Downloading CodeQL query packs
- In VS Code, open the VS Code Command Palette and run CodeQL: Download Packs.
- You can download all the core query packs, or enter the full name of a specific pack to download. You can download query packs created by other users.
Installing dependencies for CodeQL query packs
- In VS Code, open the VS Code Command Palette and run CodeQL: Install Pack Dependencies.
- Select the packs that you want to install dependencies for.
Viewing a CodeQL query pack and its dependencies
-
In VS Code, open the
qlpack.ymlfile in the root of any CodeQL pack directory. -
In the
dependenciessection of theqlpack.ymlfile, you'll see what libraries the pack depends on. -
Optionally, you can use VS Code's IntelliSense features. For example, if you hover over an element from a library depended on by the pack, Visual Studio Code will resolve it so you can see documentation about the element.
-
To view the full definition of an element of a query, you can right-click and select Go to Definition.
- If the library pack is present within the same Visual Studio Code workspace, this will take you to the definition within the workspace.
- Otherwise, you will see the definition stored in your package cache, where downloaded dependencies are saved. The package cache is a shared location that is stored in your home directory by default.
Next steps
注意
CodeQL 模型包目前包含在 beta 版本 中,可能会更改。 C/C++、C#、Java/Kotlin、Python、和 Ruby 分析支持模型包。
Visual Studio Code 的 CodeQL 扩展中的 CodeQL 支持对 C#、Java/Kotlin、Python 和 Ruby 的依赖项建模。
CodeQL model packs can be used to expand code scanning analysis to include dependencies that are not supported by default. The CodeQL extension for Visual Studio Code includes a dedicated editor for creating and editing model packs. See Using the CodeQL model editor.