This space contains one page for each of the C++ built-in queries for the most recent release of the QL tools. Each page contains:
- Summary of key metadata for the query
- QL code for the query
- Help information for the query
- Labels derived from the query metadata
About the queries
The queries built into the QL tools include queries that:
- Run on LGTM—selected because they find issues that are important to the majority of developers and/or the results have a very high precision. That is, a high percentage of the alerts they report are true results. For a list of all the default LGTM queries, see LGTM.com and search: language=cpp. Note that the results may include queries that are scheduled for release next version of Semmle's product range.
- Generate additional alerts—some of these queries are relevant only if you're working in a field which has special coding standards, for example, the Joint Strike Fighter Air Vehicle C++ Coding Standard.
- Calculate metrics—these give you more general information about a project.
- Demonstrate other ways to output data using QL—for example, generating a table, chart or graph of results. These are intended to be run using the QL plugins and extensions.
Exploring the queries
The heatmap below shows the labels for C++ built-in queries, click a label to view all queries with that tag or query type.
This document contains the help for all the C++ built-in queries for the most recent release of the QL tools.
About the security queries
There are two query suites for C security analysis:
all. For most projects we recommend that you run queries from the
default suite. The
all suite contains a few additional rules which perform points-to analysis and may timeout on some projects. These rules test for the following CWEs:
Security analysis testing