You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+23-3Lines changed: 23 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,21 @@ This repo contains tools and example queries to use [CodeQL](https://securitylab
6
6
- an [extractor](https://help.semmle.com/codeql/glossary.html#extractor) to generate a [CodeQL database](https://help.semmle.com/codeql/about-codeql.html#about-codeql-databases) from a Ruby codebase
7
7
- a [CodeQL library](https://help.semmle.com/QL/ql-handbook/modules.html#library-modules) for the Ruby language to allow easy querying
8
8
9
-
It is currently in **proof-of-concept** stage. Not only should you not use this in production, it's currently unusable for research. This will be updated as we get this thing off the ground, but for now it is only online as a demonstration and to allow anyone who would like to to try it out, fork it, or contribute their own code.
9
+
## Proof of Concept
10
+
11
+
This tool is currently in **proof-of-concept** stage. Not only should you not use this in production, it's currently unusable for research. This will be updated as we get this thing off the ground, but for now it is only online as a demonstration and to allow anyone who would like to to try it out, fork it, or contribute their own code.
12
+
13
+
Progress will be tracked on [agius/codeql_ruby](https://github.com/agius/codeql_ruby), and you can follow it via:
14
+
15
+
-[Pull requests](https://github.com/agius/codeql_ruby/pulls) for all code changes
16
+
17
+
-[Github Projects on this repo](https://github.com/agius/codeql_ruby/projects) - currently on [Phase 2: Usefulness](https://github.com/agius/codeql_ruby/projects/1)
18
+
19
+
If you have specific thoughts, suggestions, proposals, use cases, etc, please feel free to contact the maintainers:
20
+
21
+
-[open an issue](https://github.com/agius/codeql_ruby/issues/new) on [agius/codeql_ruby](https://github.com/agius/codeql_ruby)
22
+
-[tweet at @agius](http://twitter.com/agius)
23
+
- join us in the `#codeql-hacking` channel in the Github Security Lab Slack team - request an invite on [the Github Security Lab page](https://securitylab.github.com/get-involved)
10
24
11
25
## Dependencies
12
26
@@ -75,9 +89,15 @@ With that, you should be good to go! Check out "Usage" and "Development" below.
75
89
76
90
## Usage
77
91
78
-
Currently the extractor only extracts one file: `spec/base_unsafe_script/unsafe_command.rb`
92
+
Currently the extractor extracts all Ruby files nested in the directory from which the extractor is run. Essentially all files found by:
93
+
94
+
```shell
95
+
$ find . -name '*.rb'
96
+
```
97
+
98
+
Expanding extraction to dependencies and related files is a work-in-progress.
79
99
80
-
You can create a database for this file by using the codeql create database functionality:
100
+
You can create a database for the directory by using the codeql create database functionality:
0 commit comments