Skip to content

Conversation

henrymercer
Copy link
Contributor

The current CodeQL Action relies on a hard-coded list of supported languages. This PR specifies default queries for each CodeQL language, allowing us to remove that list and instead detect languages dynamically:

We now select languages whose extractors are present in the CodeQL search path and provide default queries.

Reasoning:

  • We choose to start providing default queries information since we only want to select extractors which have first-class support e.g. JavaScript, but not .properties. What differentiates these extractors is whether they have queries associated with them.
  • Makes it easier for third-parties to develop and test extractors: they don't need to fork the Action, and don't get stuck on the current hard-coded codeql/<lang>-queries default queries in the CLI.
  • Makes it easier for us to develop new extractors since we no longer need to change the Action to start using a new extractor.

@Copilot Copilot AI review requested due to automatic review settings August 29, 2025 16:46
@henrymercer henrymercer requested review from a team as code owners August 29, 2025 16:46
@github-actions github-actions bot added C# JS Python Go Ruby Rust Pull requests that update Rust code Swift Actions Analysis of GitHub Actions labels Aug 29, 2025
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds default query specifications to CodeQL extractor configuration files to enable dynamic language detection. The change moves away from hard-coded language lists in the CodeQL Action to a system where languages are automatically detected based on the presence of extractors with default queries.

  • Adds default_queries field to all CodeQL language extractor configuration files
  • Each language specifies its corresponding query pack (e.g., codeql/swift-queries, codeql/rust-queries)
  • Enables third-party extractor development without requiring Action modifications

Reviewed Changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated no comments.

Show a summary per file
File Description
swift/codeql-extractor.yml Adds default_queries pointing to codeql/swift-queries
rust/codeql-extractor.yml Adds default_queries pointing to codeql/rust-queries
ruby/codeql-extractor.yml Adds default_queries pointing to codeql/ruby-queries
python/codeql-extractor.yml Adds default_queries pointing to codeql/python-queries
javascript/resources/codeql-extractor.yml Adds default_queries pointing to codeql/javascript-queries
go/codeql-extractor.yml Adds default_queries pointing to codeql/go-queries
csharp/codeql-extractor.yml Adds default_queries pointing to codeql/csharp-queries
actions/extractor/codeql-extractor.yml Adds default_queries pointing to codeql/actions-queries

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Actions Analysis of GitHub Actions C# Go JS Python Ruby Rust Pull requests that update Rust code Swift
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant