Description
Description:
The current implementation promises to support CodeQL for analysis, but its licensing terms impose restrictions that conflict with our project's open-source distribution policies. To ensure compliance and maintain the flexibility of our tool, CodeQL needs to be removed and replaced with an alternative that aligns with our licensing requirements.
Steps to Reproduce:
- Clone the repository.
- Navigate to the analysis module (
cldk/analysis/java/codeqlin this case). - Encounter conflicts due to CodeQL's licensing restrictions.
Expected Behavior:
The analysis should function without relying on or offering support for CodeQL components until a better solution is found for reconciling with the restrictive licensing. Continued and rich support with codeanalyzer-java will maintained to ensure full compliance with open-source licensing policies.
Actual Behavior:
CodeQL's inclusion imposes legal constraints, limiting redistribution and modification under certain open-source licenses.
Suggested Fix:
- Remove CodeQL as one of the analysis backend until licensing can be resolved.
- Update documentation and code examples accordingly (if applicable).
Environment:
- OS: all supported
- Tool Version: 0.4.0 (and lower)
Additional Context:
Code snippets referencing CodeQL, such as in the CLDK core module, should be refactored. Example:
>>> cldk = CLDK(language="java")
>>> j_analysis = cldk.analysis(
project_path="path/to/project",
analysis_backend="codeql", # This needs to be d
eager=True,
**kwargs
)