Getting started with the CodeQL for Visual Studio Code extension

The CodeQL extension for Visual Studio Code makes it easy to run a query to find problems in codebases.

Who can use this feature?

GitHub CodeQL is licensed on a per-user basis upon installation. You can use CodeQL only for certain tasks under the license restrictions. For more information, see "About the CodeQL CLI."

If you have a GitHub Advanced Security license, you can use CodeQL for automated analysis, continuous integration, and continuous delivery. For more information, see "About GitHub Advanced Security."

About CodeQL for VS Code

You can write, run, and test CodeQL queries inside Visual Studio Code with the CodeQL extension.

Installing CodeQL for Visual Studio Code

To get started with CodeQL for Visual Studio Code, you need to install and set up the extension.

Managing CodeQL databases

You can work with CodeQL databases using the extension.

Running CodeQL queries

You can run queries on CodeQL databases and view the results in Visual Studio Code.

Exploring data flow with path queries

You can run CodeQL queries in Visual Studio Code to help you track the flow of data through a program, highlighting areas that are potential security vulnerabilities.

Running CodeQL queries at scale with multi-repository variant analysis

You can run CodeQL queries on a large number of repositories on GitHub.com from Visual Studio Code.