CodeQL being very slow when passed --command parameter

[amir734jj]

I am trying to run CodeQL on ServiceFabric codebase and its being very slow when I pass --command. My understanding is when we pass --command CodQL invokes this command at the source code directory and analyzes the output. Running sfbuild -release takes 2 hours and running it as part of CodeQL took ~48 hours. I am wondering why it's being slow? is there a way to run "sfbuild -release" separately and then pass the output to CodeQL afterwards? thank you.

codeql database create --language=cpp --source-root=C:\WindowsFabric testcodeqldb --command="sfbuild -release"

[jketema]

Hi @amir734jj,

48 hrs is excessive. We generally expect around a 4x slowdown (so around 8hrs in your case), so there's clearly some issue somewhere and we would need to see the log files at the very least. It's not possible to run "sfbuild -release" separately and then pass the output to CodeQL.

Since you seem to be working for Microsoft, can you please escalate this through internal channels. That will make it easier to share logs and hopefully diagnose the problem.

[amir734jj]

I see adding --build-mode none option was recently implemented for Java. I am wondering when do we get this for cpp?

https://github.com/github/codeql-cli-binaries/blob/v2.16.5/CHANGELOG.md#release-2165-2024-03-21

[jketema]

I am wondering when do we get this for cpp?

This is currently not on the roadmap. For the roadmap see: https://github.com/orgs/github/projects/4247/views/2?filterQuery=codeql