Using the advanced functionality of the CodeQL CLI
You can use the CodeQL CLI to locally develop, test and run CodeQL queries on software projects.
Who can use this feature?
CodeQL is available for the following repository types:
- Public repositories on GitHub.com, see GitHub CodeQL Terms and Conditions
- Organization-owned repositories on GitHub Enterprise Cloud with GitHub Advanced Security enabled
Advanced setup of the CodeQL CLI
You can modify your CodeQL CLI setup to use a local checkout of the CodeQL repository for analysis, set up multiple versions of the CodeQL CLI, and analyze databases you have downloaded from GitHub.
About CodeQL workspaces
CodeQL workspaces allow you to develop and maintain a group of CodeQL packs that depend on each other.
Using custom queries with the CodeQL CLI
You can write your own CodeQL queries to find specific vulnerabilities and errors.
Creating CodeQL query suites
You can create query suites for queries you frequently use in your CodeQL analyses.
Testing custom queries
You can set up tests for your CodeQL queries to ensure that they continue to return the expected results with new releases of the CodeQL CLI.
Testing query help files
You can use the CodeQL CLI to preview your query help files as Markdown and ensure they are valid.
Creating and working with CodeQL packs
You can use CodeQL packs to create, share, depend on, and run CodeQL queries and libraries.
Publishing and using CodeQL packs
You can publish your own CodeQL packs and use packs published by other people.
Specifying command options in a CodeQL configuration file
You can save default command options in a CodeQL configuration file.
Query reference files
You can use query reference files to define the location of a query you want to run in tests.
CodeQL CLI SARIF output
You can output SARIF from the CodeQL CLI and share static analysis results with other systems.
CodeQL CLI CSV output
You can output results from the CodeQL CLI in CSV format to share with other systems.
Extractor options
You can use the CodeQL CLI to run CodeQL processes locally on software projects.
Exit codes
Exit codes signify the status of a command after the CodeQL CLI runs it.