{"id":42132125,"url":"https://github.com/tweag/codeql-wrapper","last_synced_at":"2026-02-03T10:35:44.137Z","repository":{"id":309930635,"uuid":"1013930436","full_name":"tweag/codeql-wrapper","owner":"tweag","description":"A simple solution to run codeql anywhere","archived":false,"fork":false,"pushed_at":"2025-11-18T10:40:01.000Z","size":1127,"stargazers_count":3,"open_issues_count":9,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-27T00:05:04.236Z","etag":null,"topics":["codeql","python"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tweag.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-07-04T18:00:45.000Z","updated_at":"2025-09-17T18:52:24.000Z","dependencies_parsed_at":"2025-08-14T17:27:19.196Z","dependency_job_id":"faf18592-d651-4f54-8b08-33f7d17692d4","html_url":"https://github.com/tweag/codeql-wrapper","commit_stats":null,"previous_names":["tweag/codeql-wrapper"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/tweag/codeql-wrapper","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tweag%2Fcodeql-wrapper","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tweag%2Fcodeql-wrapper/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tweag%2Fcodeql-wrapper/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tweag%2Fcodeql-wrapper/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tweag","download_url":"https://codeload.github.com/tweag/codeql-wrapper/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tweag%2Fcodeql-wrapper/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29041666,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-03T10:09:22.136Z","status":"ssl_error","status_checked_at":"2026-02-03T10:09:16.814Z","response_time":96,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["codeql","python"],"created_at":"2026-01-26T16:00:25.889Z","updated_at":"2026-02-03T10:35:44.132Z","avatar_url":"https://github.com/tweag.png","language":"Python","readme":"# CodeQL Wrapper\n\n\u003cdiv align=\"center\"\u003e\n\n[![Lint](https://github.com/tweag/codeql-wrapper/actions/workflows/lint.yml/badge.svg)](https://github.com/tweag/codeql-wrapper/actions/workflows/lint.yml)\n[![Build](https://github.com/tweag/codeql-wrapper/actions/workflows/build.yml/badge.svg)](https://github.com/tweag/codeql-wrapper/actions/workflows/build.yml)\n[![PyPI version](https://badge.fury.io/py/codeql-wrapper.svg)](https://badge.fury.io/py/codeql-wrapper)\n[![Python versions](https://img.shields.io/pypi/pyversions/codeql-wrapper.svg)](https://pypi.org/project/codeql-wrapper/)\n[![Documentation](https://img.shields.io/badge/docs-available-brightgreen.svg)](https://tweag.github.io/codeql-wrapper/)\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n\n\u003c/div\u003e\n\n***\n\n\u003e **A universal Python CLI wrapper for running CodeQL analysis seamlessly across any project architecture and CI/CD platform.**\n\n**CodeQL Wrapper** simplifies security analysis by providing a unified interface for CodeQL across monorepos, single repositories, and diverse CI/CD environments including Jenkins, GitHub Actions, Harness, Azure DevOps, and more.\n\n## Features\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd width=\"50%\" valign=top\u003e\n\n**Universal Support**\\\nWorks with both monorepos and single repositories\n\n**CI/CD Agnostic**\\\nSeamless integration across all major CI/CD platforms\n\n**Smart Language Detection**\\\nAutomatically detects and analyzes multiple programming languages\n\n**SARIF Integration**\\\nBuilt-in support for SARIF upload to GitHub Advanced Security\n\n\u003c/td\u003e\n\u003ctd width=\"50%\" valign=top\u003e\n\n**Performance Optimized**\\\nParallel processing and intelligent resource management\n\n**Auto-Installation**\\\nAutomatically downloads and manages CodeQL CLI\n\n**Flexible Configuration**\\\nJSON-based configuration for complex project structures\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n## Prerequisites\n\n| Requirement | Version/Details |\n|-------------|-----------------|\n| **Python** | 3.9 or higher |\n| **Git** | For repository analysis |\n| **GitHub Token** | Required for SARIF upload functionality |\n\n***\n\n## Quick Start\n\n### Installation\n\nInstall CodeQL Wrapper from PyPI:\n\n```bash\npip install codeql-wrapper\n```\n\n### Basic Usage\n\n#### Single Repository Analysis\n\nAnalyze a single repository with automatic language detection:\n\n```bash\ncodeql-wrapper analyze /path/to/repository\n```\n\n#### Monorepo Analysis\n\nAnalyze all projects in a monorepo \"using build-mode none\" and upload results to GitHub Advanced Security:\n\n```bash\ncodeql-wrapper analyze /path/to/monorepo --monorepo --upload-sarif\n```\n\n#### Targeted Analysis\n\nAnalyze only projects with changes (perfect for CI/CD):\n\n```bash\ncodeql-wrapper analyze /path/to/repo --monorepo --only-changed-files --upload-sarif\n```\n\n\u003e **Note**: Ensure your `GITHUB_TOKEN` environment variable is set for SARIF upload functionality.\n\n***\n\n## Advanced Configuration\n\nFor complex monorepo setups, create a `.codeql.json` configuration file in your repository root:\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eClick to view example configuration\u003c/strong\u003e\u003c/summary\u003e\n\n```json\n{\n  \"projects\": [\n    {\n      \"path\": \"./monorepo/project-java-1\",\n      \"build-mode\": \"manual\",\n      \"build-script\": \"./build/project-java-1.sh\",\n      \"queries\": [\"java-security-extended\"],\n      \"language\": \"java\"\n    },\n    {\n      \"path\": \"./monorepo/project-java-1\", \n      \"language\": \"javascript\"\n    },\n    {\n      \"path\": \"./monorepo/project-python-1\",\n      \"build-mode\": \"none\"\n    },\n    {\n      \"path\": \"./monorepo/project-python-javascript-cpp\",\n      \"build-mode\": \"none\",\n      \"language\": \"javascript\"\n    }\n  ]\n}\n```\n\n\u003c/details\u003e\n\n### Configuration Options\n\n| Option | Description | Values |\n|--------|-------------|---------|\n| `path` | Relative path to the project | Any valid path |\n| `build-mode` | How to build the project (default=none) | `none`, `manual`, `autobuild` |\n| `build-script` | Custom build script path | Path to executable script |\n| `queries` | CodeQL query suites to run | Array of query suite names |\n| `language` | Target language (default=auto-detect) | Any supported language |\n\n***\n\n## CI/CD Integration\n\n| Platform | Status |\n|----------|--------|\n| **GitHub Actions** | ✅ Supported |\n| **Harness** | ✅ Supported |\n| **Circle CI** | ✅ Supported |\n| **Azure Pipelines** | ✅ Supported |\n| **Jenkins** | ✅ Supported |\n\n**Examples and implementation guides available at:**\\\n\u003chttps://github.com/tweag/codeql-wrapper-pipelines\u003e\n\n***\n\n## Documentation\n\n**Complete documentation is available at:**\\\n\u003chttps://tweag.github.io/codeql-wrapper\u003e\n\n***\n\n## Contributing\n\nWe welcome contributions! Please see the [contributing guidelines](CONTRIBUTING.md) for more information.\n\n***\n\n## License\n\nThis project is licensed under the **MIT License** - see the [LICENSE](LICENSE) file for details.\n\n***\n\n\u003cdiv align=\"center\"\u003e\n\n**Made with ❤️ by the Modus Create team**\n\n\u003c/div\u003e\n","funding_links":[],"categories":["Tooling \u0026 Environment"],"sub_categories":["CodeQL CLI Tooling"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftweag%2Fcodeql-wrapper","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftweag%2Fcodeql-wrapper","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftweag%2Fcodeql-wrapper/lists"}