codeql/swift/README.md

2.9 KiB

Swift on CodeQL

Warning

The Swift CodeQL package is an experimental and unsupported work in progress.

Building the Swift extractor

First ensure you have Bazel installed, for example with

brew install bazelisk

then from the ql directory run

bazel run //swift:create-extractor-pack    # --cpu=darwin_x86_64 # Uncomment on Arm-based Macs

which will install swift/extractor-pack.

Notice you can run bazel run :create-extractor-pack if you already are in the swift directory.

Using codeql ... --search-path=swift/extractor-pack will then pick up the Swift extractor. You can also use --search-path=., as the extractor pack is mentioned in the root codeql-workspace.yml. Alternatively, you can set up the search path in the per-user CodeQL configuration file .

Code generation

Run

bazel run //swift/codegen

to update generated files. This can be shortened to bazel run codegen if you are in the swift directory.

IDE setup

CLion and the native bazel plugin

You can use CLion with the official IntelliJ Bazel plugin, creating the project from scratch with default options. This is known to have issues on non-Linux platforms.

CMake project

The CMakeLists.txt file allows to load the Swift extractor as a CMake project, which allows integration into a wider variety of IDEs. Building with CMake also creates a compile_commands.json compilation database that can be picked up by even more IDEs. In particular, opening the swift directory in VSCode should work.

Debugging codeql database creation

If you want to debug a specific run of the extractor within an integration test or a complex codeql database create invocation, you can do so using gdbserver or lldb-server.

For example with gdbserver, you can

export CODEQL_EXTRACTOR_SWIFT_RUN_UNDER="gdbserver :1234"
export CODEQL_EXTRACTOR_SWIFT_RUN_UNDER_FILTER="SomeSwiftSource\.swift"  # can be any regex matching extractor args

before starting the database extraction, and when that source is encountered the extractor will be run under a gdbserver instance listening on port 1234. You can then attach to the running debugging server from gdb or your IDE. Please refer to your IDE's instructions for how to set up remote debugging.

In particular for breakpoints to work you might need to setup the following remote path mapping:

Remote Local
swift /absolute/path/to/codeql/swift
bazel-out /absolute/path/to/codeql/bazel-out