Skip to content

github/codeql

BranchesTags

Repository files navigation

Ruby analysis support for CodeQL

Under development.

Building the tools from source

Install Rust, then run:

cargo build --release

Generating the database schema and QL library

The generated ql/src/ruby.dbscheme and ql/src/codeql_ruby/ast/internal/TreeSitter.qll files are included in the repository, but they can be re-generated as follows:

# Run the generator
cargo run --release -p ruby-generator
# Then auto-format the QL library
codeql query format -i ql/src/codeql_ruby/ast/internal/TreeSitter.qll

Building a CodeQL database for a Ruby program

First, get an extractor pack. There are two options:

  1. Either download the latest codeql-ruby-pack from Actions and unzip it twice, or
  2. Run ./create-extractor-pack.sh (Linux/Mac) or .\create-extractor-pack.ps1 (Windows PowerShell) and the pack will be created in the extractor-pack directory.

Then run

codeql database create <database-path> -l ruby -s <project-source-path> --search-path <extractor-pack-path>

About

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

codeql.github.com

Topics

semmle-ql codeql github-advanced-security github-security-lab works-with-codespaces

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

8.6k stars

Watchers

246 watching

Forks

1.7k forks
Report repository

Releases

147 tags

Contributors 320

+ 306 contributors

Languages