Using the CodeQL CLI¶

The CodeQL command-line interface (CLI) is used to create databases for security research. You can query CodeQL databases directly from the command line or using the Visual Studio Code extension.

See the following links to learn how to get set up and run CodeQL commands:

About the CodeQL CLI: Software developers and security researchers can secure their code using the CodeQL CLI.
Getting started with the CodeQL CLI: Set up the CodeQL CLI so that you can run CodeQL processes from your command line.
Creating CodeQL databases: Create relational representations of source code that can be queried like any other database.
Analyzing CodeQL databases with the CodeQL CLI: Analyze your code using queries written in a specially-designed, object-oriented query language.
Upgrading CodeQL databases: Upgrade your databases so that they can be analyzed using the most up to date CodeQL products.
Using custom queries with the CodeQL CLI: Use custom queries to extend your analysis or highlight errors that are specific to a particular codebase.
Creating CodeQL query suites: Define query suite definitions for groups of frequently used queries.
Testing custom queries: Set up regression testing of custom queries to ensure that they behave as expected in your analysis.
Testing query help files: Test query help files by rendering them as markdown to ensure they are valid before adding them to the CodeQL repository or using them in code scanning.
Specifying command options in a CodeQL configuration file: You can save default or frequently used options for your commands in a per-user configuration file.