Skip to content

Repo sync #39705

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Aug 7, 2025
+70 −14
Merged

Repo sync #39705

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ed12446
Merge pull request #57016 from github/repo-sync
docs-bot Aug 7, 2025
80cfae3
Update CodeQL CLI manual (#56976)
docs-bot Aug 7, 2025
5f0006d
Update CodeQL query tables (#56978)
docs-bot Aug 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .../code-security/code-scanning/managing-your-code-scanning-configuration/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,5 +28,6 @@ children:
- /javascript-typescript-built-in-queries
- /python-built-in-queries
- /ruby-built-in-queries
- /rust-built-in-queries
- /swift-built-in-queries
---
23 changes: 23 additions & 0 deletions ...ode-scanning/managing-your-code-scanning-configuration/rust-built-in-queries.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---
title: Rust queries for CodeQL analysis
shortTitle: Rust CodeQL queries
intro: 'Explore the queries that {% data variables.product.prodname_codeql %} uses to analyze code written in Rust when you select the `default` or the `security-extended` query suite.'
product: '{% data reusables.gated-features.codeql %}'
allowTitleToDifferFromFilename: true
versions:
fpt: '*'
ghes: '*'
ghec: '*'
type: reference
topics:
- Code scanning
- CodeQL
---

{% data variables.product.prodname_codeql %} includes many queries for analyzing Rust code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}

## Built-in queries for Rust analysis

{% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}

{% data reusables.code-scanning.codeql-query-tables.rust %}
6 changes: 3 additions & 3 deletions content/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ all queries. It loads query help for /path/to/query.ql from the
/path/to/query.md file. If this flag is not supplied the default
behavior is to include help only for custom queries i.e. those in query
packs which are not of the form \`codeql/\<lang\&rt;-queries\`. This
option has no effect when passed to [codeql bqrs interpret](/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret).
option has no effect when passed to codeql bqrs interpret.

#### `--sarif-include-query-help=<mode>`

Expand All @@ -117,7 +117,7 @@ queries i.e. those in query packs which are not of the form

`never`: Do not include query help for any queries.

This option has no effect when passed to [codeql bqrs interpret](/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret).
This option has no effect when passed to codeql bqrs interpret.

Available since `v2.15.2`.

Expand All @@ -132,7 +132,7 @@ Available since `v2.18.1`.

\[SARIF formats only] Place the rule object for each query under its
corresponding QL pack in the `<run>.tool.extensions` property. This
option has no effect when passed to [codeql bqrs interpret](/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret).
option has no effect when passed to codeql bqrs interpret.

#### `--[no-]sarif-multicause-markdown`

Expand Down
3 changes: 3 additions & 0 deletions content/code-security/codeql-cli/codeql-cli-manual/database-bundle.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,9 @@ predicates.
`fit`: Simply make sure the defined size limits for the disk cache are
observed, deleting as many intermediates as necessary.

`overlay`: Trim to just the data that will be useful when evaluating
against an overlay.

#### `--cleanup-upgrade-backups`

Delete any backup directories resulting from database upgrades.
Expand Down
3 changes: 3 additions & 0 deletions content/code-security/codeql-cli/codeql-cli-manual/database-cleanup.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,9 @@ predicates.
`fit`: Simply make sure the defined size limits for the disk cache are
observed, deleting as many intermediates as necessary.

`overlay`: Trim to just the data that will be useful when evaluating
against an overlay.

#### `--cleanup-upgrade-backups`

Delete any backup directories resulting from database upgrades.
Expand Down
5 changes: 4 additions & 1 deletion content/code-security/codeql-cli/codeql-cli-manual/database-create.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -286,6 +286,9 @@ predicates.
`fit`: Simply make sure the defined size limits for the disk cache are
observed, deleting as many intermediates as necessary.

`overlay`: Trim to just the data that will be useful when evaluating
against an overlay.

#### `--cleanup-upgrade-backups`

Delete any backup directories resulting from database upgrades.
Expand All @@ -311,7 +314,7 @@ configuration files that should work in most situations.

\[Advanced] The directory in which the specified command should be
executed. If this argument is not provided, the command is executed in
the value of `--source-root` passed to [codeql database create](/code-security/codeql-cli/codeql-cli-manual/database-create), if one exists. If no `--source-root` argument is provided, the command is executed in the
the value of `--source-root` passed to codeql database create, if one exists. If no `--source-root` argument is provided, the command is executed in the
current working directory.

#### `--no-run-unnecessary-builds`
Expand Down
3 changes: 3 additions & 0 deletions content/code-security/codeql-cli/codeql-cli-manual/database-finalize.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -143,6 +143,9 @@ predicates.
`fit`: Simply make sure the defined size limits for the disk cache are
observed, deleting as many intermediates as necessary.

`overlay`: Trim to just the data that will be useful when evaluating
against an overlay.

#### `--cleanup-upgrade-backups`

Delete any backup directories resulting from database upgrades.
Expand Down
4 changes: 2 additions & 2 deletions content/code-security/codeql-cli/codeql-cli-manual/database-init.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -264,7 +264,7 @@ will use all the values provided, in order. Extractor options specified
using this command-line option are processed after extractor options
given via `--extractor-options-file`.

When passed to [codeql database init](/code-security/codeql-cli/codeql-cli-manual/database-init) or `codeql database begin-tracing`, the options will only be
When passed to codeql database init or `codeql database begin-tracing`, the options will only be
applied to the indirect tracing environment. If your workflow also makes
calls to
[codeql database trace-command](/code-security/codeql-cli/codeql-cli-manual/database-trace-command) then the options also need to be passed there if desired.
Expand All @@ -290,7 +290,7 @@ will use all the values provided, in order. Extractor options specified
using this command-line option are processed before extractor options
given via `--extractor-option`.

When passed to [codeql database init](/code-security/codeql-cli/codeql-cli-manual/database-init) or `codeql database begin-tracing`, the options will only be
When passed to codeql database init or `codeql database begin-tracing`, the options will only be
applied to the indirect tracing environment. If your workflow also makes
calls to
[codeql database trace-command](/code-security/codeql-cli/codeql-cli-manual/database-trace-command) then the options also need to be passed there if desired.
Expand Down
2 changes: 1 addition & 1 deletion content/code-security/codeql-cli/codeql-cli-manual/database-run-queries.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ the results subdirectory of the database directory.
The results can later be converted to readable formats by [codeql database interpret-results](/code-security/codeql-cli/codeql-cli-manual/database-interpret-results), or query-for-query by with [codeql bqrs decode](/code-security/codeql-cli/codeql-cli-manual/bqrs-decode) or [codeql bqrs interpret](/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret).

If your queries produce results in a form that can be interpreted as
source-code alerts, you may find [codeql database analyze](/code-security/codeql-cli/codeql-cli-manual/database-analyze) a more convenient way to run them. [codeql database analyze](/code-security/codeql-cli/codeql-cli-manual/database-analyze) combines [codeql database run-queries](/code-security/codeql-cli/codeql-cli-manual/database-run-queries) with [codeql database interpret-results](/code-security/codeql-cli/codeql-cli-manual/database-interpret-results) in a single step. In particular, [codeql database analyze](/code-security/codeql-cli/codeql-cli-manual/database-analyze) can produce output in the SARIF format, which can be used with an variety of alert viewers.
source-code alerts, you may find [codeql database analyze](/code-security/codeql-cli/codeql-cli-manual/database-analyze) a more convenient way to run them. [codeql database analyze](/code-security/codeql-cli/codeql-cli-manual/database-analyze) combines codeql database run-queries with [codeql database interpret-results](/code-security/codeql-cli/codeql-cli-manual/database-interpret-results) in a single step. In particular, [codeql database analyze](/code-security/codeql-cli/codeql-cli-manual/database-analyze) can produce output in the SARIF format, which can be used with an variety of alert viewers.

Alternatively, if you have only a single query to run, you might prefer
[codeql query run](/code-security/codeql-cli/codeql-cli-manual/query-run), which can display human-readable output for quick inspection of results while you're debugging.
Expand Down
6 changes: 3 additions & 3 deletions content/code-security/codeql-cli/codeql-cli-manual/database-trace-command.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ configuration files that should work in most situations.
In addition to the specified command, run the main script for extractors
that don't depend on tracing a build process. If you're constructing
databases for several languages with `--db-cluster`, this option should
be given to exactly one invocation of [codeql database trace-command](/code-security/codeql-cli/codeql-cli-manual/database-trace-command).
be given to exactly one invocation of codeql database trace-command.

#### `--[no-]use-build-mode`

Expand Down Expand Up @@ -144,7 +144,7 @@ given via `--extractor-options-file`.
When passed to [codeql database init](/code-security/codeql-cli/codeql-cli-manual/database-init) or `codeql database begin-tracing`, the options will only be
applied to the indirect tracing environment. If your workflow also makes
calls to
[codeql database trace-command](/code-security/codeql-cli/codeql-cli-manual/database-trace-command) then the options also need to be passed there if desired.
codeql database trace-command then the options also need to be passed there if desired.

See <https://codeql.github.com/docs/codeql-cli/extractor-options> for
more information on CodeQL extractor options, including how to list the
Expand All @@ -170,7 +170,7 @@ given via `--extractor-option`.
When passed to [codeql database init](/code-security/codeql-cli/codeql-cli-manual/database-init) or `codeql database begin-tracing`, the options will only be
applied to the indirect tracing environment. If your workflow also makes
calls to
[codeql database trace-command](/code-security/codeql-cli/codeql-cli-manual/database-trace-command) then the options also need to be passed there if desired.
codeql database trace-command then the options also need to be passed there if desired.

See <https://codeql.github.com/docs/codeql-cli/extractor-options> for
more information on CodeQL extractor options, including how to list the
Expand Down
3 changes: 3 additions & 0 deletions content/code-security/codeql-cli/codeql-cli-manual/dataset-cleanup.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,9 @@ predicates.
`fit`: Simply make sure the defined size limits for the disk cache are
observed, deleting as many intermediates as necessary.

`overlay`: Trim to just the data that will be useful when evaluating
against an overlay.

#### `--cleanup-upgrade-backups`

Delete any backup directories resulting from database upgrades.
Expand Down
2 changes: 1 addition & 1 deletion content/code-security/codeql-cli/codeql-cli-manual/dataset-import.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ takes up a lot of space in the dataset.

#### `--[no-]linkage-aware-import`

\[Advanced] Controls whether [codeql dataset import](/code-security/codeql-cli/codeql-cli-manual/dataset-import) is linkage-aware _(default)_ or not. On projects where this part of database creation
\[Advanced] Controls whether codeql dataset import is linkage-aware _(default)_ or not. On projects where this part of database creation
consumes too much memory, disabling this option may help them progress
at the expense of database completeness.

Expand Down
2 changes: 1 addition & 1 deletion content/code-security/codeql-cli/codeql-cli-manual/execute-queries.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ codeql execute queries [--output=<dir|file.bqrs>] [--threads=<num>] <options>...
\[Plumbing] Run one or more queries against a dataset.

This command should not normally be invoked directly. Instead use either
[codeql database run-queries](/code-security/codeql-cli/codeql-cli-manual/database-run-queries) or [codeql query run](/code-security/codeql-cli/codeql-cli-manual/query-run), which will start [codeql execute queries](/code-security/codeql-cli/codeql-cli-manual/execute-queries) with specific JVM options to tune the performance of the QL evaluator.
[codeql database run-queries](/code-security/codeql-cli/codeql-cli-manual/database-run-queries) or [codeql query run](/code-security/codeql-cli/codeql-cli-manual/query-run), which will start codeql execute queries with specific JVM options to tune the performance of the QL evaluator.

## Options

Expand Down
2 changes: 1 addition & 1 deletion content/code-security/codeql-cli/codeql-cli-manual/execute-query-server.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ codeql execute query-server <options>...
\[Deprecated] \[Plumbing] Support for running queries from IDEs.

The
[codeql execute query-server](/code-security/codeql-cli/codeql-cli-manual/execute-query-server) subcommand is unsupported and no longer works. If you are using the official CodeQL extension for Visual Studio Code, please upgrade the extension to 1.7.6 or a later version. Otherwise please migrate your CodeQL IDE integration to the `codeql execute query-server2` subcommand.
codeql execute query-server subcommand is unsupported and no longer works. If you are using the official CodeQL extension for Visual Studio Code, please upgrade the extension to 1.7.6 or a later version. Otherwise please migrate your CodeQL IDE integration to the `codeql execute query-server2` subcommand.

## Options

Expand Down
2 changes: 1 addition & 1 deletion content/code-security/codeql-cli/codeql-cli-manual/test-run.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -275,7 +275,7 @@ timed parts are "RA layers" of the optimized query, but that might
change in the future.

If no timeout is specified, or is given as 0, no timeout will be set
(except for [codeql test run](/code-security/codeql-cli/codeql-cli-manual/test-run), where the default timeout is 5 minutes).
(except for codeql test run, where the default timeout is 5 minutes).

#### `-j, --threads=<num>`

Expand Down
17 changes: 17 additions & 0 deletions data/reusables/code-scanning/codeql-query-tables/rust.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{% rowheaders %}

| Query name | Related CWEs | Default | Extended | {% data variables.copilot.copilot_autofix_short %} |
| --- | --- | --- | --- | --- |
| [Access of invalid pointer](https://codeql.github.com/codeql-query-help/rust/rust-access-invalid-pointer/) | 476, 825 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
| [Cleartext logging of sensitive information](https://codeql.github.com/codeql-query-help/rust/rust-cleartext-logging/) | 312, 359, 532 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
| [Cleartext transmission of sensitive information](https://codeql.github.com/codeql-query-help/rust/rust-cleartext-transmission/) | 319 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
| [Database query built from user-controlled sources](https://codeql.github.com/codeql-query-help/rust/rust-sql-injection/) | 089 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
| [Hard-coded cryptographic value](https://codeql.github.com/codeql-query-help/rust/rust-hard-coded-cryptographic-value/) | 259, 321, 798, 1204 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
| [Regular expression injection](https://codeql.github.com/codeql-query-help/rust/rust-regex-injection/) | 020, 074 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
| [Uncontrolled allocation size](https://codeql.github.com/codeql-query-help/rust/rust-uncontrolled-allocation-size/) | 770, 789 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
| [Uncontrolled data used in path expression](https://codeql.github.com/codeql-query-help/rust/rust-path-injection/) | 022, 023, 036, 073, 099 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
| [Use of a broken or weak cryptographic algorithm](https://codeql.github.com/codeql-query-help/rust/rust-weak-cryptographic-algorithm/) | 327 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
| [Use of a broken or weak cryptographic hashing algorithm on sensitive data](https://codeql.github.com/codeql-query-help/rust/rust-weak-sensitive-data-hashing/) | 327, 328, 916 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
| [Access of a pointer after its lifetime has ended](https://codeql.github.com/codeql-query-help/rust/rust-access-after-lifetime-ended/) | 825 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |

{% endrowheaders %}
Loading