forked from arn-c0de/InteractiveChecklists
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathrun_codeql_analysis.bat
More file actions
101 lines (88 loc) · 2.82 KB
/
run_codeql_analysis.bat
File metadata and controls
101 lines (88 loc) · 2.82 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
@echo off
REM CodeQL Multi-Language Analysis Script
REM Analyzes both Java/Kotlin (Android) and Python (DCS Scripts)
setlocal enabledelayedexpansion
echo ===============================================
echo CodeQL Multi-Language Analysis
echo ===============================================
echo.
REM Check if CodeQL is installed
where codeql >nul 2>&1
if %errorlevel% neq 0 (
echo ERROR: CodeQL CLI not found in PATH
echo Please install CodeQL CLI from: https://github.com/github/codeql-cli-binaries/releases
pause
exit /b 1
)
echo [1/7] Cleaning previous CodeQL databases...
if exist codeql-db-java rmdir /s /q codeql-db-java
if exist codeql-db-python rmdir /s /q codeql-db-python
if exist java-analysis.sarif del /q java-analysis.sarif
if exist python-analysis.sarif del /q python-analysis.sarif
echo Done.
echo.
echo [2/7] Creating Java/Kotlin database (Android)...
echo This may take several minutes...
echo Using Debug build (Release build has compilation errors)...
codeql database create codeql-db-java --language=java-kotlin --command="gradlew.bat clean assembleDebug --no-daemon" --overwrite
if %errorlevel% neq 0 (
echo ERROR: Failed to create Java/Kotlin database
pause
exit /b 1
)
echo Done.
echo.
echo [3/7] Creating Python database (Scripts)...
codeql database create codeql-db-python --language=python --source-root=scripts --overwrite
if %errorlevel% neq 0 (
echo ERROR: Failed to create Python database
pause
exit /b 1
)
echo Done.
echo.
echo [4/6] Downloading CodeQL query packs (first run only)...
codeql pack download codeql/java-queries 2>nul
codeql pack download codeql/python-queries 2>nul
echo Done.
echo.
echo [5/6] Analyzing Java/Kotlin code...
codeql database analyze codeql-db-java codeql/java-queries --format=sarif-latest --output=java-analysis.sarif
if %errorlevel% neq 0 (
echo WARNING: Java/Kotlin analysis completed with errors
)
echo Done.
echo.
echo [6/6] Analyzing Python code...
codeql database analyze codeql-db-python codeql/python-queries --format=sarif-latest --output=python-analysis.sarif
if %errorlevel% neq 0 (
echo WARNING: Python analysis completed with errors
)
echo Done.
echo.
echo [7/7] Summary
echo ===============================================
echo Java/Kotlin results: java-analysis.sarif
echo Python results: python-analysis.sarif
echo.
echo Databases created:
echo - codeql-db-java
echo - codeql-db-python
echo ===============================================
echo.
REM Check if SARIF files exist
if exist java-analysis.sarif (
echo Java/Kotlin analysis: SUCCESS
) else (
echo Java/Kotlin analysis: FAILED
)
if exist python-analysis.sarif (
echo Python analysis: SUCCESS
) else (
echo Python analysis: FAILED
)
echo.
echo Analysis complete. Import SARIF files into your IDE or view with:
echo codeql database analyze --format=text
echo.
pause