You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/codeql/writing-codeql-queries/introduction-to-ql.rst
+67-15Lines changed: 67 additions & 15 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -17,17 +17,20 @@ QL also supports recursion and aggregates. This allows you to write complex recu
17
17
Running a query
18
18
---------------
19
19
20
-
You can try out the following examples and exercises using :ref:`CodeQL for VS Code <codeql-for-visual-studio-code>`, or you can run them in the `query console on LGTM.com <https://lgtm.com/query>`__. Before you can run a query on LGTM.com, you need to select a language and project to query (for these logic examples, any language and project will do).
20
+
You can try out the following examples and exercises using :ref:`CodeQL for VS Code <codeql-for-visual-studio-code>`, or you can run them in GitHub Codespaces using the `CodeQL template <https://github.com/codespaces/new?template_repository=github/codeql-codespaces-template>`__. To access the template, click on the link then click **Use this template**. This will open a GitHub Codespaces environment that is preconfigured to run CodeQL queries.
21
21
22
-
Once you have selected a language, the query console is populated with the query:
22
+
Once you open the GitHub Codespaces template, follow the instructions in the ReadMe to take a code tour and learn how to run queries in the workspace.
23
+
24
+
The first query in the `tutorial.ql` file is populated with the query:
23
25
24
26
.. code-block:: ql
25
27
26
-
import <language>
28
+
import tutorial
27
29
28
-
select "hello world"
30
+
from Person p
31
+
select p
29
32
30
-
This query returns the string ``"hello world"``.
33
+
This query returns .
31
34
32
35
More complicated queries typically look like this:
33
36
@@ -57,7 +60,7 @@ Exercise 1
57
60
58
61
Write a query which returns the length of the string ``"lgtm"``. (Hint: `here <https://codeql.github.com/docs/ql-language-reference/ql-language-specification/#built-ins-for-string>`__ is the list of the functions that can be applied to strings.)
59
62
60
-
➤ `See answer in the query console on LGTM.com <https://lgtm.com/query/2103060623/>`__
63
+
➤ `Check your answer <#exercise-1>`__
61
64
62
65
There is often more than one way to define a query. For example, we can also write the above query in the shorter form:
63
66
@@ -70,21 +73,21 @@ Exercise 2
70
73
71
74
Write a query which returns the sine of the minimum of ``3^5`` (``3`` raised to the power ``5``) and ``245.6``.
72
75
73
-
➤ `See answer in the query console on LGTM.com <https://lgtm.com/query/2093780343/>`__
76
+
➤ `Check your answer <#exercise-2>`__
74
77
75
78
Exercise 3
76
79
~~~~~~~~~~
77
80
78
81
Write a query which returns the opposite of the boolean ``false``.
79
82
80
-
➤ `See answer in the query console on LGTM.com <https://lgtm.com/query/2093780344/>`__
83
+
➤ `Check your answer <#exercise-3>`__
81
84
82
85
Exercise 4
83
86
~~~~~~~~~~
84
87
85
88
Write a query which computes the number of days between June 10 and September 28, 2017.
86
89
87
-
➤ `See answer in the query console on LGTM.com <https://lgtm.com/query/2100260596/>`__
90
+
➤ `Check your answer <#exercise-4>`__
88
91
89
92
Example query with multiple results
90
93
-----------------------------------
@@ -98,7 +101,7 @@ The exercises above all show queries with exactly one result, but in fact many q
98
101
x*x + y*y = z*z
99
102
select x, y, z
100
103
101
-
➤ `See this in the query console on LGTM.com <https://lgtm.com/query/2100790036/>`__
To simplify the query, we can introduce a class ``SmallInt`` representing the integers between 1 and 10. We can also define a predicate ``square()`` on integers in that class. Defining classes and predicates in this way makes it easy to reuse code without having to repeat it every time.
104
107
@@ -113,7 +116,7 @@ To simplify the query, we can introduce a class ``SmallInt`` representing the in
113
116
where x.square() + y.square() = z.square()
114
117
select x, y, z
115
118
116
-
➤ `See this in the query console on LGTM.com <https://lgtm.com/query/2101340747/>`__
@@ -134,7 +137,9 @@ To import the CodeQL library for a specific programming language, type ``import
134
137
where count(f.getAnArg()) > 7
135
138
select f
136
139
137
-
➤ `See this in the query console on LGTM.com <https://lgtm.com/query/2096810474/>`__. The ``from`` clause defines a variable ``f`` representing a Python function. The ``where`` part limits the functions ``f`` to those with more than 7 arguments. Finally, the ``select`` clause lists these functions.
140
+
➤ The ``from`` clause defines a variable ``f`` representing a Python function. The ``where`` part limits the functions ``f`` to those with more than 7 arguments. Finally, the ``select`` clause lists these functions.
@@ -144,7 +149,9 @@ To import the CodeQL library for a specific programming language, type ``import
144
149
where c.getText().regexpMatch("(?si).*\\bTODO\\b.*")
145
150
select c
146
151
147
-
➤ `See this in the query console on LGTM.com <https://lgtm.com/query/2101530483/>`__. The ``from`` clause defines a variable ``c`` representing a JavaScript comment. The ``where`` part limits the comments ``c`` to those containing the word ``"TODO"``. The ``select`` clause lists these comments.
152
+
➤ The ``from`` clause defines a variable ``c`` representing a JavaScript comment. The ``where`` part limits the comments ``c`` to those containing the word ``"TODO"``. The ``select`` clause lists these comments.
@@ -154,9 +161,54 @@ To import the CodeQL library for a specific programming language, type ``import
154
161
where not exists(p.getAnAccess())
155
162
select p
156
163
157
-
➤ `See this in the query console on LGTM.com <https://lgtm.com/query/2098670762/>`__. The ``from`` clause defines a variable ``p`` representing a Java parameter. The ``where`` clause finds unused parameters by limiting the parameters ``p`` to those which are not accessed. Finally, the ``select`` clause lists these parameters.
164
+
➤ The ``from`` clause defines a variable ``p`` representing a Java parameter. The ``where`` clause finds unused parameters by limiting the parameters ``p`` to those which are not accessed. Finally, the ``select`` clause lists these parameters.
- For a more technical description of the underlying language, see the ":ref:`QL language reference <ql-language-reference>`."
171
+
- For a more technical description of the underlying language, see the ":ref:`QL language reference <ql-language-reference>`."
172
+
173
+
--------------
174
+
175
+
Answers
176
+
-------
177
+
178
+
In these answers, we use ``/*`` and ``*/`` to label the different parts of the query. Any text surrounded by ``/*`` and ``*/`` is not evaluated as part of the QL code, but is treated as a *comment*.
179
+
180
+
Exercise 1
181
+
~~~~~~~~~~
182
+
183
+
.. code-block:: ql
184
+
185
+
from string s
186
+
where s = "lgtm"
187
+
select s.length()
188
+
189
+
Exercise 2
190
+
~~~~~~~~~~
191
+
192
+
.. code-block:: ql
193
+
194
+
from float x, float y
195
+
where x = 3.pow(5) and y = 245.6
196
+
select x.minimum(y).sin()
197
+
198
+
Exercise 3
199
+
~~~~~~~~~~
200
+
201
+
.. code-block:: ql
202
+
203
+
from boolean b
204
+
where b = false
205
+
select b.booleanNot()
206
+
207
+
Exercise 4
208
+
~~~~~~~~~~
209
+
210
+
.. code-block:: ql
211
+
212
+
from date start, date end
213
+
where start = "10/06/2017".toDate() and end = "28/09/2017".toDate()
0 commit comments