Link to this headingCodeQL

ToB Documentation

Link to this headingSetup

Setup Language Files:

# C/C++ codeql database create codeql.db --language=cpp --command='./fbt' # Go Lang codeql database create codeql.db --language=go # Java codeql database create codeql.db --language=java # For Maven projects codeql database create codeql.db --language=java --command='mvn clean compile' # For Gradle projects codeql database create codeql.db --language=java --command='./gradlew compileJava' # JaveScript codeql database create codeql.db --language=javascript # Python codeql database create codeql.db --language=python # Swift codeql database create codeql.db --language=swift # Ruby codeql database create codeql.db --language=ruby # C# codeql database create codeql.db --language=csharp

Download query packages:

# Download Trail of Bits query packs codeql pack download trailofbits/cpp-queries trailofbits/go-queries trailofbits/java-queries # Download default GitHub query packs codeql pack download codeql/cpp-queries codeql/java-queries codeql/javascript-queries codeql/python-queries codeql/csharp-queries

Link to this headingRunning Analysis

Run security queries on database:

# Run default security queries codeql database analyze codeql.db --format=csv --output=results.csv # Run specific query suites codeql database analyze codeql.db codeql/java-queries:codeql-suites/java-security-extended.qls --format=sarif-latest --output=results.sarif # Run custom queries codeql database analyze codeql.db /path/to/custom-queries --format=csv --output=custom-results.csv