Skip to content

Upgrade to codeanalyzer-python 0.3.0: CodeQL dropped (PyCG), use_codeql/using_codeql removed #185

Description

@rahlk

Describe the bug

CLDK pins codeanalyzer-python==0.2.0, but the latest release is 0.3.0, and upgrading is not a drop-in pin bump — it is a breaking change CLDK does not yet handle.

In codeanalyzer-python 0.3.0 the analyzer dropped CodeQL and switched call-graph construction to PyCG (new pycg_* options and a pycg dependency). As part of that, AnalysisOptions removed the using_codeql keyword. CLDK's in-process backend still passes it:

# cldk/analysis/python/codeanalyzer/codeanalyzer.py
options = AnalysisOptions(
    ...
    using_codeql=self.use_codeql,   # <-- removed in 0.3.0
    using_ray=self.use_ray,
)

so any real in-process Python analysis raises:

TypeError: AnalysisOptions.__init__() got an unexpected keyword argument 'using_codeql'

To Reproduce

  1. Pin codeanalyzer-python==0.3.0 and uv sync.
  2. Run any in-process Python analysis, e.g. CLDK.python(project_path=...).get_methods().
  3. Observe the TypeError from AnalysisOptions during backend init.

Expected behavior

CLDK works against codeanalyzer-python 0.3.0. Because CodeQL no longer exists upstream, CLDK's use_codeql knob has no backing implementation and must be retired. The migration spans CLDK's public API, not just the one call site:

  • cldk/analysis/python/codeanalyzer/codeanalyzer.pyPyCodeanalyzer(use_codeql=...) and the AnalysisOptions(using_codeql=...) call.
  • cldk/analysis/python/python_analysis.py — facade reads/forwards use_codeql.
  • cldk/core.pyCLDK.python(use_codeql=True) public parameter.
  • cldk/analysis/commons/backend_config.pyPyCodeAnalyzerConfig.use_codeql: bool = True.
  • tests/analysis/python/test_python_analysis.pytest_use_codeql_forwarded_through_facade.
  • tests/analysis/python/test_python_neo4j_backend.py — fixture passes using_codeql=False to AnalysisOptions.

CodeQL context (why this is breaking, not cosmetic)

CodeQL was an optional call-graph enhancer in CLDK: with use_codeql=True (the historical default) the Python backend built a CodeQL database to resolve more inter-procedural edges than Jedi alone. 0.3.0 replaces that path entirely with PyCG, so:

  • The use_codeql toggle no longer maps to anything in the analyzer.
  • Call-graph results will differ (PyCG vs CodeQL-augmented Jedi) — a behavior change for existing users, independent of the API break.
  • Retiring use_codeql from CLDK's surface is itself a breaking change to CLDK's API, so this lands as a breaking/minor CLDK release with a clear deprecation/removal path and a CHANGELOG note.

Additional context

TypeScript is unaffected — codeanalyzer-typescript is already at the latest (0.4.3). Tracking the implementation on feat/upgrade-to-codeanalyzer-python-0.3.0.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions