diff --git a/docs/language/README.rst b/docs/language/README.rst index f2e2cdc5f5e..c2fe8019908 100644 --- a/docs/language/README.rst +++ b/docs/language/README.rst @@ -49,7 +49,7 @@ Building and previewing the QL language documentation ***************************************************** To build and preview the QL documentation and QL training presentations locally, you need to -install Sphinx 1.7.9. More recent versions of Sphinx do not work with hieoroglyph, +install Sphinx 1.7.9. More recent versions of Sphinx do not work with hieroglyph, the Sphinx extension that we use to generate HTML slides, as explained below. For installation options, see https://github.com/sphinx-doc/sphinx. diff --git a/docs/language/learn-ql/ql-training.rst b/docs/language/learn-ql/ql-training.rst index 37155b53e97..1bbaa20376a 100644 --- a/docs/language/learn-ql/ql-training.rst +++ b/docs/language/learn-ql/ql-training.rst @@ -4,7 +4,7 @@ QL training and variant analysis examples QL and variant analysis ======================= -`Variant analysis `__ is the process of using a known vulnerability as a seed to find similar problems in your code. Security engineers typically perform variant analysis to identify possible vulnerabilities and to ensure these threats are properly fixed across multiple code bases. +`Variant analysis `__ is the process of using a known vulnerability as a seed to find similar problems in your code. Security engineers typically perform variant analysis to identify possible vulnerabilities and to ensure that these threats are properly fixed across multiple code bases. `QL `__ is Semmle's variant analysis engine, and it is also the technology that underpins LGTM, Semmle's community driven security analysis platform. Together, QL and LGTM provide continuous monitoring and scalable variant analysis for your projects, even if you don’t have your own team of dedicated security engineers. You can read more about using QL and LGTM in variant analysis in the `Semmle blog `__. @@ -48,7 +48,7 @@ QL and variant analysis for Java -------------------------------- - `Introduction to variant analysis: QL for Java <../ql-training/java/intro-ql-java.html>`__–an introduction to variant analysis and QL for Java programmers. -- `Example: Query injection <../ql-training/java/query-injection-java.html>`__–an example of iterative query development to find unsanitized SPARQL injection in a Java project. +- `Example: Query injection <../ql-training/java/query-injection-java.html>`__–an example of iterative query development to find unsanitized SPARQL injections in a Java project. - `Program representation: QL for Java <../ql-training/java/program-representation-java.html>`__–information on how QL analysis represents Java programs. - `Introduction to local data flow <../ql-training/java/data-flow-java.html>`__–an introduction to analyzing local data flow in Java using QL, including an example demonstrating how to develop a query to find a real CVE. - `Exercise: Apache Struts <../ql-training/java/apache-struts-java.html>`__–an example demonstrating how to develop a data flow query. @@ -60,4 +60,4 @@ More resources - If you are completely new to QL, look at our introductory topics in :ref:`Getting started `. - To find more detailed information about how to write QL queries for specific languages, visit the links in :ref:`Writing QL queries `. - To read more about how QL queries have been used in Semmle's security research, and to read about new QL developments, visit the `Semmle blog `__. -- Find more examples of queries written by Semmle's own security researchers in the `Semmle Demos repository `__ on GitHub. \ No newline at end of file +- Find more examples of queries written by Semmle's own security researchers in the `Semmle Demos repository `__ on GitHub.