Skip to content
Merged
Show file tree
Hide file tree
Changes from 5 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/workflows/copilot-setup-steps.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,3 +31,7 @@ jobs:

- name: Copilot Setup - Setup CodeQL environment
uses: ./.github/actions/setup-codeql-environment

- name: Copilot Setup - Install CodeQL workspace packs
shell: bash
run: ./scripts/install-codeql-packs.sh
Comment thread
data-douser marked this conversation as resolved.
18 changes: 15 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,19 @@ Before using this repository template, ensure your GitHub organization/account h

**Note:** The ['copilot-setup-steps' actions workflow](./.github/workflows/copilot-setup-steps.yml) will automatically set up the environment for Copilot Coding Agent (CCA), so local installation is optional and primarily useful for manual development.

### Step 2: Create an Issue for the CodeQL query you want to develop
### Step 2: Install CodeQL Pack Dependencies

After cloning your new repository, install the CodeQL pack dependencies:

```bash
./scripts/install-codeql-packs.sh
```

This uses `codeql pack ls` to discover all packs in the workspace and runs `codeql pack install` for each one, generating `codeql-pack.lock.yml` files and downloading required dependencies locally. You can target a single language with `--language <lang>` (e.g., `--language java`).

> **Note:** The generated `codeql-pack.lock.yml` files should be committed to your repository to ensure reproducible dependency resolution across your team.

Comment thread
data-douser marked this conversation as resolved.
### Step 3: Create an Issue for the CodeQL query you want to develop

1. **Navigate to Issues** in your new repository
2. **Click "New Issue"**
Expand All @@ -46,13 +58,13 @@ Before using this repository template, ensure your GitHub organization/account h
- Specify severity level
5. **Submit the issue**

### Step 3: Assign Issue to `@copilot`
### Step 4: Assign Issue to `@copilot`

1. **Assign the issue** to `@copilot` (GitHub's Copilot Coding Agent user)
2. **Wait for Copilot** to process the issue and create a Pull Request
3. **Monitor progress** via the `Sessions` and/or comments for the new Pull Request

### Step 4: Review Pull Request created by Copilot Coding Agent
### Step 5: Review Pull Request created by Copilot Coding Agent

1. **Navigate to the generated Pull Request**
2. **Review the changes:**
Expand Down
32 changes: 0 additions & 32 deletions languages/actions/custom/src/codeql-pack.lock.yml

This file was deleted.

2 changes: 1 addition & 1 deletion languages/actions/custom/src/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: languages-actions-custom-src
version: 0.0.1
version: 0.0.2
library: false
dependencies:
codeql/actions-all: "*"
32 changes: 0 additions & 32 deletions languages/actions/custom/test/codeql-pack.lock.yml

This file was deleted.

4 changes: 2 additions & 2 deletions languages/actions/custom/test/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: languages-actions-custom-test
version: 0.0.1
version: 0.0.2
dependencies:
languages-actions-custom-src: "*"
languages-actions-custom-src: ${workspace}
extractor: actions
32 changes: 0 additions & 32 deletions languages/actions/tools/src/codeql-pack.lock.yml

This file was deleted.

2 changes: 1 addition & 1 deletion languages/actions/tools/src/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: languages-actions-tools-src
version: 0.0.1
version: 0.0.2
library: false
dependencies:
codeql/actions-all: "*"
36 changes: 0 additions & 36 deletions languages/actions/tools/test/codeql-pack.lock.yml

This file was deleted.

4 changes: 2 additions & 2 deletions languages/actions/tools/test/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
name: languages-actions-tools-test
version: 0.0.1
version: 0.0.2
dependencies:
# This test pack does not actually depend upon `codeql/actions-queries`,
# but we declare the dependency to ensure that the queries from the
# query pack are downloaded and available locally.
codeql/actions-queries: "*"
languages-actions-tools-src: "*"
languages-actions-tools-src: ${workspace}
extractor: actions
28 changes: 0 additions & 28 deletions languages/cpp/custom/src/codeql-pack.lock.yml

This file was deleted.

2 changes: 1 addition & 1 deletion languages/cpp/custom/src/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: languages-cpp-custom-src
version: 0.0.1
version: 0.0.2
library: false
dependencies:
codeql/cpp-all: "*"
28 changes: 0 additions & 28 deletions languages/cpp/custom/test/codeql-pack.lock.yml

This file was deleted.

4 changes: 2 additions & 2 deletions languages/cpp/custom/test/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: languages-cpp-custom-test
version: 0.0.1
version: 0.0.2
dependencies:
languages-cpp-custom-src: '*'
languages-cpp-custom-src: ${workspace}
extractor: cpp
28 changes: 0 additions & 28 deletions languages/cpp/tools/src/codeql-pack.lock.yml

This file was deleted.

2 changes: 1 addition & 1 deletion languages/cpp/tools/src/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: languages-cpp-tools-src
version: 0.0.1
version: 0.0.2
library: false
dependencies:
codeql/cpp-all: "*"
32 changes: 0 additions & 32 deletions languages/cpp/tools/test/codeql-pack.lock.yml

This file was deleted.

4 changes: 2 additions & 2 deletions languages/cpp/tools/test/qlpack.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
name: languages-cpp-tools-test
version: 0.0.1
version: 0.0.2
dependencies:
# This test pack does not actually depend upon `codeql/cpp-queries`,
# but we declare the dependency to ensure that the queries from the
# query pack are downloaded and available locally.
codeql/cpp-queries: "*"
languages-cpp-tools-src: '*'
languages-cpp-tools-src: ${workspace}
extractor: cpp
24 changes: 0 additions & 24 deletions languages/csharp/custom/src/codeql-pack.lock.yml

This file was deleted.

Loading
Loading