CodeQL documentation

database trace-command

Synopsis

codeql database trace-command [--threads=<num>] [--ram=<MB>] <options>... [--] <database> <command>...

Description

[Plumbing] Run a single command as part of a traced build.

This runs a single given command line under a tracer, thus possibly performing some extraction, but does not finalize the resulting CodeQL database.

Options

<database>

[Mandatory] Path to the CodeQL database under construction. This must have been prepared for extraction with codeql database init.

If the --db-cluster option is given, this is not a database itself, but a directory that contains databases, and all of those databases will be processed together.

<command>...

The command to run. This may consist of one or more arguments, which are used to create the process. It is recommended to pass the ‘–’ argument before listing the command’s arguments, in order to avoid confusion between its arguments and ours.

The command is expected to exit with a status code of 0. Any other exit code is interpreted as a failure.

The command may be omitted when --index-traceless-dbs is given.

-j, --threads=<num>

Ask the extractor to use this many threads. This option is passed to the extractor as a suggestion. If the CODEQL_THREADS environment variable is set, the environment variable value takes precedence over this option.

You can pass 0 to use one thread per core on the machine, or -N to leave N cores unused (except still use at least one thread).

-M, --ram=<MB>

Ask the extractor to use this much memory. This option is passed to the extractor as a suggestion. If the CODEQL_RAM environment variable is set, the environment variable value takes precedence over this option.

--[no-]db-cluster

Indicates that the directory given on the command line is not a database itself, but a directory that contains one or more databases under construction. Those databases will be processed together.

--no-tracing

[Advanced] Do not trace the specified command, instead rely on it to produce all necessary data directly.

--compiler-spec=<spec-file>

[Advanced] The path to a compiler specification file. It may be used to pick out compiler processes that run as part of the build command, and trigger the execution of other tools. The extractors will provide default compiler specifications that should work in most situations.

--[no-]index-traceless-dbs

In addition to the specified command, run the main script for extractors that don’t depend on tracing a build process. If you’re constructing databases for several languages with --db-cluster, this option should be given to exactly one invocation of codeql database trace-command.

--working-dir=<dir>

[Advanced] The directory in which the specified command should be executed. If this argument is not provided, the command is executed in the value of --source-root passed to codeql database create, if one exists. If no --source-root argument is provided, the command is executed in the current working directory.

--no-run-unnecessary-builds

[Advanced] Only run the specified build command(s) if a database under construction uses an extractor that depends on tracing a build process. If this option is not given, the command will be executed even when CodeQL doesn’t need it, on the assumption that you need its side effects for other reasons.

Common options

-h, --help

Show this help text.

-J=<opt>

[Advanced] Give option to the JVM running the command.

(Beware that options containing spaces will not be handled correctly.)

-v, --verbose

Incrementally increase the number of progress messages printed.

-q, --quiet

Incrementally decrease the number of progress messages printed.

--verbosity=<level>

[Advanced] Explicitly set the verbosity level to one of errors, warnings, progress, progress+, progress++, progress+++. Overrides -v and -q.

--logdir=<dir>

[Advanced] Write detailed logs to one or more files in the given directory, with generated names that include timestamps and the name of the running subcommand.

(To write a log file with a name you have full control over, instead give --log-to-stderr and redirect stderr as desired.)

  • © GitHub, Inc.
  • Terms
  • Privacy