Skip to main content

Getting started with the CodeQL CLI

You can use the CodeQL CLI to locally develop, test and run CodeQL queries on software projects.

GitHub CodeQL is licensed on a per-user basis upon installation. You can use CodeQL only for certain tasks under the license restrictions. For more information, see "About the CodeQL CLI."

If you have a GitHub Advanced Security license, you can use CodeQL for automated analysis, continuous integration, and continuous delivery. For more information, see "About GitHub Advanced Security."

About the CodeQL CLI

You can use the CodeQL CLI to run CodeQL processes locally on software projects or to generate code scanning results for upload to GitHub.

Setting up the CodeQL CLI

To get started with the CodeQL CLI, you need to download and set up the CLI so that it can access the tools and libraries required to create and analyze databases.

Preparing your code for CodeQL analysis

You can build a CodeQL database containing the data needed to analyze your code.

Analyzing your code with CodeQL queries

You can run queries against a CodeQL database extracted from a codebase.

Customizing analysis with CodeQL packs

You can use CodeQL packs to run CodeQL queries maintained by other people, or to share CodeQL queries that you've developed.

Uploading CodeQL analysis results to GitHub

You can use the CodeQL CLI to upload CodeQL analysis results to GitHub.