|
1 | | -# Go analysis support for CodeQL |
| 1 | +# Relocation notice: `github/codeql-go` moved into `github/codeql` |
2 | 2 |
|
3 | | -This open-source repository contains the extractor, CodeQL libraries, and queries that power Go |
4 | | -support in [LGTM](https://lgtm.com) and the other CodeQL products that [GitHub](https://github.com) |
5 | | -makes available to its customers worldwide. |
| 3 | +- Old location: The `github/codeql-go` repository |
| 4 | +- New location: The `github/codeql` repository, specifically https://github.com/github/codeql/tree/main/go. |
| 5 | +- Detailed announcement: https://github.com/github/codeql-go/issues/741 |
6 | 6 |
|
7 | | -It contains two major components: |
8 | | - - an extractor, itself written in Go, that parses Go source code and converts it into a database |
9 | | - that can be queried using CodeQL. |
10 | | - - static analysis libraries and queries written in [CodeQL](https://codeql.github.com/docs/) that can be |
11 | | - used to analyze such a database to find coding mistakes or security vulnerabilities. |
| 7 | +This repository previously contained the open-source CodeQL queries, libraries, and extractor for analyzing codebases written in the Go programming language with GitHub's CodeQL code analysis tools. These contents have been moved to the `github/codeql` repository, to live alongside similar libraries for all other programming languages supported by CodeQL. |
12 | 8 |
|
13 | | -The goal of this project is to provide comprehensive static analysis support for Go in CodeQL. |
| 9 | +CodeQL support of the Go programming language remains the same, except that the code and the development will continue in `github/codeql`. |
14 | 10 |
|
15 | | -For the queries and libraries that power CodeQL support for other languages, visit [the CodeQL |
16 | | -repository](https://github.com/github/codeql). |
17 | | - |
18 | | -## Installation |
19 | | - |
20 | | -Clone this repository. |
21 | | - |
22 | | -Run `scripts/install-deps.sh`. This will ensure that the necessary external CodeQL packs are |
23 | | -downloaded to your machine. You will need to re-run this script whenever you pull new commits from |
24 | | -the repo. |
25 | | - |
26 | | -If you want to use the CodeQL extension for Visual Studio Code, import this repository into your VS |
27 | | -Code workspace. |
28 | | - |
29 | | -## Usage |
30 | | - |
31 | | -To analyze a Go codebase, either use the [CodeQL command-line |
32 | | -interface](https://codeql.github.com/docs/codeql-cli/) to create a database yourself, or |
33 | | -download a pre-built database from [LGTM.com](https://lgtm.com/). You can then run any of the |
34 | | -queries contained in this repository either on the command line or using the VS Code extension. |
35 | | - |
36 | | -Note that the [lgtm.com](https://github.com/github/codeql-go/tree/lgtm.com) branch of this |
37 | | -repository corresponds to the version of the queries that is currently deployed on LGTM.com. |
38 | | -The [main](https://github.com/github/codeql-go/tree/main) branch may contain changes that |
39 | | -have not been deployed yet, so you may need to upgrade databases downloaded from LGTM.com before |
40 | | -running queries on them. |
41 | | - |
42 | | -## Contributions |
43 | | - |
44 | | -Contributions are welcome! Please see our [contribution guidelines](CONTRIBUTING.md) and our |
45 | | -[code of conduct](CODE_OF_CONDUCT.md) for details on how to participate in our community. |
| 11 | +Please visit https://github.com/github/codeql-go/issues/741 for more details about this relocation and how to update your CodeQL and code scanning workflows. |
46 | 12 |
|
47 | 13 | ## Licensing |
48 | 14 |
|
49 | 15 | The code in this repository is licensed under the [MIT license](LICENSE). |
50 | | - |
51 | | -## Resources |
52 | | - |
53 | | -- [Writing CodeQL queries](https://codeql.github.com/docs/writing-codeql-queries/codeql-queries/) |
54 | | -- [Learning CodeQL](https://codeql.github.com/docs/writing-codeql-queries/ql-tutorials/) |
0 commit comments