CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Перейти к файлу
dependabot[bot] 26f8e64a35
Bump golang.org/x/tools
Bumps the extractor-dependencies group in /go/extractor with 1 update: [golang.org/x/tools](https://github.com/golang/tools).


Updates `golang.org/x/tools` from 0.25.0 to 0.26.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](https://github.com/golang/tools/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: extractor-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-07 09:26:56 +00:00
.devcontainer Swift: add `git lfs` installation to codespace configuration 2024-07-04 14:28:22 +02:00
.github Go: Run CI when shared libraries change 2024-09-19 11:32:46 +01:00
.vscode Misc: Add script to accept `.expected` changes from CI 2023-04-30 14:59:50 +02:00
change-notes spelling: triggered 2022-10-20 08:21:02 -04:00
config Merge pull request #17509 from michaelnebel/modelgen/parammodule 2024-09-26 10:57:16 +02:00
cpp C++: Update expected test output 2024-10-04 08:35:31 +02:00
csharp Clarify threat model flow sources comment in LogForgingQuery.qll 2024-10-01 23:04:22 -04:00
docs Merge branch 'main' into threat-models 2024-09-26 11:44:24 +02:00
go Bump golang.org/x/tools 2024-10-07 09:26:56 +00:00
java Merge pull request #17668 from igfoo/igfoo/typo 2024-10-06 13:22:08 +01:00
javascript JS: Update expected test output 2024-10-04 08:35:33 +02:00
misc Post-release preparation for codeql-cli-2.19.1 2024-09-30 19:49:00 +00:00
python Python: adjust test expectations 2024-10-04 15:30:02 +02:00
ql Exclude consistency output from `.gitignore` files 2024-09-26 11:09:54 +02:00
ruby Ruby: Fix expected test output 2024-10-07 09:16:12 +02:00
rust Rust: Fix `CompoundAssignmentExpr` charpred 2024-10-04 14:48:07 +02:00
shared Shared: Only use heuristic summary flow in case there is no content based flow. 2024-10-02 15:24:01 +02:00
swift Swift: Update expected test output 2024-10-07 09:45:08 +02:00
.bazelrc `crate_universe`: Enable modext isolation. 2024-08-18 21:00:30 +02:00
.bazelrc.internal `crate_universe`: Enable modext isolation. 2024-08-18 21:00:30 +02:00
.bazelversion Bazel: switch to a 7.4.0 prerelease. 2024-08-27 12:27:53 +02:00
.clang-format Swift: update formatting to `clang-format` 17.0.6 2024-01-25 13:58:14 +01:00
.editorconfig Normalize all text files to LF 2018-09-23 16:24:31 -07:00
.git-blame-ignore-revs Ignore auto-format commits in git blame. 2023-03-10 15:08:49 +01:00
.gitattributes Ripunzip: provide installer 2024-06-05 14:46:59 +02:00
.gitignore Bazel: remove non-working fake `tree-sitter-extractor` workaround 2024-09-11 08:17:11 +02:00
.lfsconfig Explain `.lfsconfig` choice in the comment 2024-06-04 14:27:08 +02:00
.lgtm.yml codeql-go merge prep: integrate go/ into codeql 2022-05-20 10:22:47 -07:00
.pre-commit-config.yaml Pre-commit: bump up `autopep8` check version and fix formatting 2024-09-16 14:03:48 +02:00
BUILD.bazel C#: Add Bazel-based build system. 2024-05-21 09:14:13 +02:00
CODEOWNERS Update CODEOWNERS 2024-05-15 10:18:31 +02:00
CODE_OF_CONDUCT.md Update code of conduct in line with GH 2020-04-23 10:19:13 +01:00
CONTRIBUTING.md Deprecate the CodeQL for VS Code docs in favour of docs.github.com version 2024-04-25 07:59:33 +00:00
Cargo.lock Rust: generate schema.py and extractor from ungrammar 2024-09-19 13:00:05 +02:00
Cargo.toml Rust: add generate-schema project 2024-09-19 10:51:44 +02:00
LICENSE Relicense under MIT 2020-04-07 12:03:26 +01:00
MODULE.bazel Kotlin: Add 2.1.0-Beta1 2024-09-25 15:23:34 +01:00
README.md Update README.md 2024-05-07 13:09:08 +01:00
WORKSPACE.bazel Bazel: fix typo 2024-02-22 11:58:02 +01:00
codeql-workspace.yml Unified handling of in-tree extractor packs. 2024-06-03 16:05:46 +02:00
conftest.py Swift: add unit tests to code generation 2022-04-27 08:24:11 +02:00
defs.bzl Bazel: code reorganization 2022-04-12 12:40:59 +02:00

README.md

CodeQL

This open source repository contains the standard CodeQL libraries and queries that power GitHub Advanced Security and the other application security products that GitHub makes available to its customers worldwide.

How do I learn CodeQL and run queries?

There is extensive documentation about the CodeQL language, writing CodeQL using the CodeQL extension for Visual Studio Code and using the CodeQL CLI.

Contributing

We welcome contributions to our standard library and standard checks. Do you have an idea for a new check, or how to improve an existing query? Then please go ahead and open a pull request! Before you do, though, please take the time to read our contributing guidelines. You can also consult our style guides to learn how to format your code for consistency and clarity, how to write query metadata, and how to write query help documentation for your query.

For information on contributing to CodeQL documentation, see the "contributing guide" for docs.

License

The code in this repository is licensed under the MIT License by GitHub.

The CodeQL CLI (including the CodeQL engine) is hosted in a different repository and is licensed separately. If you'd like to use the CodeQL CLI to analyze closed-source code, you will need a separate commercial license; please contact us for further help.

Visual Studio Code integration

If you use Visual Studio Code to work in this repository, there are a few integration features to make development easier.

CodeQL for Visual Studio Code

You can install the CodeQL for Visual Studio Code extension to get syntax highlighting, IntelliSense, and code navigation for the QL language, as well as unit test support for testing CodeQL libraries and queries.

Tasks

The .vscode/tasks.json file defines custom tasks specific to working in this repository. To invoke one of these tasks, select the Terminal | Run Task... menu option, and then select the desired task from the dropdown. You can also invoke the Tasks: Run Task command from the command palette.