CodeQL documentation

CodeQL for JavaΒΆ

Experiment and learn how to write effective and efficient queries for CodeQL databases generated from Java codebases.

  • Basic query for Java code: Learn to write and run a simple CodeQL query using LGTM.
  • CodeQL library for Java: When analyzing Java code, you can use the large collection of classes in the CodeQL library for Java.
  • Analyzing data flow in Java: You can use CodeQL to track the flow of data through a Java program to its use.
  • Java types: You can use CodeQL to find out information about data types used in Java code. This allows you to write queries to identify specific type-related issues.
  • Overflow-prone comparisons in Java: You can use CodeQL to check for comparisons in Java code where one side of the comparison is prone to overflow.
  • Navigating the call graph: CodeQL has classes for identifying code that calls other code, and code that can be called from elsewhere. This allows you to find, for example, methods that are never used.
  • Annotations in Java: CodeQL databases of Java projects contain information about all annotations attached to program elements.
  • Javadoc: You can use CodeQL to find errors in Javadoc comments in Java code.
  • Working with source locations: You can use the location of entities within Java code to look for potential errors. Locations allow you to deduce the presence, or absence, of white space which, in some cases, may indicate a problem.
  • Abstract syntax tree classes for working with Java programs: CodeQL has a large selection of classes for representing the abstract syntax tree of Java programs.