You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CONTRIBUTING.md
+54Lines changed: 54 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -65,6 +65,60 @@ To test the CodeQL libraries and queries, you can run the following command:
65
65
./scripts/run-tests.sh
66
66
```
67
67
68
+
### Coverage Reporting
69
+
70
+
The project includes a coverage script to track CodeQL query coverage and generate reports. The script analyzes all available queries and provides detailed coverage statistics.
71
+
72
+
#### Running the Coverage Script
73
+
74
+
To update coverage data and generate a report:
75
+
76
+
```bash
77
+
python scripts/coverage.py
78
+
```
79
+
80
+
This will:
81
+
- Load the existing `.coverage.json` file
82
+
- Run `codeql resolve queries` to discover all available queries
83
+
- Update the coverage data with query metadata
84
+
- Generate a markdown coverage report
85
+
- Update the README.md file with the latest coverage statistics
86
+
87
+
#### Coverage Script Options
88
+
89
+
The coverage script supports several command-line options:
90
+
91
+
```bash
92
+
# Generate only markdown output (useful for CI/CD)
93
+
python scripts/coverage.py --markdown-only
94
+
95
+
# Update coverage data but skip README.md update
96
+
python scripts/coverage.py --no-readme-update
97
+
98
+
# Show help and available options
99
+
python scripts/coverage.py --help
100
+
```
101
+
102
+
#### Coverage Report Features
103
+
104
+
The generated coverage report includes:
105
+
106
+
-**Coverage Badge**: Dynamically colored based on coverage percentage
107
+
-**Summary Statistics**: Total queries, covered queries, coverage percentage
108
+
-**Category Breakdown**: Coverage by query category (Security, Diagnostics)
109
+
-**CWE Analysis**: Coverage by Common Weakness Enumeration categories
110
+
-**Timestamp**: When the report was last generated
111
+
112
+
#### Understanding Coverage Data
113
+
114
+
The coverage script tracks:
115
+
-**Total Queries**: All queries discovered in `ql/src/`
116
+
-**Covered Queries**: Queries that have associated tests (initially 0, updated as tests are added)
117
+
-**Categories**: Query categories like `security` and `diagnostics`
118
+
-**CWE Categories**: Security queries mapped to Common Weakness Enumeration identifiers
119
+
120
+
To mark a query as "covered", you'll need to create corresponding test files in the `ql/test/` directory structure.
121
+
68
122
## Resources
69
123
70
124
-[How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
0 commit comments