Remove CodeQL backend; introduce analysis_level option

CodeQL is incompatible with open-source distribution (proprietary CLI,
licensed query packs). Replace the using_codeql: bool option with
analysis_level: int (1=symbol table only, 2=+call graph). Remove the
entire codeanalyzer/semantic_analysis/codeql/ module and all CLI flags,
__enter__ setup, and helper methods that depended on it.

Provenance literal updated: "codeql" -> "pycg" in PyCallEdge schema.
CLI flag updated: --codeql/--no-codeql -> -a/--analysis-level.

Signed-off-by: Saurabh Sinha <sinha108@gmail.com>

Author: sinha108

codeanalyzer/__main__.py

@@ -27,9 +27,16 @@ def main(
             case_sensitive=False,
         ),
     ] = OutputFormat.JSON,
-    using_codeql: Annotated[
-        bool, typer.Option("--codeql/--no-codeql", help="Enable CodeQL-based analysis.")
-    ] = False,
+    analysis_level: Annotated[
+        int,
+        typer.Option(
+            "-a",
+            "--analysis-level",
+            help="Analysis depth: 1=symbol table only, 2=+call graph (PyCG+Jedi).",
+            min=1,
+            max=2,
+        ),
+    ] = 1,
     using_ray: Annotated[
         bool,
         typer.Option("--ray/--no-ray", help="Enable Ray for distributed analysis."),
@@ -78,7 +85,7 @@ def main(
         input=input,
         output=output,
         format=format,
-        using_codeql=using_codeql,
+        analysis_level=analysis_level,
         using_ray=using_ray,
         rebuild_analysis=rebuild_analysis,
         skip_tests=skip_tests,
@@ -143,7 +150,7 @@ def _write_output(artifacts, output_dir: Path, format: OutputFormat):
 app = typer.Typer(
     callback=main,
     name="codeanalyzer",
-    help="Static Analysis on Python source code using Jedi, CodeQL and Tree sitter.",
+    help="Static Analysis on Python source code using Jedi, PyCG and Tree sitter.",
     invoke_without_command=True,
     no_args_is_help=True,
     add_completion=False,

codeanalyzer/options/options.py

@@ -14,7 +14,7 @@ class AnalysisOptions:
     input: Path
     output: Optional[Path] = None
     format: OutputFormat = OutputFormat.JSON
-    using_codeql: bool = False
+    analysis_level: int = 1
     using_ray: bool = False
     rebuild_analysis: bool = False
     skip_tests: bool = True

codeanalyzer/schema/py_schema.py

@@ -355,7 +355,7 @@ class PyCallEdge(BaseModel):
     target: str  # callee's PyCallable.signature
     type: Literal["CALL_DEP"] = "CALL_DEP"
     weight: int = 1
-    provenance: List[Literal["jedi", "codeql", "joern"]] = []
+    provenance: List[Literal["jedi", "pycg", "joern"]] = []
 
 
 @builder

codeanalyzer/semantic_analysis/call_graph.py

@@ -173,7 +173,7 @@ def jedi_call_graph_edges(
 
     Edges are coalesced on ``(source, target)``: ``weight`` is the count of
     matching sites. Provenance is always ``["jedi"]``; combine with
-    CodeQL-derived edges via ``merge_edges``.
+    PyCG-derived edges via ``merge_edges``.
     """
     counts: Counter = Counter()
     for caller in iter_callables_in_symbol_table(symbol_table):
@@ -191,7 +191,7 @@ def jedi_call_graph_edges(
 def resolve_unresolved_constructors(symbol_table: Dict[str, PyModule]) -> int:
     """Fill in ``PyCallsite.callee_signature`` for unresolved constructor sites.
 
-    When both Jedi and CodeQL fail to resolve a constructor call (commonly
+    When Jedi fails to resolve a constructor call (commonly
     for classes nested inside functions or methods, where static-analysis
     points-to is weakest), Jedi still flags the site as
     ``is_constructor_call=True`` with ``method_name`` set to the class's
@@ -251,7 +251,7 @@ def merge_edges(*edge_lists: list) -> list:
 
     Edges with the same ``(source, target)`` are coalesced: weights sum,
     provenance is the sorted union. Useful for combining edges produced
-    by different backends (e.g. Jedi + CodeQL).
+    by different backends (e.g. Jedi + PyCG).
     """
     by_key: Dict[Tuple[str, str], PyCallEdge] = {}
     for edges in edge_lists: