Repo sync

content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-database-bundle-for-troubleshooting.md

@@ -0,0 +1,46 @@
+---
+title: Creating CodeQL CLI database bundles
+intro: 'You can create a database bundle with {% data variables.product.prodname_codeql %} troubleshooting information.'
+allowTitleToDifferFromFilename: true
+product: '{% data reusables.gated-features.codeql %}'
+versions:
+  fpt: '*'
+  ghes: '*'
+  ghec: '*'
+topics:
+  - Advanced Security
+  - Code scanning
+  - CodeQL
+---
+
+> [!WARNING]
+> {% data variables.product.prodname_codeql_cli %} database bundles contain a copy of the source code being analyzed by {% data variables.product.prodname_codeql %}, therefore we suggest sharing these bundles only with people who are authorized to access that source code.
+
+## About creating {% data variables.product.prodname_codeql_cli %} database bundles
+
+{% data reusables.code-scanning.codeql-cli-version-ghes %}
+
+The {% data variables.product.prodname_codeql_cli %} database bundle command can be used to create a relocatable archive of a {% data variables.product.prodname_codeql %} database.
+
+A copy of a database bundle can be used to share troubleshooting information with your team members or with {% data variables.contact.github_support %}.
+
+The following {% data variables.product.prodname_codeql_cli %} command syntax is suggested when creating a database bundle for troubleshooting purposes:
+
+> [!NOTE]
+> This sample `database bundle` command requires {% data variables.product.prodname_codeql_cli %} version {% data variables.product.codeql_cli_version_min_version_create_bundle %} or higher.
+
+```shell
+codeql database bundle --output=codeql-debug-artifacts.zip --include-diagnostics --include-logs --include-results -- <dir>
+```
+
+For this command, `<dir>` must be the path to the directory where the {% data variables.product.prodname_codeql %} database was created.
+
+The successful command execution creates a zip file called `codeql-debug-artifacts.zip` which contains {% data variables.product.prodname_codeql %} troubleshooting information. That file is the database bundle.
+
+This command assumes that the `--log-dir` command line argument was not used for the `database create` and `database analyze` commands. When that command line argument is used, the log files created by those commands will not be included with the database bundle.
+
+## Increasing the verbosity for `database create` and `database analyze`
+
+If the `database create` and `database analyze` commands are not detailed enough for troubleshooting purposes, you can increase their verbosity.
+
+Both commands support the `--verbosity` command line argument which can be set to `progress++` prior to creating a database bundle.

content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/index.md

@@ -26,6 +26,7 @@ children:
   - /csv-output
   - /extractor-options
   - /exit-codes
+  - /creating-database-bundle-for-troubleshooting
 redirect_from:
   - /code-security/codeql-cli/codeql-cli-reference
 ---

data/reusables/code-scanning/codeql-query-tables/java.md

@@ -84,6 +84,7 @@
 | [Exposure of sensitive information to notifications](https://codeql.github.com/codeql-query-help/java/java-android-sensitive-notification/) | 200 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Exposure of sensitive information to UI text views](https://codeql.github.com/codeql-query-help/java/java-android-sensitive-text/) | 200 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Hard-coded credential in API call](https://codeql.github.com/codeql-query-help/java/java-hardcoded-credential-api-call/) | 798 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
+| [HTTP request type unprotected from CSRF](https://codeql.github.com/codeql-query-help/java/java-csrf-unprotected-request-type/) | 352 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Improper validation of user-provided array index](https://codeql.github.com/codeql-query-help/java/java-improper-validation-of-array-index/) | 129 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Improper validation of user-provided size used for array construction](https://codeql.github.com/codeql-query-help/java/java-improper-validation-of-array-construction/) | 129 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Insecure basic authentication](https://codeql.github.com/codeql-query-help/java/java-insecure-basic-auth/) | 522, 319 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |

data/variables/product.yml

@@ -95,7 +95,7 @@ prodname_codeql_cli: 'CodeQL CLI'
 # Update this whenever a new enterprise version of CodeQL is being prepared.
 codeql_cli_ghes_recommended_version: >-
   {% ifversion ghes < 3.12 %}2.14.6{% elsif ghes < 3.17 %}2.20.3{% endif %}
-
+codeql_cli_version_min_version_create_bundle: '2.17.6'
 # Projects v2
 prodname_projects_v2: 'Projects'
 prodname_projects_v1: >-