how to use `--external` option of `codeql query run` #21050

Lslightly · 2025-12-16T12:27:13Z

Lslightly
Dec 16, 2025

The idea is that I want to add some addition data to codeql database and use these new data as new predicates to enhance the analysis capabilities. I notice the --external option, but I don't know how to use it. So I'm asking here.

Idea: The data can be generated by compiler or other static analysis tools. And they are convertible to CodeQL classes/predicates through user-defined mapping rules. For example, for AST nodes, the location string can be converted to AST node if user-defined adaptor predicates are satisfied. Additional information can be inserted to the added data to avoid conflicts when it is generated by compiler or other static analysis tools.

Take escape analysis in golang as an example. Some variables can be heap allocated decided by compiler. We can dump the definition location, the type and other information about these variables to csv file. When imported by CodeQL, we can define a adaptor using the location string and the type to map csv file to HeapAllocatedVariable class, then we can do more things through CodeQL, like linters or statistical analysis. It's somewhat a problem about fusing the data generated by another extractor.

Issue #9758 also reveals similiar problem I think.

Answered by mbg

Dec 17, 2025

Hi @Lslightly 👋🏻

I notice the --external option, but I don't know how to use it. So I'm asking here.

A relatively minimal example of how to use this feature is the following. In your query, you define the external predicate and use it (named foo here):

external predicate foo(string bar, string baz);

from string a, string b
where foo(a, b)
select a, b

You then create a CSV file with rows for the external predicate, with one column for each parameter. Let's call the following test.csv:

hello, world
goodbye, universe

Now you can run the query with codeql query run path-to-your-query.ql --external=foo=test.csv where foo is the name of the external predicate and test.csv the name of the CS…

View full answer

mbg · 2025-12-17T09:08:37Z

mbg
Dec 17, 2025
Maintainer

Hi @Lslightly 👋🏻

I notice the --external option, but I don't know how to use it. So I'm asking here.

A relatively minimal example of how to use this feature is the following. In your query, you define the external predicate and use it (named foo here):

external predicate foo(string bar, string baz);

from string a, string b
where foo(a, b)
select a, b

You then create a CSV file with rows for the external predicate, with one column for each parameter. Let's call the following test.csv:

hello, world
goodbye, universe

Now you can run the query with codeql query run path-to-your-query.ql --external=foo=test.csv where foo is the name of the external predicate and test.csv the name of the CSV file with the data. With the above examples, this will produce:

|    a    |     b     |
+---------+-----------+
| hello   |  world    |
| goodbye |  universe |

1 reply

Lslightly Dec 17, 2025
Author

Thanks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

how to use `--external` option of `codeql query run` #21050

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 1 comment 1 reply

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

how to use --external option of codeql query run #21050

Uh oh!

Uh oh!

Lslightly Dec 16, 2025

Replies: 1 comment · 1 reply

Uh oh!

mbg Dec 17, 2025 Maintainer

Uh oh!

Lslightly Dec 17, 2025 Author

how to use `--external` option of `codeql query run` #21050

Lslightly
Dec 16, 2025

Replies: 1 comment 1 reply

mbg
Dec 17, 2025
Maintainer

Lslightly Dec 17, 2025
Author