LGTM Enterprise 1.23.1

Using upload analysis

Upload analysis mode is for codebases that you can't build, or don't want to build, using the LGTM worker hosts.


When you add a project in upload analysis mode, LGTM contacts the repository only for the project name and permissions. It doesn't look for commits to analyze, instead it waits for you to upload externally-built CodeQL databases and analyzes them. The analysis mode applies to all languages in the project.

As with sparse analysis mode, the resulting project has no project history, so users won't see some of the views that are available for projects in the default, full analysis mode.

Enabling upload analysis

You can convert existing projects to upload analysis mode using the Analysis settings tab for the project. However, it's more usual to create a project in upload analysis mode as follows:

  1. Generate a CodeQL database for each language you want to analyze by building the codebase using the CodeQL command-line interface on your existing infrastructure. For details, see Preparing CodeQL databases to use with LGTM Enterprise.
  2. Create an upload analysis mode project for the codebase using the API. For details, see Adding a project in upload analysis mode.
  3. Upload the database(s) to LGTM using the API. For details, see Adding externally-built CodeQL databases to LGTM.
This workflow uses API methods that require access tokens with administrator-only scopes.

Maintaining a project in upload analysis mode

LGTM automatically updates results for projects in full and sparse analysis mode. However, you must upload new databases for projects in upload analysis mode when you want fresh results. You can do this as often, or as infrequently, as you wish. For more information, see Adding externally-built CodeQL databases to LGTM.

When you upgrade LGTM Enterprise, externally-built databases, created using older versions of the CodeQL CLI, will be upgraded so that they are compatible with your version of LGTM.

More information

For details, see: