Update facade to explore use_codeql by default.

rahlk · rahlk · commit 8d50ade296bd · 2026-05-17T14:39:34.000-04:00
Signed-off-by: Rahul Krishna &lt;rkrsn@ibm.com&gt;
diff --git a/README.md b/README.md
@@ -204,15 +204,22 @@ Each language has a dedicated analysis backend implemented under `cldk.analysis.
 
 #### Python
 - **Backend:** `cldk.analysis.python`  
-- **Tools:** `codeanalyzer-python` (Jedi + optional CodeQL), Tree-sitter for source-level parsing  
+- **Tools:** `codeanalyzer-python` (Jedi + CodeQL, default on), Tree-sitter for source-level parsing  
 - **Capabilities:** Symbol table, call graph, class/method resolution, comments/docstrings
 
-> **Note — analysis cache:** The first Python analysis run creates a
-> `.codeanalyzer/` directory in the project under analysis. It holds the
-> backend's virtualenv, the CodeQL database (when enabled), and the cached
-> `analysis.json`. It can be large and is environment-specific, so **add
-> `.codeanalyzer/` (and `.cldk-cache/` if you persist analysis JSON there)
-> to your `.gitignore`.** Both are already ignored in this repo.
+> **Note — analysis cache:** Analysis artifacts are cached under `~/.cldk`
+> (override with `$CLDK_CACHE_DIR`): the backend virtualenv and CodeQL
+> database under `~/.cldk/venvs/<dep_hash>/`, and `analysis.json` under
+> `~/.cldk/cache/<key>/`. **CodeQL is enabled by default**
+> (`use_codeql=True`), so the first analysis of a project builds a CodeQL
+> database and provisions the CodeQL CLI — expect a slow cold run; subsequent
+> runs on the same source tree are cache hits. Pass `use_codeql=False` for
+> Jedi-only analysis. The CodeQL flag is part of the analysis cache key, so
+> toggling it — or upgrading from a version that defaulted it off — triggers
+> a **one-time** rebuild under a new key (no stale data is served). If you
+> instead point `analysis_backend_path` / `analysis_json_path` inside a
+> project, add those directories to your `.gitignore` — they are large and
+> environment-specific.
 
 #### C
 - **Backend:** `cldk.analysis.c`  
diff --git a/cldk/analysis/python/codeanalyzer/codeanalyzer.py b/cldk/analysis/python/codeanalyzer/codeanalyzer.py
@@ -82,7 +82,7 @@ def __init__(
         eager_analysis: bool,
         analysis_backend_path: Union[str, Path, None] = None,
         target_files: List[str] | None = None,
-        use_codeql: bool = False,
+        use_codeql: bool = True,
     ) -> None:
         if project_dir is None:
             raise ValueError("project_dir is required for Python analysis.")
diff --git a/cldk/analysis/python/python_analysis.py b/cldk/analysis/python/python_analysis.py
@@ -64,7 +64,7 @@ def __init__(
         analysis_level: str,
         target_files: List[str] | None,
         eager_analysis: bool,
-        use_codeql: bool = False,
+        use_codeql: bool = True,
     ) -> None:
         if project_dir is None:
             raise ValueError(
diff --git a/cldk/core.py b/cldk/core.py
@@ -61,6 +61,7 @@ def analysis(
         target_files: List[str] | None = None,
         analysis_backend_path: str | None = None,
         analysis_json_path: str | Path = None,
+        use_codeql: bool = True,
     ) -> JavaAnalysis | PythonAnalysis | CAnalysis:
         """Initialize a language-specific analysis façade.
 
@@ -72,6 +73,9 @@ def analysis(
             target_files (list[str] | None): Files to constrain analysis (optional).
             analysis_backend_path (str | None): Path to the analysis backend.
             analysis_json_path (str | Path | None): Path to persist analysis database.
+            use_codeql (bool): Python only, default True. Augments Jedi-resolved
+                call edges with CodeQL-resolved edges; set False for a faster,
+                Jedi-only analysis. Ignored for other languages.
 
         Returns:
             JavaAnalysis | PythonAnalysis | CAnalysis: Initialized analysis façade for the chosen language.
@@ -117,6 +121,7 @@ def analysis(
                 analysis_json_path=analysis_json_path,
                 target_files=target_files,
                 eager_analysis=eager,
+                use_codeql=use_codeql,
             )
         elif self.language == "c":
             return CAnalysis(project_dir=project_path)
diff --git a/tests/analysis/python/test_python_analysis.py b/tests/analysis/python/test_python_analysis.py
@@ -35,3 +35,28 @@ def test_python_analysis_rejects_source_code_mode():
 def test_python_analysis_requires_inputs():
     with pytest.raises(CldkInitializationException):
         CLDK(language="python").analysis()
+
+
+def test_use_codeql_forwarded_through_facade(monkeypatch, tmp_path):
+    """Regression: CLDK.analysis() must forward use_codeql to the backend.
+
+    Previously the façade dropped the flag, making CodeQL-augmented edges
+    unreachable through the public API (only Jedi-resolved edges returned).
+    """
+    captured = {}
+
+    class FakeBackend:
+        def __init__(self, **kwargs):
+            captured.update(kwargs)
+
+    monkeypatch.setattr(
+        "cldk.analysis.python.python_analysis.PyCodeanalyzer", FakeBackend
+    )
+
+    CLDK(language="python").analysis(project_path=tmp_path, use_codeql=False)
+    assert captured["use_codeql"] is False
+
+    # CodeQL is the default; the façade must not silently drop it.
+    captured.clear()
+    CLDK(language="python").analysis(project_path=tmp_path)
+    assert captured["use_codeql"] is True
