Skip to main content
설명서에 자주 업데이트를 게시하며 이 페이지의 번역이 계속 진행 중일 수 있습니다. 최신 정보는 영어 설명서를 참조하세요.
GitHub AE는 현재 제한된 릴리스에 있습니다.
All products
코드 보안

CodeQL CLI 정보

이 문서의 내용

CodeQL CLI를 사용하여 소프트웨어 프로젝트에서 CodeQL 프로세스를 로컬로 실행할 수 있습니다.

GitHub CodeQL은(는) 설치 시 사용자별로 라이선스가 부여됩니다. 라이선스 제한에 따라 특정 작업에만 CodeQL을(를) 사용할 수 있습니다. 자세한 내용은 "CodeQL CLI 정보"을 참조하세요.

GitHub Enterprise 계정 및 GitHub Advanced Security 라이선스가 있는 경우 자동화된 분석, 연속 통합 및 지속적인 업데이트에 CodeQL를 사용할 수 있습니다. 영업 팀에 문의하여 엔터프라이즈 계정을 만들 수 있습니다. 자세한 내용은 "GitHub Advanced Security 정보"을 참조하세요.

Note: This article was migrated from the CodeQL documentation website in January 2023.

About the CodeQL CLI

Software developers and security researchers can secure their code using the CodeQL CLI.

The CodeQL CLI is a command-line tool used to run CodeQL processes locally on open source software projects. You can use the CodeQL CLI to:

  • Run CodeQL analyses using queries provided by GitHub engineers and the open source community
  • Create CodeQL databases to use in the CodeQL for Visual Studio Code
  • Develop and test custom CodeQL queries to use in your own analyses

For information about using the CodeQL CLI, see “Getting started with the CodeQL CLI.”

About the GitHub CodeQL license

License notice: If you don’t have a GitHub Enterprise license then, by installing this product, you are agreeing to the GitHub CodeQL Terms and Conditions.

GitHub CodeQL is licensed on a per-user basis. Under the license restrictions, you can use CodeQL to perform the following tasks:

  • To perform academic research.
  • To demonstrate the software.
  • To test CodeQL queries that are released under an OSI-approved License to confirm that new versions of those queries continue to find the right vulnerabilities.

Where “OSI-approved License” means an Open Source Initiative (OSI)-approved open source software license.

If you are working with an Open Source Codebase (that is, a codebase that is released under an OSI-approved License) you can also use CodeQL for the following tasks:

  • To perform analysis of the Open Source Codebase.
  • If the Open Source Codebase is hosted and maintained on GitHub.com, to generate CodeQL databases for or during automated analysis, continuous integration, or continuous delivery.

CodeQL can’t be used for automated analysis, continuous integration or continuous delivery, whether as part of normal software engineering processes or otherwise, except in the express cases set forth herein. For these uses, contact the sales team.

CodeQL CLI commands

The CodeQL CLI includes commands to create and analyze CodeQL databases from the command line. To run a command, use:

codeql [command] [subcommand]

To view the reference documentation for a command, add the --help flag, or visit the "CodeQL CLI manual."