You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/codeql/codeql-for-visual-studio-code/working-with-codeql-packs-in-visual-studio-code.rst
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,8 +16,8 @@ You use CodeQL packs to share your expertise in query writing, CodeQL library de
16
16
There are three types of CodeQL pack, each with a specific purpose.
17
17
18
18
- Query packs are designed to be run. When a query pack is published, the bundle includes all the transitive dependencies and pre-compiled representations of each query, in addition to the query sources. This ensures consistent and efficient execution of the queries in the pack.
19
-
- Library packs are designed to be used by query packs (or other library packs) and do not contain queries themselves. The libraries are not compiled separately.
20
19
- Model packs are used to model dependencies that are not supported by the standard CodeQL libraries. When you add a model pack to your analysis, all extensible queries also analyze the sources and sinks of the dependencies defined in the pack.
20
+
- Library packs are designed to be used by query packs (or other library packs) and do not contain queries themselves. The libraries are not compiled separately.
21
21
22
22
Using the CodeQL packs shipped with the CLI in Visual Studio Code
@@ -31,15 +31,15 @@ Working with CodeQL query packs
31
31
One of the main benefits of working with a CodeQL query pack is that all dependecies are resolved, not just those defined within the query and standard libraries.
32
32
33
33
Creating and editing CodeQL query packs
34
-
'''''''''''''''''''''''''''''''''''''''
34
+
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
35
35
To create a new query pack, you will need to use the CodeQL CLI from a terminal, which you can do within Visual Studio Code or outside of it with the ``codeql pack init`` command. Once you create an empty pack, you can edit the ``qlpack.yml`` file or run the ``codeql pack add`` command to add dependencies or change the name or version. For detailed information, see "`Creating and working with CodeQL packs <https://docs.github.com/en/code-security/codeql-cli/using-the-codeql-cli/creating-and-working-with-codeql-packs>`__."
36
36
37
37
You can create or edit queries in a CodeQL pack in Visual Studio Code as you would with any CodeQL query, using the standard code editing features such as autocomplete suggestions to find elements to use from the pack's dependencies.
38
38
39
39
You can then use the CodeQL CLI to publish your pack to share with others. For detailed information, see "`Publishing and using CodeQL packs <https://docs.github.com/en/code-security/codeql-cli/using-the-codeql-cli/publishing-and-using-codeql-packs>`__."
40
40
41
41
Viewing CodeQL query packs and their dependencies
42
-
'''''''''''''''''''''''''''''''''''''''''''''''''
42
+
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
43
43
To download a query pack that someone else has created, run the **CodeQL: Download Packs** command from the Command Palette.
44
44
You can download all the core query packs, or enter the full name of a specific pack to download. For example, to download the core queries for analyzing Java and Kotlin, enter ``codeql/java-queries``.
45
45
@@ -56,4 +56,4 @@ The CodeQL extension for Visual Studio Code includes a dedicated editor for crea
56
56
57
57
TODO a little more, but mostly about the general use, because editing will be in a new article.
- :doc:`Basic query for Java code <basic-query-for-java-code>`: Learn to write and run a simple CodeQL query.
31
31
@@ -47,4 +47,4 @@ Experiment and learn how to write effective and efficient queries for CodeQL dat
47
47
48
48
- :doc:`Abstract syntax tree classes for working with Java programs <abstract-syntax-tree-classes-for-working-with-java-programs>`: CodeQL has a large selection of classes for representing the abstract syntax tree of Java programs.
49
49
50
-
- :doc:`Data extensions to model your Java/Kotlin dependencies`: You can model frameworks and libraries that your code base depends on using data extensions and publish them as CodeQL model packs.
50
+
- :doc:`Data extensions to model your Java/Kotlin dependencies<data-extensions-to-model-java-dependencies>`: You can model frameworks and libraries that your code base depends on using data extensions and publish them as CodeQL model packs.
Copy file name to clipboardExpand all lines: docs/codeql/reusables/beta-note-model-pack-editor-vsc.rst
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,4 +2,4 @@
2
2
3
3
Note
4
4
5
-
The CodeQL model editor and CodeQL model packs are currently in beta and subject to change. During the beta, model packs are supported only by Java/Kotlin analysis. To use this beta functionality, install the latest version of the CodeQL CLI bundle from: https://github.com/github/codeql-action/releases.
5
+
The CodeQL model editor and CodeQL model packs are currently in beta and subject to change. During the beta, model packs are supported only by Java/Kotlin analysis. To use this beta functionality, install the latest version of the CodeQL extension for Visual Studio Code.
0 commit comments