Compiling Databases

https://codeql.github.com/docs/codeql-cli/creating-codeql-databases/

In order to analyze a codebase using CodeQL, the project's codebase will need to be built into a database.

Creating Database for Compiled Languages

For compiled languages such as Java and C#, this will require compiling the codebase.

An example of compiling a Java project:

Note: The following commands assume the current directory is the source root; if not use the --source-root argument to specify the root of the project.

codeql database create <output-folder>/java-database --language=java --command="javac RMIExploitationDemo/*.java"

If the Java project is built with a build tool such as Gradle and Maven, CodeQL has autobuilders that can support this:

codeql database create --language=java <output-folder>/java-database

Creating Database for Interpreted Languages

For interpreted (non-compiled) languages such as Javascript and Python:

codeql database create --language=javascript <output-folder>/javascript-database

codeql database create --language=python <output-folder>/python-database

When creating a database for Python; ensure that the following is available:

All the required versions of Python are installed.
pip is installed and can install any packages that the codebase depends on.
The virtualenv module is installed.

PreviousUseful Classes [Java]NextAbout

Last updated 4 years ago

hashtagCreating Database for Compiled Languages

hashtagCreating Database for Interpreted Languages

Creating Database for Compiled Languages

Creating Database for Interpreted Languages