Semmle 1.20
Skip to end of metadata
Go to start of metadata

On this page:

Configuration files


project file

Semmle Core: defines the language, checkout commands, build commands and snapshot retention policy for a project. For Team Insight analysis, the build elements of this file control whether: light analysis is performed; or whether the code base is built and a snapshot database created for full Team Insight analysis.

Query suites

Semmle Core: used to define a logical group of queries in order to simplify query management during analysis.

snapshot file

Semmle Core: configuration file created automatically when a snapshot is added a the project using the addSnapshot or addLatestSnapshot tool. It includes a definition of where the source code for the snapshot is stored and the commands required to build this code (copied from the project file or defined on the command line at the time of creation). The information is used when the snapshot is built and the snapshot is indexed to create a snapshot database. In normal operation there is no reason to edit the content of the snapshot file.




Semmle Core: used to create a snapshot for the latest version of your code base. The checkout commands used to create the snapshot are defined by the project configuration file or entered on the command line.


Semmle Core: used to create a snapshot for a historic version of the code base. The checkout commands used to create the snapshot are defined by the project configuration file or entered on the command line.


Semmle Core: optional command used to analyze a Semmle snapshot and generate data for display in a code review tool.


Semmle Core: this command guides users through the process of creating a project configuration file for a new code base. Users may also choose to add a snapshot to the project, run a set of analyses, and export the snapshot.


Semmle Core: command may be used to build and index a single snapshot of source code for a project. When the tool has finished the code index is ready for analysis. The build commands used are defined by the snapshot configuration file (copied from the project configuration on creation of the snapshot).


Semmle Core: this command enables you to create a new project by copying the project configuration file for an existing project or a predefined template. When the command finishes, you need to edit the new project configuration file, configure the checkout command and verify that the build steps are correct. If you want to create an entirely new project then you should use either the insightConfig command or the bootstrap tool.


QL plugins and extensions: command used to export a snapshot generated using the QL command line tools for use in the QL plugins and extensions. The resulting snapshot can be imported into the QL plugins and extensions and used to write new queries.


Semmle Core: optional command used to process a set of queries and produce an output file describing the metadata associated with each query.


Semmle Core: used to provide a quick assessment of the number of lines of code and comment in a source code directory.


Semmle Core: command may be used to compile new or updated query files to speed up future dashboard generation. The buildDashboard command automatically calls this before analyzing snapshots. All queries in the specified directory are reviewed and all new or updated queries are compiled (creating a .qlo file for each query).


Semmle Core: command provides a simple way to run regression tests for custom QL queries. The tool runs QL queries against source code that you provide, and it checks that the output of each query matches the expected results.


Semmle Core: run queries on a Semmle database from the command line. Particularly useful as part of a script to generate CSV reports or if you want to test a new query for a system before you add it to the dashboard configuration.


Semmle Core: used to report details of the current Semmle Core including the version and values of the SEMMLE_DIST, SEMMLE_HOME, and SEMMLE_DATA environment variables.


Semmle Core: this tool enables you to update the external data stored in a snapshot database from the data stored in the external/data subdirectory of the snapshot directory without rebuilding the entire snapshot database.


Semmle Core: can be used to upgrade snapshot databases that were created with an earlier version of Semmle to enable you to analyze them using the latest version. The database schema of the snapshot databases is updated so that it is compatible with current version of Semmle analysis.

Results files


SARIF results file

Semmle Core: optional results file format generated by analyzeSnapshot.

Other reference topics


Environment variables

Semmle Core: used to simplify build commands and can be customized to override the default locations and behavior of Semmle Core. See Semmle variables for configuration variables.

Query directives

Semmle Core: used in a dashboard  Configuration or query suite file to override the default properties of a query or to provide additional information for the calculation.

Semmle variables

Semmle variables are used in configuration files to simplify the configuration of Semmle analysis and to reduce the use of absolute paths (which make it difficult to relocate a project). Semmle variables can be used almost everywhere in the various configuration files.

  • No labels