An extension for Visual Studio Code that adds rich language support for CodeQL

codeql vscode vscode-extension works-with-codespaces

Перейти к файлу

Andrew Eisenberg 292e695646 Add telemetry for commands This commit adds telemetry capturing for command execution. The data captured explicitly captured and sent to application insights is only the command id, execution time, and command completion status. We also capture errors thrown by any command execution, but these are not sent to application insights. Telemetry capturing is opt-in. No data will be sent to application insights unless the user explicitly allows it. There are two new config settings added. The first controls whether or not telemetry should be sent. This setting AND the global telemetry setting must be enabled in order for telemetry to be sent. The second setting controls whether or not telemetry event data should be logged to the extension console. The hope here is that users can inspect exactly what data is sent to the server and can have confidence that nothing concerning is being leaked. Note that the global setting for disabling telemetry collection is handled inside the `vscode-extension-telemetry` package implicitly, so this extension doesn't touch that setting explicitly. The `codeql.canary` setting is being used to add an additional flag to telemetry events. This flag will help us determine if a user in internal or not. The application insights key is injected at build time through a repository secret. This commit also includes a new `TELEMETRY.md` file that explains what is being captured, and why.		2021-01-29 15:21:12 -08:00
.github	Add telemetry for commands	2021-01-29 15:21:12 -08:00
.vscode	Clarify how to run CLI tests locally	2021-01-20 13:05:53 -08:00
extensions/ql-vscode	Add telemetry for commands	2021-01-29 15:21:12 -08:00
syntaxes	Update syntaxes/README.md	2020-03-04 18:28:20 +00:00
.editorconfig	Update contributing documentation and launch config	2020-03-07 16:36:09 -08:00
.gitattributes	Use union merge strategy for CHANGELOG.md	2020-06-15 15:31:19 -04:00
.gitignore	Add integration tests with the CLI	2020-12-04 10:08:15 -08:00
CODE_OF_CONDUCT.md	CodeQL for VS Code: Initial commit.	2019-11-13 12:23:53 -08:00
CONTRIBUTING.md	Update internal docs for publishing	2021-01-11 13:38:21 -08:00
LICENSE.md	CodeQL for VS Code: Initial commit.	2019-11-13 12:23:53 -08:00
README.md	Small editorials tweaks	2020-06-24 11:33:48 +01:00
tsconfig.json	Add a top-level tsconfig.json	2020-08-24 10:58:17 -07:00
tsfmt.json	Add format and lint on commit	2020-05-12 10:15:48 -07:00

README.md

CodeQL for Visual Studio Code

This project is an extension for Visual Studio Code that adds rich language support for CodeQL. It's used to find problems in code bases using CodeQL. It's written primarily in TypeScript.

The extension is released. You can download it from the Visual Studio Marketplace.

To see what has changed in the last few versions of the extension, see the Changelog.

Features

Enables you to use CodeQL to query databases and discover problems in codebases.
Shows the flow of data through the results of path queries, which is essential for triaging security results.
Provides an easy way to run queries from the large, open source repository of CodeQL security queries.
Adds IntelliSense to support you writing and editing your own CodeQL query and library files.

Project goals and scope

This project will track new feature development in CodeQL and, whenever appropriate, bring that functionality to the Visual Studio Code experience.

Contributing

This project welcomes contributions. See CONTRIBUTING.md for details on how to build, install, and contribute.

License

The CodeQL extension for Visual Studio Code is licensed under the MIT License. The version of CodeQL used by the CodeQL extension is subject to the CodeQL Research Terms & Conditions.

When using the GitHub logos, be sure to follow the GitHub logo guidelines.