class CodeQLService {
     );
 
     // Build the query suite argument
-    var queries = `codeql/${language}-queries`;
+    // var queries = `codeql/${language}-queries`;
+    var queries = this.findQueryPack(language);
+    this.logger.info(
+      "CodeQLService",
+      `Using query pack: ${queries} for language: ${language}`
+    );
+    if (!queries) {
+      throw new Error(
+        `No query pack found for language: ${language}. Please ensure the pack is installed.`
+      );
+    }
+
+    const suite = suites[0];
+    this.logger.info("CodeQLService", `Using suite: ${suite} for analysis`);
     if (
       suite === "code-scanning" ||
       suite === "security-extended" ||
@@ -904,6 +914,8 @@ export class CodeQLService {
     }
     command += ` "${databasePath}" "${queries}"`;
 
+    this.logger.info("CodeQLService", `CodeQL Analyze Command: ${command}`);
+
     try {
       progress.report({ message: "Running CodeQL analysis..." });
 
@@ -924,6 +936,35 @@ export class CodeQLService {
     }
   }
 
+  private findQueryPack(language: string): string | undefined {
+    const codeqlDir = this.getCodeQLDirectory();
+    const queryPackPath = path.join(codeqlDir, "packages");
+
+    // List all directories in the packages folder
+    if (!fs.existsSync(queryPackPath)) {
+      this.logger.warn(
+        "CodeQLService",
+        `Query pack directory does not exist: ${queryPackPath}`
+      );
+      return undefined;
+    }
+
+    const orgDirs = fs.readdirSync(queryPackPath, { withFileTypes: true });
+    for (const orgDir of orgDirs) {
+      const orgPath = path.join(queryPackPath, orgDir.name);
+      // codeql
+      if (!orgDir.isDirectory()) {
+        continue;
+      }
+
+      for (const packDir of fs.readdirSync(orgPath, { withFileTypes: true })) {
+        if (packDir.isDirectory() && packDir.name === `${language}-queries`) {
+          return `${orgDir.name}/${packDir.name}`;
+        }
+      }
+    }
+  }
+
   private parseSARIFResults(
     sarif: any,
     workspaceFolder: string,
