Skip to content

Docs: Add GitHub Actions as a supported language #19190

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
adityasharad merged 9 commits into from
Apr 2, 2025
Merged

Docs: Add GitHub Actions as a supported language #19190

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
09de7cf
Docs: Add GitHub Actions as a supported language
adityasharad Apr 2, 2025
f6442d2
Docs: Add Actions pages for CWE coverage
adityasharad Apr 2, 2025
a1ceaa0
Docs: Add initial library docs for Actions
adityasharad Apr 2, 2025
9db5cdf
Docs: Add query help page placeholders for Actions
adityasharad Apr 2, 2025
3b8c4d9
Docs: Remove spurious predicate reference
adityasharad Apr 2, 2025
4207322
Docs: Make Actions underlines the right length
adityasharad Apr 2, 2025
67dd301
Docs: Add language guide structure for Actions
adityasharad Apr 2, 2025
8f6dc1c
Docs: Fix more short underlines
adityasharad Apr 2, 2025
4d6afe7
Docs: Address comments on Actions docs
adityasharad Apr 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions docs/codeql/codeql-overview/codeql-tools.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ The standard CodeQL query and library packs
(`source <https://github.com/github/codeql/tree/codeql-cli/latest>`__)
maintained by GitHub are:

- ``codeql/actions-queries`` (`changelog <https://github.com/github/codeql/tree/codeql-cli/latest/actions/ql/src/CHANGELOG.md>`__, `source <https://github.com/github/codeql/tree/codeql-cli/latest/actions/ql/src>`__)
- ``codeql/actions-all`` (`changelog <https://github.com/github/codeql/tree/codeql-cli/latest/actions/ql/lib/CHANGELOG.md>`__, `source <https://github.com/github/codeql/tree/codeql-cli/latest/actions/ql/lib>`__)
- ``codeql/cpp-queries`` (`changelog <https://github.com/github/codeql/tree/codeql-cli/latest/cpp/ql/src/CHANGELOG.md>`__, `source <https://github.com/github/codeql/tree/codeql-cli/latest/cpp/ql/src>`__)
- ``codeql/cpp-all`` (`changelog <https://github.com/github/codeql/tree/codeql-cli/latest/cpp/ql/lib/CHANGELOG.md>`__, `source <https://github.com/github/codeql/tree/codeql-cli/latest/cpp/ql/lib>`__)
- ``codeql/csharp-queries`` (`changelog <https://github.com/github/codeql/tree/codeql-cli/latest/csharp/ql/src/CHANGELOG.md>`__, `source <https://github.com/github/codeql/tree/codeql-cli/latest/csharp/ql/src>`__)
Expand Down
2 changes: 2 additions & 0 deletions docs/codeql/reusables/actions-further-reading.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
- `CodeQL queries for GitHub Actions <https://github.com/github/codeql/tree/main/actions/ql/src>`__
- `CodeQL library reference for GitHub Actions <https://codeql.github.com/codeql-standard-libraries/actions/>`__
2 changes: 2 additions & 0 deletions docs/codeql/reusables/extractors.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@

* - Language
- Identifier
* - GitHub Actions
- ``actions``
* - C/C++
- ``cpp``
* - C#
Expand Down
17 changes: 17 additions & 0 deletions docs/codeql/reusables/supported-frameworks.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,23 @@ and the CodeQL library pack ``codeql/csharp-all`` (`changelog <https://github.co
NHibernate, Database ORM
WinForms, User interface

GitHub Actions built-in support
================================

Provided by the current versions of the
CodeQL query pack ``codeql/actions-queries`` (`changelog <https://github.com/github/codeql/tree/codeql-cli/latest/cpp/ql/src/CHANGELOG.md>`__, `source <https://github.com/github/codeql/tree/codeql-cli/latest/actions/ql/src>`__)
and the CodeQL library pack ``codeql/actions-all`` (`changelog <https://github.com/github/codeql/tree/codeql-cli/latest/cpp/ql/lib/CHANGELOG.md>`__, `source <https://github.com/github/codeql/tree/codeql-cli/latest/actions/ql/lib>`__).

.. csv-table::
:header-rows: 1
:class: fullWidthTable
:widths: auto
:align: left

Name, Category
`GitHub Actions workflow YAML files <https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions>`, Workflows
`GitHub Actions action metadata YAML files <https://docs.github.com/en/actions/sharing-automations/creating-actions/metadata-syntax-for-github-actions>`, Actions

Go built-in support
================================

Expand Down
2 changes: 2 additions & 0 deletions docs/codeql/reusables/supported-versions-compilers.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
.NET Core up to 3.1

.NET 5, .NET 6, .NET 7, .NET 8, .NET 9","``.sln``, ``.csproj``, ``.cs``, ``.cshtml``, ``.xaml``"
GitHub Actions [12]_,"Not applicable",Not applicable,"``.github/workflows/*.yml``, ``.github/workflows/*.yaml``, ``action.yml``, ``action.yaml``"
Comment thread
adityasharad marked this conversation as resolved.
Outdated
Go (aka Golang), "Go up to 1.24", "Go 1.11 or more recent", ``.go``
Java,"Java 7 to 24 [5]_","javac (OpenJDK and Oracle JDK),

Expand All @@ -40,3 +41,4 @@
.. [9] Requires glibc 2.17.
.. [10] Support for the analysis of Swift requires macOS.
.. [11] TypeScript analysis is performed by running the JavaScript extractor with TypeScript enabled. This is the default.
.. [12] Support for GitHub Actions is in public preview.
Copy link
Copy Markdown
Contributor

@marcogario marcogario Apr 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: This will need updating for GA, but I agree to merge this initial version of the docs ASAP and iterate.

Copy link
Copy Markdown
Collaborator Author

@adityasharad adityasharad Apr 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup - will drop this footnote for GA.

1 change: 1 addition & 0 deletions docs/codeql/writing-codeql-queries/about-codeql-queries.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,7 @@ When writing your own alert queries, you would typically import the standard lib
- :ref:`CodeQL library guide for C and C++ <codeql-library-for-cpp>`
- :ref:`CodeQL library guide for C# <codeql-library-for-csharp>`
- :ref:`CodeQL library guide for Go <codeql-library-for-go>`
- :ref:`CodeQL library guide for GitHub Actions <codeql-library-for-actions>`
- :ref:`CodeQL library guide for Java and Kotlin <codeql-library-for-java>`
- :ref:`CodeQL library guide for JavaScript <codeql-library-for-javascript>`
- :ref:`CodeQL library guide for Python <codeql-library-for-python>`
Expand Down
7 changes: 5 additions & 2 deletions docs/query-help-style-guide.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,12 @@ When you contribute a new [supported query](supported-queries.md) to this reposi
* [C/C++ queries](https://codeql.github.com/codeql-query-help/cpp/)
* [C# queries](https://codeql.github.com/codeql-query-help/csharp/)
* [Go queries](https://codeql.github.com/codeql-query-help/go/)
* [Java queries](https://codeql.github.com/codeql-query-help/java/)
* [JavaScript queries](https://codeql.github.com/codeql-query-help/javascript/)
* [GitHub Actions queries](https://codeql.github.com/codeql-query-help/actions/)
* [Java/Kotlin queries](https://codeql.github.com/codeql-query-help/java/)
* [JavaScript/TypeScript queries](https://codeql.github.com/codeql-query-help/javascript/)
* [Python queries](https://codeql.github.com/codeql-query-help/python/)
* [Ruby queries](https://codeql.github.com/codeql-query-help/ruby/)
* [Swift queries](https://codeql.github.com/codeql-query-help/swift/)

### Location and file name

Expand Down
5 changes: 4 additions & 1 deletion docs/query-metadata-style-guide.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,13 @@ For examples of query files for the languages supported by CodeQL, visit the fol

* [C/C++ queries](https://codeql.github.com/codeql-query-help/cpp/)
* [C# queries](https://codeql.github.com/codeql-query-help/csharp/)
* [GitHub Actions queries](https://codeql.github.com/codeql-query-help/actions/)
* [Go queries](https://codeql.github.com/codeql-query-help/go/)
* [Java queries](https://codeql.github.com/codeql-query-help/java/)
* [Java/Kotlin queries](https://codeql.github.com/codeql-query-help/java/)
* [JavaScript queries](https://codeql.github.com/codeql-query-help/javascript/)
* [Python queries](https://codeql.github.com/codeql-query-help/python/)
* [Ruby queries](https://codeql.github.com/codeql-query-help/ruby/)
* [Swift queries](https://codeql.github.com/codeql-query-help/swift/)

## Metadata area

Expand Down