Which tool is used to generate a database representation of your codebase?

Generating a CodeQL database, the structured semantic representation of your codebase that queries rely on, is done with the CodeQL CLI. You run a command like codeql database create for your language and project, and the CLI activates the language’s extractors to read your code, capture facts (such as definitions, references, types, and call graphs), and store them in the database. This database is what CodeQL analyzes when you run queries. SARIF files are just a standardized format for reporting analysis results, not for creating the database. Autobuild is an optional feature that can automate the build steps during database creation for languages that need compilation, but the actual tool you use to generate the database is the CodeQL CLI. Extractors are the internal components that perform the extraction during database creation, accessed via the CLI rather than used directly as a standalone tool.