From 8cba276b87e17fa3bfbbef3522dd9e863eaa7487 Mon Sep 17 00:00:00 2001 From: Ben Ahmady <32935794+subatoi@users.noreply.github.com> Date: Thu, 25 Apr 2024 07:59:33 +0000 Subject: [PATCH] Deprecate the CodeQL for VS Code docs in favour of docs.github.com version --- CONTRIBUTING.md | 4 +++- README.md | 2 +- .../about-codeql-for-visual-studio-code.rst | 2 ++ .../about-telemetry-in-codeql-for-visual-studio-code.rst | 2 ++ .../analyzing-your-projects.rst | 2 ++ .../codeql-for-visual-studio-code/customizing-settings.rst | 2 ++ .../exploring-data-flow-with-path-queries.rst | 2 ++ .../exploring-the-structure-of-your-source-code.rst | 2 ++ docs/codeql/codeql-for-visual-studio-code/index.rst | 2 ++ .../running-codeql-queries-at-scale-with-mrva.rst | 2 ++ .../setting-up-codeql-in-visual-studio-code.rst | 2 ++ .../testing-codeql-queries-in-visual-studio-code.rst | 2 ++ .../troubleshooting-codeql-for-visual-studio-code.rst | 2 ++ .../troubleshooting-variant-analysis.rst | 2 ++ .../using-the-codeql-model-editor.rst | 2 ++ .../working-with-codeql-packs-in-visual-studio-code.rst | 2 ++ .../codeql-language-guides/codeql-library-for-ruby.rst | 2 +- docs/codeql/codeql-overview/about-codeql.rst | 4 ++-- .../codeql-overview/codeql-changelog/codeql-cli-2.8.1.rst | 2 +- docs/codeql/codeql-overview/codeql-tools.rst | 4 ++-- docs/codeql/ql-training/cpp/bad-overflow-guard.rst | 2 +- docs/codeql/ql-training/cpp/control-flow-cpp.rst | 2 +- docs/codeql/ql-training/cpp/data-flow-cpp.rst | 2 +- docs/codeql/ql-training/cpp/global-data-flow-cpp.rst | 2 +- docs/codeql/ql-training/cpp/intro-ql-cpp.rst | 2 +- docs/codeql/ql-training/cpp/snprintf.rst | 2 +- docs/codeql/ql-training/java/apache-struts-java.rst | 2 +- docs/codeql/ql-training/java/data-flow-java.rst | 2 +- docs/codeql/ql-training/java/global-data-flow-java.rst | 2 +- docs/codeql/ql-training/java/intro-ql-java.rst | 2 +- docs/codeql/ql-training/java/query-injection-java.rst | 2 +- docs/codeql/ql-training/template.rst | 2 +- docs/codeql/reusables/deprecation-note.rst | 6 ++++++ .../codeql/writing-codeql-queries/creating-path-queries.rst | 4 ++-- .../defining-the-results-of-a-query.rst | 2 +- docs/codeql/writing-codeql-queries/introduction-to-ql.rst | 4 ++-- .../writing-codeql-queries/metadata-for-codeql-queries.rst | 2 +- docs/ql-style-guide.md | 2 +- docs/supported-queries.md | 2 +- go/CONTRIBUTING.md | 2 +- go/ql/docs/experimental.md | 2 +- python/ql/src/CHANGELOG.md | 2 +- python/ql/src/change-notes/released/0.0.9.md | 2 +- 43 files changed, 68 insertions(+), 32 deletions(-) create mode 100644 docs/codeql/reusables/deprecation-note.rst diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 5324ac8f301..a0efca6dec9 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -4,6 +4,8 @@ We welcome contributions to our CodeQL libraries and queries. Got an idea for a There is lots of useful documentation to help you write queries, ranging from information about query file structure to tutorials for specific target languages. For more information on the documentation available, see [CodeQL queries](https://codeql.github.com/docs/writing-codeql-queries/codeql-queries) on [codeql.github.com](https://codeql.github.com). +Note that the CodeQL for Visual Studio Code documentation has been migrated to https://docs.github.com/en/code-security/codeql-for-vs-code/, but you can still contribute to it via a different repository. For more information, see [Contributing to GitHub Docs documentation](https://docs.github.com/en/contributing)." + ## Change notes Any nontrivial user-visible change to a query pack or library pack should have a change note. For details on how to add a change note for your change, see [this guide](docs/change-notes.md). @@ -43,7 +45,7 @@ If you have an idea for a query that you would like to share with other CodeQL u 3. **Formatting** - - The queries and libraries must be autoformatted, for example using the "Format Document" command in [CodeQL for Visual Studio Code](https://codeql.github.com/docs/codeql-for-visual-studio-code/about-codeql-for-visual-studio-code). + - The queries and libraries must be autoformatted, for example using the "Format Document" command in [CodeQL for Visual Studio Code](https://docs.github.com/en/code-security/codeql-for-vs-code/). If you prefer, you can either: 1. install the [pre-commit framework](https://pre-commit.com/) and install the configured hooks on this repo via `pre-commit install`, or diff --git a/README.md b/README.md index 57ecf54486c..42382b1d834 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ This open source repository contains the standard CodeQL libraries and queries t ## How do I learn CodeQL and run queries? -There is [extensive documentation](https://codeql.github.com/docs/) on getting started with writing CodeQL using the [CodeQL extension for Visual Studio Code](https://codeql.github.com/docs/codeql-for-visual-studio-code/) and the [CodeQL CLI](https://codeql.github.com/docs/codeql-cli/). +There is [extensive documentation](https://codeql.github.com/docs/) on getting started with writing CodeQL using the [CodeQL extension for Visual Studio Code](https://docs.github.com/en/code-security/codeql-for-vs-code/) and the [CodeQL CLI](https://codeql.github.com/docs/codeql-cli/). ## Contributing diff --git a/docs/codeql/codeql-for-visual-studio-code/about-codeql-for-visual-studio-code.rst b/docs/codeql/codeql-for-visual-studio-code/about-codeql-for-visual-studio-code.rst index 72e2756ea5c..f0dfbe29017 100644 --- a/docs/codeql/codeql-for-visual-studio-code/about-codeql-for-visual-studio-code.rst +++ b/docs/codeql/codeql-for-visual-studio-code/about-codeql-for-visual-studio-code.rst @@ -5,6 +5,8 @@ About CodeQL for Visual Studio Code ================================================= +.. include:: ../reusables/deprecation-note.rst + CodeQL for Visual Studio Code is an extension that lets you write, run, and test CodeQL queries in Visual Studio Code. Features diff --git a/docs/codeql/codeql-for-visual-studio-code/about-telemetry-in-codeql-for-visual-studio-code.rst b/docs/codeql/codeql-for-visual-studio-code/about-telemetry-in-codeql-for-visual-studio-code.rst index f3258e013f7..832e6d4e856 100644 --- a/docs/codeql/codeql-for-visual-studio-code/about-telemetry-in-codeql-for-visual-studio-code.rst +++ b/docs/codeql/codeql-for-visual-studio-code/about-telemetry-in-codeql-for-visual-studio-code.rst @@ -5,6 +5,8 @@ About telemetry in CodeQL for Visual Studio Code ================================================= +.. include:: ../reusables/deprecation-note.rst + If you specifically opt in to permit GitHub to do so, GitHub will collect usage data and metrics for the purposes of helping the core developers to improve the CodeQL extension for VS Code. This data will not be shared with any parties outside of GitHub. IP addresses and installation IDs will be retained for a maximum of 30 days. Anonymous data will be retained for a maximum of 180 days. diff --git a/docs/codeql/codeql-for-visual-studio-code/analyzing-your-projects.rst b/docs/codeql/codeql-for-visual-studio-code/analyzing-your-projects.rst index 62d48c6fbd8..dea8007c460 100644 --- a/docs/codeql/codeql-for-visual-studio-code/analyzing-your-projects.rst +++ b/docs/codeql/codeql-for-visual-studio-code/analyzing-your-projects.rst @@ -5,6 +5,8 @@ Analyzing your projects ================================================= +.. include:: ../reusables/deprecation-note.rst + You can run queries on CodeQL databases and view the results in Visual Studio Code. This article explains how to get a CodeQL database and analyze it on your local machine. For information on running analysis at scale across many CodeQL databases, see ":ref:`Running CodeQL queries at scale with multi-repository variant analysis `." Choosing a database diff --git a/docs/codeql/codeql-for-visual-studio-code/customizing-settings.rst b/docs/codeql/codeql-for-visual-studio-code/customizing-settings.rst index 88ad273a3d6..737024861a6 100644 --- a/docs/codeql/codeql-for-visual-studio-code/customizing-settings.rst +++ b/docs/codeql/codeql-for-visual-studio-code/customizing-settings.rst @@ -5,6 +5,8 @@ Customizing settings ==================== +.. include:: ../reusables/deprecation-note.rst + You can edit the settings for the CodeQL extension to suit your needs. About CodeQL extension settings diff --git a/docs/codeql/codeql-for-visual-studio-code/exploring-data-flow-with-path-queries.rst b/docs/codeql/codeql-for-visual-studio-code/exploring-data-flow-with-path-queries.rst index dec599829ed..9975d06b0eb 100644 --- a/docs/codeql/codeql-for-visual-studio-code/exploring-data-flow-with-path-queries.rst +++ b/docs/codeql/codeql-for-visual-studio-code/exploring-data-flow-with-path-queries.rst @@ -5,6 +5,8 @@ Exploring data flow with path queries ===================================== +.. include:: ../reusables/deprecation-note.rst + You can run CodeQL queries in VS Code to help you track the flow of data through a program, highlighting areas that are potential security vulnerabilities. About path queries diff --git a/docs/codeql/codeql-for-visual-studio-code/exploring-the-structure-of-your-source-code.rst b/docs/codeql/codeql-for-visual-studio-code/exploring-the-structure-of-your-source-code.rst index 708b2f0cc0c..9494902d24e 100644 --- a/docs/codeql/codeql-for-visual-studio-code/exploring-the-structure-of-your-source-code.rst +++ b/docs/codeql/codeql-for-visual-studio-code/exploring-the-structure-of-your-source-code.rst @@ -5,6 +5,8 @@ Exploring the structure of your source code ================================================= +.. include:: ../reusables/deprecation-note.rst + You can use the AST viewer to display the abstract syntax tree of a CodeQL database. About the abstract syntax tree diff --git a/docs/codeql/codeql-for-visual-studio-code/index.rst b/docs/codeql/codeql-for-visual-studio-code/index.rst index fc615f932f8..6207d37b286 100644 --- a/docs/codeql/codeql-for-visual-studio-code/index.rst +++ b/docs/codeql/codeql-for-visual-studio-code/index.rst @@ -3,6 +3,8 @@ CodeQL for Visual Studio Code ============================= +.. include:: ../reusables/deprecation-note.rst + The CodeQL extension for Visual Studio Code adds rich language support for CodeQL and allows you to easily find problems in codebases. - :doc:`About CodeQL for Visual Studio Code diff --git a/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst b/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst index dad191274de..2c591c68948 100644 --- a/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst +++ b/docs/codeql/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva.rst @@ -5,6 +5,8 @@ Running CodeQL queries at scale with multi-repository variant analysis ====================================================================== +.. include:: ../reusables/deprecation-note.rst + .. include:: ../reusables/beta-note-mrva.rst About multi-repository variant analysis diff --git a/docs/codeql/codeql-for-visual-studio-code/setting-up-codeql-in-visual-studio-code.rst b/docs/codeql/codeql-for-visual-studio-code/setting-up-codeql-in-visual-studio-code.rst index ac67d31afde..fd553d49ab9 100644 --- a/docs/codeql/codeql-for-visual-studio-code/setting-up-codeql-in-visual-studio-code.rst +++ b/docs/codeql/codeql-for-visual-studio-code/setting-up-codeql-in-visual-studio-code.rst @@ -5,6 +5,8 @@ Setting up CodeQL in Visual Studio Code ================================================= +.. include:: ../reusables/deprecation-note.rst + You can install and configure the CodeQL extension in Visual Studio Code. .. include:: ../reusables/license-note.rst diff --git a/docs/codeql/codeql-for-visual-studio-code/testing-codeql-queries-in-visual-studio-code.rst b/docs/codeql/codeql-for-visual-studio-code/testing-codeql-queries-in-visual-studio-code.rst index 7e19e78bd42..8f77e0110bc 100644 --- a/docs/codeql/codeql-for-visual-studio-code/testing-codeql-queries-in-visual-studio-code.rst +++ b/docs/codeql/codeql-for-visual-studio-code/testing-codeql-queries-in-visual-studio-code.rst @@ -5,6 +5,8 @@ Testing CodeQL queries in Visual Studio Code ============================================ +.. include:: ../reusables/deprecation-note.rst + You can run unit tests for CodeQL queries using the Visual Studio Code extension. When you are sure that your query finds the results you want to identify, you can use variant analysis to run it at scale. For information on running analysis at scale across many CodeQL databases, see ":ref:`Running CodeQL queries at scale with multi-repository variant analysis `." About testing queries in VS Code diff --git a/docs/codeql/codeql-for-visual-studio-code/troubleshooting-codeql-for-visual-studio-code.rst b/docs/codeql/codeql-for-visual-studio-code/troubleshooting-codeql-for-visual-studio-code.rst index 2eecc28f0fb..cdd6579b6aa 100644 --- a/docs/codeql/codeql-for-visual-studio-code/troubleshooting-codeql-for-visual-studio-code.rst +++ b/docs/codeql/codeql-for-visual-studio-code/troubleshooting-codeql-for-visual-studio-code.rst @@ -5,6 +5,8 @@ Troubleshooting CodeQL for Visual Studio Code ============================================= +.. include:: ../reusables/deprecation-note.rst + This article explains how to debug problems with the analysis of CodeQL databases that are stored on your local machine. For information on troubleshooting variant analysis, which runs on GitHub.com, see ":ref:`Troubleshooting variant analysis `." diff --git a/docs/codeql/codeql-for-visual-studio-code/troubleshooting-variant-analysis.rst b/docs/codeql/codeql-for-visual-studio-code/troubleshooting-variant-analysis.rst index 5d9137dee5c..f052bb1722c 100644 --- a/docs/codeql/codeql-for-visual-studio-code/troubleshooting-variant-analysis.rst +++ b/docs/codeql/codeql-for-visual-studio-code/troubleshooting-variant-analysis.rst @@ -5,6 +5,8 @@ Troubleshooting variant analysis ================================ +.. include:: ../reusables/deprecation-note.rst + .. include:: ../reusables/beta-note-mrva.rst This article explains how to debug problems with variant analysis, that is, analysis run using GitHub Actions diff --git a/docs/codeql/codeql-for-visual-studio-code/using-the-codeql-model-editor.rst b/docs/codeql/codeql-for-visual-studio-code/using-the-codeql-model-editor.rst index d1dce1a6771..5c61e780da5 100644 --- a/docs/codeql/codeql-for-visual-studio-code/using-the-codeql-model-editor.rst +++ b/docs/codeql/codeql-for-visual-studio-code/using-the-codeql-model-editor.rst @@ -5,6 +5,8 @@ Using the CodeQL model editor ============================= +.. include:: ../reusables/deprecation-note.rst + .. include:: ../reusables/beta-note-model-pack-editor-vsc.rst You can view, write, and edit CodeQL packs in Visual Studio Code using the CodeQL extension. The model editor is designed to help you model external dependencies of your codebase that are not supported by the standard CodeQL Libraries. diff --git a/docs/codeql/codeql-for-visual-studio-code/working-with-codeql-packs-in-visual-studio-code.rst b/docs/codeql/codeql-for-visual-studio-code/working-with-codeql-packs-in-visual-studio-code.rst index fe1e9a0bbdd..a652021b1c3 100644 --- a/docs/codeql/codeql-for-visual-studio-code/working-with-codeql-packs-in-visual-studio-code.rst +++ b/docs/codeql/codeql-for-visual-studio-code/working-with-codeql-packs-in-visual-studio-code.rst @@ -5,6 +5,8 @@ Working with CodeQL packs in Visual Studio Code =============================================== +.. include:: ../reusables/deprecation-note.rst + .. include:: ../reusables/beta-note-package-management.rst You can view, write, and edit all types of CodeQL packs in Visual Studio Code using the CodeQL extension. diff --git a/docs/codeql/codeql-language-guides/codeql-library-for-ruby.rst b/docs/codeql/codeql-language-guides/codeql-library-for-ruby.rst index 7db0028eb03..9d8f218edca 100644 --- a/docs/codeql/codeql-language-guides/codeql-library-for-ruby.rst +++ b/docs/codeql/codeql-language-guides/codeql-library-for-ruby.rst @@ -73,7 +73,7 @@ The CodeQL examples in this article are only excerpts and are not meant to repre Abstract syntax --------------- -The abstract syntax tree (AST) represents the elements of the source code organized into a tree. The `AST viewer `__ +The abstract syntax tree (AST) represents the elements of the source code organized into a tree. The `AST viewer `__ in Visual Studio Code shows the AST nodes, including the relevant CodeQL classes and predicates. All CodeQL AST classes inherit from the `AstNode` class, which provides the following member predicates diff --git a/docs/codeql/codeql-overview/about-codeql.rst b/docs/codeql/codeql-overview/about-codeql.rst index 1392e1c7330..db48990e96c 100644 --- a/docs/codeql/codeql-overview/about-codeql.rst +++ b/docs/codeql/codeql-overview/about-codeql.rst @@ -70,8 +70,8 @@ Query execution After you've created a CodeQL database, one or more queries are executed against it. CodeQL queries are written in a specially-designed object-oriented query language called QL. You can run the queries checked out from the CodeQL -repo (or custom queries that you've written yourself) using the :ref:`CodeQL -for VS Code extension ` or the `CodeQL CLI +repo (or custom queries that you've written yourself) using the `CodeQL +for VS Code extension ` or the `CodeQL CLI `__. For more information about queries, see ":ref:`About CodeQL queries `." .. _interpret-query-results: diff --git a/docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.8.1.rst b/docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.8.1.rst index 7c76c396073..5197b2f6165 100644 --- a/docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.8.1.rst +++ b/docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.8.1.rst @@ -82,7 +82,7 @@ Bug Fixes Python """""" -* The `View AST functionality `__ no longer prints detailed information about regular expressions, greatly improving performance. +* The `View AST functionality `__ no longer prints detailed information about regular expressions, greatly improving performance. Minor Analysis Improvements ~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/docs/codeql/codeql-overview/codeql-tools.rst b/docs/codeql/codeql-overview/codeql-tools.rst index c6df9d8882d..0adb630bf25 100644 --- a/docs/codeql/codeql-overview/codeql-tools.rst +++ b/docs/codeql/codeql-overview/codeql-tools.rst @@ -53,5 +53,5 @@ CodeQL for Visual Studio Code You can analyze CodeQL databases in Visual Studio Code using the CodeQL extension, which provides an enhanced environment for writing and running custom -queries and viewing the results. For more information, see ":ref:`CodeQL -for Visual Studio Code `." \ No newline at end of file +queries and viewing the results. For more information, see "`CodeQL +for Visual Studio Code `." \ No newline at end of file diff --git a/docs/codeql/ql-training/cpp/bad-overflow-guard.rst b/docs/codeql/ql-training/cpp/bad-overflow-guard.rst index 55657871b4f..07a5b78af76 100644 --- a/docs/codeql/ql-training/cpp/bad-overflow-guard.rst +++ b/docs/codeql/ql-training/cpp/bad-overflow-guard.rst @@ -9,7 +9,7 @@ CodeQL for C/C++ Setup ===== -For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `ChakraCore `__ from GitHub. +For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `ChakraCore `__ from GitHub. Checking for overflow in C ========================== diff --git a/docs/codeql/ql-training/cpp/control-flow-cpp.rst b/docs/codeql/ql-training/cpp/control-flow-cpp.rst index b18348509c2..d2bbc6a6af2 100644 --- a/docs/codeql/ql-training/cpp/control-flow-cpp.rst +++ b/docs/codeql/ql-training/cpp/control-flow-cpp.rst @@ -11,7 +11,7 @@ CodeQL for C/C++ Setup ===== -For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `ChakraCore `__ from GitHub. +For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `ChakraCore `__ from GitHub. .. rst-class:: agenda diff --git a/docs/codeql/ql-training/cpp/data-flow-cpp.rst b/docs/codeql/ql-training/cpp/data-flow-cpp.rst index da4f287b392..e46f72596be 100644 --- a/docs/codeql/ql-training/cpp/data-flow-cpp.rst +++ b/docs/codeql/ql-training/cpp/data-flow-cpp.rst @@ -9,7 +9,7 @@ Finding string formatting vulnerabilities in C/C++ Setup ===== -For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `dotnet/coreclr `__ from GitHub. +For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `dotnet/coreclr `__ from GitHub. .. rst-class:: agenda diff --git a/docs/codeql/ql-training/cpp/global-data-flow-cpp.rst b/docs/codeql/ql-training/cpp/global-data-flow-cpp.rst index a2391e40332..c0dc6923f67 100644 --- a/docs/codeql/ql-training/cpp/global-data-flow-cpp.rst +++ b/docs/codeql/ql-training/cpp/global-data-flow-cpp.rst @@ -9,7 +9,7 @@ CodeQL for C/C++ Setup ===== -For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `dotnet/coreclr `__ from GitHub. +For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `dotnet/coreclr `__ from GitHub. .. rst-class:: agenda diff --git a/docs/codeql/ql-training/cpp/intro-ql-cpp.rst b/docs/codeql/ql-training/cpp/intro-ql-cpp.rst index dff2c50ec0c..005f847b846 100644 --- a/docs/codeql/ql-training/cpp/intro-ql-cpp.rst +++ b/docs/codeql/ql-training/cpp/intro-ql-cpp.rst @@ -9,7 +9,7 @@ CodeQL for C/C++ Setup ===== -For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `exiv2 `__ from GitHub. +For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `exiv2 `__ from GitHub. .. Include language-agnostic section here diff --git a/docs/codeql/ql-training/cpp/snprintf.rst b/docs/codeql/ql-training/cpp/snprintf.rst index 58b2c31d2e4..d784d79f5f8 100644 --- a/docs/codeql/ql-training/cpp/snprintf.rst +++ b/docs/codeql/ql-training/cpp/snprintf.rst @@ -9,7 +9,7 @@ CodeQL for C/C++ Setup ===== -For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `rsyslog `__ from GitHub. +For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `rsyslog `__ from GitHub. ``snprintf`` ============ diff --git a/docs/codeql/ql-training/java/apache-struts-java.rst b/docs/codeql/ql-training/java/apache-struts-java.rst index 24186bda48f..4e5c4493db1 100644 --- a/docs/codeql/ql-training/java/apache-struts-java.rst +++ b/docs/codeql/ql-training/java/apache-struts-java.rst @@ -13,7 +13,7 @@ Exercise: Apache Struts Setup ===== -For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `Apache Struts `__ from GitHub. +For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `Apache Struts `__ from GitHub. Unsafe deserialization in Struts ================================ diff --git a/docs/codeql/ql-training/java/data-flow-java.rst b/docs/codeql/ql-training/java/data-flow-java.rst index f55b25ff5ab..4353b618acf 100644 --- a/docs/codeql/ql-training/java/data-flow-java.rst +++ b/docs/codeql/ql-training/java/data-flow-java.rst @@ -9,7 +9,7 @@ Finding SPARQL injection vulnerabilities in Java Setup ===== -For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `VIVO Vitro `__ from GitHub. +For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `VIVO Vitro `__ from GitHub. .. rst-class:: agenda diff --git a/docs/codeql/ql-training/java/global-data-flow-java.rst b/docs/codeql/ql-training/java/global-data-flow-java.rst index ddee9645d17..67e71c03391 100644 --- a/docs/codeql/ql-training/java/global-data-flow-java.rst +++ b/docs/codeql/ql-training/java/global-data-flow-java.rst @@ -9,7 +9,7 @@ CodeQL for Java Setup ===== -For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `Apache Struts `__ from GitHub. +For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `Apache Struts `__ from GitHub. .. rst-class:: agenda diff --git a/docs/codeql/ql-training/java/intro-ql-java.rst b/docs/codeql/ql-training/java/intro-ql-java.rst index fec966e2fe4..38e311060ec 100644 --- a/docs/codeql/ql-training/java/intro-ql-java.rst +++ b/docs/codeql/ql-training/java/intro-ql-java.rst @@ -9,7 +9,7 @@ CodeQL for Java Setup ===== -For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `Apache Struts `__ from GitHub. +For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `Apache Struts `__ from GitHub. .. Include language-agnostic section here diff --git a/docs/codeql/ql-training/java/query-injection-java.rst b/docs/codeql/ql-training/java/query-injection-java.rst index a16ac49b6a3..d1f8c17288a 100644 --- a/docs/codeql/ql-training/java/query-injection-java.rst +++ b/docs/codeql/ql-training/java/query-injection-java.rst @@ -9,7 +9,7 @@ CodeQL for Java Setup ===== -For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `VIVO Vitro `__ from GitHub. +For this example you need to set up `CodeQL for Visual Studio Code `__ and download the CodeQL database for `VIVO Vitro `__ from GitHub. SQL injection ============= diff --git a/docs/codeql/ql-training/template.rst b/docs/codeql/ql-training/template.rst index 503ac757fdb..7d525d9e3b2 100644 --- a/docs/codeql/ql-training/template.rst +++ b/docs/codeql/ql-training/template.rst @@ -36,7 +36,7 @@ Setup For this example you should download: -- `CodeQL for Visual Studio Code `__ +- `CodeQL for Visual Studio Code `__ - A CodeQL database .. note:: diff --git a/docs/codeql/reusables/deprecation-note.rst b/docs/codeql/reusables/deprecation-note.rst new file mode 100644 index 00000000000..1cff31f2385 --- /dev/null +++ b/docs/codeql/reusables/deprecation-note.rst @@ -0,0 +1,6 @@ +.. pull-quote:: + + Note + + This documentation has been migrated to docs.github.com/en/code-security/codeql-for-vs-code. This version is no longer maintained, and it will be removed on TODOCS. + \ No newline at end of file diff --git a/docs/codeql/writing-codeql-queries/creating-path-queries.rst b/docs/codeql/writing-codeql-queries/creating-path-queries.rst index 1e1b8d1f7a6..0ab162a59c2 100644 --- a/docs/codeql/writing-codeql-queries/creating-path-queries.rst +++ b/docs/codeql/writing-codeql-queries/creating-path-queries.rst @@ -20,7 +20,7 @@ This topic provides information on how to structure a path query file so you can Note - The alerts generated by path queries are included in the results generated using the `CodeQL CLI `__ and in `code scanning `__. You can also view the path explanations generated by your path query in the :ref:`CodeQL extension for VS Code `. + The alerts generated by path queries are included in the results generated using the `CodeQL CLI `__ and in `code scanning `__. You can also view the path explanations generated by your path query in the `CodeQL extension for VS Code `. To learn more about modeling data flow with CodeQL, see ":doc:`About data flow analysis `." @@ -171,7 +171,7 @@ Select clauses for path queries consist of four 'columns', with the following st select element, source, sink, string The ``element`` and ``string`` columns represent the location of the alert and the alert message respectively, as explained in ":doc:`About CodeQL queries `." The second and third columns, ``source`` and ``sink``, are nodes on the path graph selected by the query. -Each result generated by your query is displayed at a single location in the same way as an alert query. Additionally, each result also has an associated path, which can be viewed in the :ref:`CodeQL extension for VS Code `. +Each result generated by your query is displayed at a single location in the same way as an alert query. Additionally, each result also has an associated path, which can be viewed in the `CodeQL extension for VS Code `. The ``element`` that you select in the first column depends on the purpose of the query and the type of issue that it is designed to find. This is particularly important for security issues. For example, if you believe the ``source`` value to be globally invalid or malicious it may be best to display the alert at the ``source``. In contrast, you should consider displaying the alert at the ``sink`` if you believe it is the element that requires sanitization. diff --git a/docs/codeql/writing-codeql-queries/defining-the-results-of-a-query.rst b/docs/codeql/writing-codeql-queries/defining-the-results-of-a-query.rst index 4e074bc411d..94a949ce076 100644 --- a/docs/codeql/writing-codeql-queries/defining-the-results-of-a-query.rst +++ b/docs/codeql/writing-codeql-queries/defining-the-results-of-a-query.rst @@ -9,7 +9,7 @@ About query results ------------------- The information contained in the results of a query is controlled by the ``select`` statement. Part of the process of developing a useful query is to make the results clear and easy for other users to understand. -When you write your own queries in the CodeQL :ref:`extension for VS Code ` there are no constraints on what can be selected. +When you write your own queries in the CodeQL `extension for VS Code ` there are no constraints on what can be selected. However, if you want to use a query to create alerts for code scanning or generate valid analysis results using the `CodeQL CLI `__, you'll need to make the ``select`` statement report results in the required format. You must also ensure that the query has the appropriate metadata properties defined. This topic explains how to write your select statement to generate helpful analysis results. diff --git a/docs/codeql/writing-codeql-queries/introduction-to-ql.rst b/docs/codeql/writing-codeql-queries/introduction-to-ql.rst index 04dccfc98b6..fa4736ec706 100644 --- a/docs/codeql/writing-codeql-queries/introduction-to-ql.rst +++ b/docs/codeql/writing-codeql-queries/introduction-to-ql.rst @@ -19,7 +19,7 @@ QL also supports recursion and aggregates. This allows you to write complex recu Running a query --------------- -You can try out the following examples and exercises using :ref:`CodeQL for VS Code ` or the `CodeQL template `__ on GitHub Codespaces. +You can try out the following examples and exercises using `CodeQL for VS Code ` or the `CodeQL template `__ on GitHub Codespaces. Here is an example of a basic query: @@ -114,7 +114,7 @@ The following example queries *do* use these databases and give you an idea of h Queries using the CodeQL libraries can find errors and uncover variants of important security vulnerabilities in codebases. Visit `GitHub Security Lab `__ to read about examples of vulnerabilities that we have recently found in open source projects. -Before you can run the following examples, you will need to install the CodeQL extension for Visual Studio Code. For more information, see :ref:`Setting up CodeQL in Visual Studio Code `. You will also need to import and select a database in the corresponding programming language. For more information about obtaining CodeQL databases, see `Analyzing your projects `__ in the CodeQL for VS Code documentation. +Before you can run the following examples, you will need to install the CodeQL extension for Visual Studio Code. For more information, see :ref:`Setting up CodeQL in Visual Studio Code `. You will also need to import and select a database in the corresponding programming language. For more information about obtaining CodeQL databases, see `Managing CodeQL databases `__ in the CodeQL for VS Code documentation. To import the CodeQL library for a specific programming language, type ``import `` at the start of the query. diff --git a/docs/codeql/writing-codeql-queries/metadata-for-codeql-queries.rst b/docs/codeql/writing-codeql-queries/metadata-for-codeql-queries.rst index 16a0eba56c2..731a5195ae7 100644 --- a/docs/codeql/writing-codeql-queries/metadata-for-codeql-queries.rst +++ b/docs/codeql/writing-codeql-queries/metadata-for-codeql-queries.rst @@ -9,7 +9,7 @@ About query metadata -------------------- Any query that is run as part of an analysis includes a number of properties, known as query metadata. Metadata is included at the top of each query file as the content of a QLDoc comment. -This metadata tells the CodeQL :ref:`extension for VS Code ` and the `Code scanning feature in GitHub `__ how to handle the query and display its results correctly. +This metadata tells the CodeQL `extension for VS Code ` and the `Code scanning feature in GitHub `__ how to handle the query and display its results correctly. It also gives other users information about what the query results mean. For more information on query metadata, see the `query metadata style guide `__ in our `open source repository `__ on GitHub. .. pull-quote:: diff --git a/docs/ql-style-guide.md b/docs/ql-style-guide.md index 29a427fdfae..7018719bb13 100644 --- a/docs/ql-style-guide.md +++ b/docs/ql-style-guide.md @@ -3,7 +3,7 @@ ## Introduction This document describes how to format the code you contribute to this repository. It covers aspects such as layout, white-space, naming, and documentation. Adhering to consistent standards makes code easier to read and maintain. Of course, these are only guidelines, and can be overridden as the need arises on a case-by-case basis. Where existing code deviates from these guidelines, prefer consistency with the surrounding code. -Note, if you use [CodeQL for Visual Studio Code](https://codeql.github.com/docs/codeql-for-visual-studio-code/about-codeql-for-visual-studio-code/), you can autoformat your query in the editor. +Note, if you use [CodeQL for Visual Studio Code](https://docs.github.com/en/code-security/codeql-for-vs-code/), you can autoformat your query in the editor. Words in *italic* are defined in the [Glossary](#glossary). diff --git a/docs/supported-queries.md b/docs/supported-queries.md index 3529866d461..4335d819413 100644 --- a/docs/supported-queries.md +++ b/docs/supported-queries.md @@ -45,7 +45,7 @@ The process must begin with the first step and must conclude with the final step - Understand [the evaluation model of QL](https://codeql.github.com/docs/ql-language-reference/evaluation-of-ql-programs/). It's more similar to SQL than to any mainstream programming language. - Most performance tuning in QL boils down to computing as few tuples (rows of data) as possible. As a mental model, think of predicate evaluation as enumerating all combinations of parameters that satisfy the predicate body. This includes the implicit parameters `this` and `result`. - The major libraries in CodeQL are _cached_ and will only be computed once for the entire suite of queries. The first query that needs a cached _stage_ will trigger its evaluation. This means that query authors should usually only look at the run time of the last stage of evaluation. - - In [the settings for the VSCode extension](https://codeql.github.com/docs/codeql-for-visual-studio-code/customizing-settings/), check the box "Running Queries: Debug" (`codeQL.runningQueries.debug`). Then find "CodeQL Query Server" in the VSCode Output panel (View -> Output) and capture the output when running the query. That output contains timing and tuple counts for all computed predicates. + - In [the settings for the VSCode extension](https://docs.github.com/en/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/customizing-settings), check the box "Running Queries: Debug" (`codeQL.runningQueries.debug`). Then find "CodeQL Query Server" in the VSCode Output panel (View -> Output) and capture the output when running the query. That output contains timing and tuple counts for all computed predicates. - To clear the entire cache, invoke "CodeQL: Clear Cache" from the VSCode command palette. 6. **Make sure your query has the correct metadata** diff --git a/go/CONTRIBUTING.md b/go/CONTRIBUTING.md index 801d856e53e..38dffd1d754 100644 --- a/go/CONTRIBUTING.md +++ b/go/CONTRIBUTING.md @@ -33,7 +33,7 @@ Follow the steps below to help other users understand what your query does, and 2. **Format your code correctly** - All of the standard CodeQL queries and libraries are uniformly formatted for clarity and consistency, so we strongly recommend that all contributions follow the same formatting guidelines. If you use the CodeQL extension for Visual Studio Code, you can auto-format your query using the [Format Document command](https://codeql.github.com/docs/codeql-for-visual-studio-code/about-codeql-for-visual-studio-code/). For more information, see the [QL style guide](https://github.com/github/codeql/blob/main/docs/ql-style-guide.md). + All of the standard CodeQL queries and libraries are uniformly formatted for clarity and consistency, so we strongly recommend that all contributions follow the same formatting guidelines. If you use the CodeQL extension for Visual Studio Code, you can auto-format your query using the [Format Document command](https://docs.github.com/en/code-security/codeql-for-vs-code/). For more information, see the [QL style guide](https://github.com/github/codeql/blob/main/docs/ql-style-guide.md). 3. **Make sure your query has the correct metadata** diff --git a/go/ql/docs/experimental.md b/go/ql/docs/experimental.md index bef435d6674..ea5ed312fb5 100644 --- a/go/ql/docs/experimental.md +++ b/go/ql/docs/experimental.md @@ -21,7 +21,7 @@ Experimental queries and libraries may not be actively maintained as the standar 3. **Formatting** - - The queries and libraries must be [autoformatted](https://codeql.github.com/docs/codeql-for-visual-studio-code/about-codeql-for-visual-studio-code/). + - The queries and libraries must be [autoformatted](https://docs.github.com/en/code-security/codeql-for-vs-code/). 4. **Compilation** diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index ef271f0654d..a980559ca8e 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -277,7 +277,7 @@ No user-facing changes. ### Bug Fixes -* The [View AST functionality](https://codeql.github.com/docs/codeql-for-visual-studio-code/exploring-the-structure-of-your-source-code/) no longer prints detailed information about regular expressions, greatly improving performance. +* The [View AST functionality](https://docs.github.com/en/code-security/codeql-for-vs-code/) no longer prints detailed information about regular expressions, greatly improving performance. ## 0.0.8 diff --git a/python/ql/src/change-notes/released/0.0.9.md b/python/ql/src/change-notes/released/0.0.9.md index 1136727b684..d50d846f53e 100644 --- a/python/ql/src/change-notes/released/0.0.9.md +++ b/python/ql/src/change-notes/released/0.0.9.md @@ -2,4 +2,4 @@ ### Bug Fixes -* The [View AST functionality](https://codeql.github.com/docs/codeql-for-visual-studio-code/exploring-the-structure-of-your-source-code/) no longer prints detailed information about regular expressions, greatly improving performance. +* The [View AST functionality](https://docs.github.com/en/code-security/codeql-for-vs-code/using-the-advanced-functionality-of-the-codeql-for-vs-code-extension/exploring-the-structure-of-your-source-code) no longer prints detailed information about regular expressions, greatly improving performance.