diff --git a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-database-bundle-for-troubleshooting.md b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-database-bundle-for-troubleshooting.md new file mode 100644 index 000000000000..c0ddb0f06f82 --- /dev/null +++ b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-database-bundle-for-troubleshooting.md @@ -0,0 +1,46 @@ +--- +title: Creating CodeQL CLI database bundles +intro: 'You can create a database bundle with {% data variables.product.prodname_codeql %} troubleshooting information.' +allowTitleToDifferFromFilename: true +product: '{% data reusables.gated-features.codeql %}' +versions: + fpt: '*' + ghes: '*' + ghec: '*' +topics: + - Advanced Security + - Code scanning + - CodeQL +--- + +> [!WARNING] +> {% data variables.product.prodname_codeql_cli %} database bundles contain a copy of the source code being analyzed by {% data variables.product.prodname_codeql %}, therefore we suggest sharing these bundles only with people who are authorized to access that source code. + +## About creating {% data variables.product.prodname_codeql_cli %} database bundles + +{% data reusables.code-scanning.codeql-cli-version-ghes %} + +The {% data variables.product.prodname_codeql_cli %} database bundle command can be used to create a relocatable archive of a {% data variables.product.prodname_codeql %} database. + +A copy of a database bundle can be used to share troubleshooting information with your team members or with {% data variables.contact.github_support %}. + +The following {% data variables.product.prodname_codeql_cli %} command syntax is suggested when creating a database bundle for troubleshooting purposes: + +> [!NOTE] +> This sample `database bundle` command requires {% data variables.product.prodname_codeql_cli %} version {% data variables.product.codeql_cli_version_min_version_create_bundle %} or higher. + +```shell +codeql database bundle --output=codeql-debug-artifacts.zip --include-diagnostics --include-logs --include-results -- +``` + +For this command, `` must be the path to the directory where the {% data variables.product.prodname_codeql %} database was created. + +The successful command execution creates a zip file called `codeql-debug-artifacts.zip` which contains {% data variables.product.prodname_codeql %} troubleshooting information. That file is the database bundle. + +This command assumes that the `--log-dir` command line argument was not used for the `database create` and `database analyze` commands. When that command line argument is used, the log files created by those commands will not be included with the database bundle. + +## Increasing the verbosity for `database create` and `database analyze` + +If the `database create` and `database analyze` commands are not detailed enough for troubleshooting purposes, you can increase their verbosity. + +Both commands support the `--verbosity` command line argument which can be set to `progress++` prior to creating a database bundle. diff --git a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/index.md b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/index.md index 4604921811ce..add23087b97d 100644 --- a/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/index.md +++ b/content/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/index.md @@ -26,6 +26,7 @@ children: - /csv-output - /extractor-options - /exit-codes + - /creating-database-bundle-for-troubleshooting redirect_from: - /code-security/codeql-cli/codeql-cli-reference --- diff --git a/data/reusables/code-scanning/codeql-query-tables/java.md b/data/reusables/code-scanning/codeql-query-tables/java.md index 550998ae4513..d01e75ae9c48 100644 --- a/data/reusables/code-scanning/codeql-query-tables/java.md +++ b/data/reusables/code-scanning/codeql-query-tables/java.md @@ -84,6 +84,7 @@ | [Exposure of sensitive information to notifications](https://codeql.github.com/codeql-query-help/java/java-android-sensitive-notification/) | 200 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Exposure of sensitive information to UI text views](https://codeql.github.com/codeql-query-help/java/java-android-sensitive-text/) | 200 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Hard-coded credential in API call](https://codeql.github.com/codeql-query-help/java/java-hardcoded-credential-api-call/) | 798 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | +| [HTTP request type unprotected from CSRF](https://codeql.github.com/codeql-query-help/java/java-csrf-unprotected-request-type/) | 352 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} | | [Improper validation of user-provided array index](https://codeql.github.com/codeql-query-help/java/java-improper-validation-of-array-index/) | 129 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Improper validation of user-provided size used for array construction](https://codeql.github.com/codeql-query-help/java/java-improper-validation-of-array-construction/) | 129 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | | [Insecure basic authentication](https://codeql.github.com/codeql-query-help/java/java-insecure-basic-auth/) | 522, 319 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | diff --git a/data/variables/product.yml b/data/variables/product.yml index beeaafbe5169..253606f95fed 100644 --- a/data/variables/product.yml +++ b/data/variables/product.yml @@ -95,7 +95,7 @@ prodname_codeql_cli: 'CodeQL CLI' # Update this whenever a new enterprise version of CodeQL is being prepared. codeql_cli_ghes_recommended_version: >- {% ifversion ghes < 3.12 %}2.14.6{% elsif ghes < 3.17 %}2.20.3{% endif %} - +codeql_cli_version_min_version_create_bundle: '2.17.6' # Projects v2 prodname_projects_v2: 'Projects' prodname_projects_v1: >-