Scan from the command line
Run code scanning from the command line using the CodeQL CLI to configure scans, customize queries, and troubleshoot results.
Setting up the CodeQL CLI
To get started with the CodeQL CLI, you need to download and set up the CLI so that it can access the tools and libraries required to create and analyze databases.
Writing and sharing custom queries for the CodeQL CLI
You can write your own CodeQL queries to find specific vulnerabilities and errors.
Testing custom queries
Verify your custom CodeQL queries and catch breaking changes before they affect your code scanning results following new releases of the CodeQL CLI.
Testing query help files
You can use the CodeQL CLI to preview your query help files as Markdown and ensure they are valid.
Downloading CodeQL databases from GitHub
Expand the coverage of the CodeQL CLI by adding ready-made databases.
Checking out the CodeQL CLI source code
Set up the CodeQL CLI directly from the source code.
Specifying command options in a CodeQL configuration file
Save time by adding your frequently used command options and custom CodeQL packs to a CodeQL configuration file.
Creating CodeQL CLI database bundles
You can create a database bundle with CodeQL troubleshooting information.