Skip to main content

This version of GitHub Enterprise Server was discontinued on 2023-09-25. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.

Using the advanced functionality of the CodeQL CLI

You can use the CodeQL CLI to locally develop, test and run CodeQL queries on software projects.

GitHub CodeQL is licensed on a per-user basis upon installation. You can use CodeQL only for certain tasks under the license restrictions. For more information, see "About the CodeQL CLI."

If you have a GitHub Advanced Security license, you can use CodeQL for automated analysis, continuous integration, and continuous delivery. For more information, see "About GitHub Advanced Security."

Advanced setup of the CodeQL CLI

You can modify your CodeQL CLI setup to use a local checkout of the CodeQL repository for analysis, set up multiple versions of the CodeQL CLI, and analyze databases you have downloaded from

Using custom queries with the CodeQL CLI

You can write your own CodeQL queries to find specific vulnerabilities and errors.

Creating CodeQL query suites

You can create query suites for queries you frequently use in your CodeQL analyses.

Testing query help files

You can use the CodeQL CLI to preview your query help files as Markdown and ensure they are valid.

Specifying command options in a CodeQL configuration file

You can save default command options in a CodeQL configuration file.

Query reference files

You can use query reference files to define the location of a query you want to run in tests.

CodeQL CLI SARIF output

You can output SARIF from the CodeQL CLI and share static analysis results with other systems.

CodeQL CLI CSV output

You can output results from the CodeQL CLI in CSV format to share with other systems.

Extractor options

You can use the CodeQL CLI to run CodeQL processes locally on software projects.

Exit codes

Exit codes signify the status of a command after the CodeQL CLI runs it.