Using the CodeQL CLI¶

The CodeQL command-line interface (CLI) is used to create databases for security research. You can query CodeQL databases directly from the command line or using the Visual Studio Code extension.

See the following links to learn how to get set up and run CodeQL commands:

About the CodeQL CLI: Software developers and security researchers can secure their code using the CodeQL CLI.
Getting started with the CodeQL CLI: Set up the CodeQL CLI so that you can run CodeQL processes from your command line.
Creating CodeQL databases: Create relational representations of source code that can be queried like any other database.
Extractor options: Set options for the behavior of extractors that create CodeQL databases.
Analyzing CodeQL databases with the CodeQL CLI: Analyze your code using queries written in a specially-designed, object-oriented query language.
Using custom queries with the CodeQL CLI: Use custom queries to extend your analysis or highlight errors that are specific to a particular codebase.
Creating CodeQL query suites: Define query suite definitions for groups of frequently used queries.
Testing custom queries: Set up regression testing of custom queries to ensure that they behave as expected in your analysis.
Testing query help files: Test query help files by rendering them as markdown to ensure they are valid before adding them to the CodeQL repository or using them in code scanning.
Creating and working with CodeQL packs: Create, share, depend on, and run CodeQL queries and libraries.
Publishing and using CodeQL packs: Publish your own or use others CodeQL packs for code scanning.
Specifying command options in a CodeQL configuration file: You can save default or frequently used options for your commands in a per-user configuration file.