Skip to main content

This version of GitHub Enterprise Server was discontinued on 2024-03-26. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.

Getting started with the CodeQL CLI

You can use the CodeQL CLI to locally develop, test and run CodeQL queries on software projects.

Who can use this feature?

GitHub CodeQL is licensed on a per-user basis upon installation. You can use CodeQL only for certain tasks under the license restrictions. For more information, see "About the CodeQL CLI."

If you have a GitHub Advanced Security license, you can use CodeQL for automated analysis, continuous integration, and continuous delivery. For more information, see "About GitHub Advanced Security."

About the CodeQL CLI

You can use the CodeQL CLI to run CodeQL processes locally on software projects or to generate code scanning results for upload to GitHub Enterprise Server.

Setting up the CodeQL CLI

To get started with the CodeQL CLI, you need to download and set up the CLI so that it can access the tools and libraries required to create and analyze databases.

Preparing your code for CodeQL analysis

You can build a CodeQL database containing the data needed to analyze your code.

Analyzing your code with CodeQL queries

You can run queries against a CodeQL database extracted from a codebase.

Uploading CodeQL analysis results to GitHub

You can use the CodeQL CLI to upload CodeQL analysis results to GitHub Enterprise Server.

Customizing analysis with CodeQL packs

You can use CodeQL packs to run CodeQL queries maintained by other people, or to share CodeQL queries that you've developed.