You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/codeql/codeql-language-guides/analyzing-data-flow-in-java.rst
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,9 +1,9 @@
1
1
.. _analyzing-data-flow-in-java:
2
2
3
-
Analyzing data flow in Java
4
-
===========================
3
+
Analyzing data flow in Java and Kotlin
4
+
======================================
5
5
6
-
You can use CodeQL to track the flow of data through a Java program to its use.
6
+
You can use CodeQL to track the flow of data through a Java/Kotlin program to its use.
7
7
8
8
.. include:: ../reusables/kotlin-beta-note.rst
9
9
@@ -12,7 +12,7 @@ You can use CodeQL to track the flow of data through a Java program to its use.
12
12
About this article
13
13
------------------
14
14
15
-
This article describes how data flow analysis is implemented in the CodeQL libraries for Java and includes examples to help you write your own data flow queries.
15
+
This article describes how data flow analysis is implemented in the CodeQL libraries for Java/Kotlin and includes examples to help you write your own data flow queries.
16
16
The following sections describe how to use the libraries for local data flow, global data flow, and taint tracking.
17
17
18
18
For a more general introduction to modeling data flow, see ":ref:`About data flow analysis <about-data-flow-analysis>`."
Copy file name to clipboardExpand all lines: docs/codeql/codeql-language-guides/annotations-in-java.rst
+8-6Lines changed: 8 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,9 +1,11 @@
1
1
.. _annotations-in-java:
2
2
3
-
Annotations in Java
4
-
===================
3
+
Annotations in Java and Kotlin
4
+
==============================
5
5
6
-
CodeQL databases of Java projects contain information about all annotations attached to program elements.
6
+
CodeQL databases of Java/Kotlin projects contain information about all annotations attached to program elements.
7
+
8
+
.. include:: ../reusables/kotlin-beta-note.rst
7
9
8
10
About working with annotations
9
11
------------------------------
@@ -15,7 +17,7 @@ Annotations are represented by these CodeQL classes:
15
17
- The class ``AnnotationElement`` represents an annotation element, that is, a member of an annotation type.
16
18
- The class ``Annotation`` represents an annotation such as ``@Override``; annotation values can be accessed through member predicate ``getValue``.
17
19
18
-
For example, the Java standard library defines an annotation ``SuppressWarnings`` that instructs the compiler not to emit certain kinds of warnings:
20
+
For example, the Java/Kotlin standard library defines an annotation ``SuppressWarnings`` that instructs the compiler not to emit certain kinds of warnings:
19
21
20
22
.. code-block:: java
21
23
@@ -101,7 +103,7 @@ As a first step, let's write a query that finds all ``@Override`` annotations. A
101
103
where ann.getType().hasQualifiedName("java.lang", "Override")
102
104
select ann
103
105
104
-
As always, it is a good idea to try this query on a CodeQL database for a Java project to make sure it actually produces some results. On the earlier example, it should find the annotation on ``Sub1.m``. Next, we encapsulate the concept of an ``@Override`` annotation as a CodeQL class:
106
+
As always, it is a good idea to try this query on a CodeQL database for a Java/Kotlin project to make sure it actually produces some results. On the earlier example, it should find the annotation on ``Sub1.m``. Next, we encapsulate the concept of an ``@Override`` annotation as a CodeQL class:
105
107
106
108
::
107
109
@@ -185,7 +187,7 @@ For more information about the class ``Call``, see ":doc:`Navigating the call gr
185
187
Improvements
186
188
~~~~~~~~~~~~
187
189
188
-
The Java standard library provides another annotation type ``java.lang.SupressWarnings`` that can be used to suppress certain categories of warnings. In particular, it can be used to turn off warnings about calls to deprecated methods. Therefore, it makes sense to improve our query to ignore calls to deprecated methods from inside methods that are marked with ``@SuppressWarnings("deprecation")``.
190
+
The Java/Kotlin standard library provides another annotation type ``java.lang.SupressWarnings`` that can be used to suppress certain categories of warnings. In particular, it can be used to turn off warnings about calls to deprecated methods. Therefore, it makes sense to improve our query to ignore calls to deprecated methods from inside methods that are marked with ``@SuppressWarnings("deprecation")``.
189
191
190
192
For instance, consider this slightly updated example:
Copy file name to clipboardExpand all lines: docs/codeql/codeql-language-guides/basic-query-for-javascript-code.rst
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,7 +1,7 @@
1
1
.. _basic-query-for-javascript-code:
2
2
3
-
Basic query for JavaScript code
4
-
===============================
3
+
Basic query for JavaScript and TypeScript code
4
+
===============================================
5
5
6
6
Learn to write and run a simple CodeQL query using Visual Studio Code with the CodeQL extension.
7
7
@@ -10,7 +10,7 @@ Learn to write and run a simple CodeQL query using Visual Studio Code with the C
10
10
About the query
11
11
---------------
12
12
13
-
In JavaScript, any expression can be turned into an expression statement. While this is sometimes convenient, it can be dangerous. For example, imagine a programmer wants to assign a new value to a variable ``x`` by means of an assignment ``x = 42``. However, they accidentally type two equals signs, producing the comparison statement ``x == 42``. This is valid JavaScript, so no error is generated. The statement simply compares ``x`` to ``42``, and then discards the result of the comparison.
13
+
In JavaScript and TypeScript, any expression can be turned into an expression statement. While this is sometimes convenient, it can be dangerous. For example, imagine a programmer wants to assign a new value to a variable ``x`` by means of an assignment ``x = 42``. However, they accidentally type two equals signs, producing the comparison statement ``x == 42``. This is valid JavaScript, so no error is generated. The statement simply compares ``x`` to ``42``, and then discards the result of the comparison.
14
14
15
15
The query you will run finds instances of this problem. The query searches for expressions ``e`` that are pure—that is, their evaluation does not lead to any side effects—but appear as an expression statement.
16
16
@@ -50,7 +50,7 @@ After the initial ``import`` statement, this simple query comprises three parts
| ``import javascript`` | Imports the standard CodeQL libraries for JavaScript. | Every query begins with one or more ``import`` statements. |
53
+
| ``import javascript`` | Imports the standard CodeQL libraries for JavaScript and TypeScript.| Every query begins with one or more ``import`` statements. |
- :doc:`Basic query for Java code <basic-query-for-java-code>`: Learn to write and run a simple CodeQL query.
29
+
- :doc:`Basic query for Java and Kotlin code <basic-query-for-java-code>`: Learn to write and run a simple CodeQL query.
30
30
31
-
- :doc:`CodeQL library for Java <codeql-library-for-java>`: When analyzing Java code, you can use the large collection of classes in the CodeQL library for Java.
31
+
- :doc:`CodeQL library for Java and Kotlin <codeql-library-for-java>`: When analyzing Java/Kotlin code, you can use the large collection of classes in the CodeQL library for Java/Kotlin.
32
32
33
-
- :doc:`Analyzing data flow in Java <analyzing-data-flow-in-java>`: You can use CodeQL to track the flow of data through a Java program to its use.
33
+
- :doc:`Analyzing data flow in Java and Kotlin <analyzing-data-flow-in-java>`: You can use CodeQL to track the flow of data through a Java/Kotlin program to its use.
34
34
35
-
- :doc:`Java types <types-in-java>`: You can use CodeQL to find out information about data types used in Java code. This allows you to write queries to identify specific type-related issues.
35
+
- :doc:`Java and Kotlin types <types-in-java>`: You can use CodeQL to find out information about data types used in Java/Kotlin code. This allows you to write queries to identify specific type-related issues.
36
36
37
-
- :doc:`Overflow-prone comparisons in Java <overflow-prone-comparisons-in-java>`: You can use CodeQL to check for comparisons in Java code where one side of the comparison is prone to overflow.
37
+
- :doc:`Overflow-prone comparisons in Java and Kotlin <overflow-prone-comparisons-in-java>`: You can use CodeQL to check for comparisons in Java/Kotlin code where one side of the comparison is prone to overflow.
38
38
39
39
- :doc:`Navigating the call graph <navigating-the-call-graph>`: CodeQL has classes for identifying code that calls other code, and code that can be called from elsewhere. This allows you to find, for example, methods that are never used.
40
40
41
-
- :doc:`Annotations in Java <annotations-in-java>`: CodeQL databases of Java projects contain information about all annotations attached to program elements.
41
+
- :doc:`Annotations in Java and Kotlin <annotations-in-java>`: CodeQL databases of Java/Kotlin projects contain information about all annotations attached to program elements.
42
42
43
43
- :doc:`Javadoc <javadoc>`: You can use CodeQL to find errors in Javadoc comments in Java code.
44
44
45
-
- :doc:`Working with source locations <working-with-source-locations>`: You can use the location of entities within Java code to look for potential errors. Locations allow you to deduce the presence, or absence, of white space which, in some cases, may indicate a problem.
45
+
- :doc:`Working with source locations <working-with-source-locations>`: You can use the location of entities within Java/Kotlin code to look for potential errors. Locations allow you to deduce the presence, or absence, of white space which, in some cases, may indicate a problem.
46
46
47
-
- :doc:`Abstract syntax tree classes for working with Java programs <abstract-syntax-tree-classes-for-working-with-java-programs>`: CodeQL has a large selection of classes for representing the abstract syntax tree of Java programs.
47
+
- :doc:`Abstract syntax tree classes for working with Java and Kotlin programs <abstract-syntax-tree-classes-for-working-with-java-programs>`: CodeQL has a large selection of classes for representing the abstract syntax tree of Java/Kotlin programs.
- :doc:`Basic query for JavaScript code <basic-query-for-javascript-code>`: Learn to write and run a simple CodeQL query.
21
+
- :doc:`Basic query for JavaScript and TypeScript code <basic-query-for-javascript-code>`: Learn to write and run a simple CodeQL query.
22
22
23
23
- :doc:`CodeQL library for JavaScript <codeql-library-for-javascript>`: When you're analyzing a JavaScript program, you can make use of the large collection of classes in the CodeQL library for JavaScript.
0 commit comments