This version of GitHub Enterprise Server will be discontinued on 2026-03-17. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.

Scan from the command line

Run code scanning from the command line using the CodeQL CLI to configure scans, customize queries, and troubleshoot results.

Setting up the CodeQL CLI

To get started with the CodeQL CLI, you need to download and set up the CLI so that it can access the tools and libraries required to create and analyze databases.

Advanced setup of the CodeQL CLI

You can modify your CodeQL CLI setup to use a local checkout of the CodeQL repository for analysis, set up multiple versions of the CodeQL CLI, and analyze databases you have downloaded from GitHub.

Using custom queries with the CodeQL CLI

You can write your own CodeQL queries to find specific vulnerabilities and errors.

Testing query help files

You can use the CodeQL CLI to preview your query help files as Markdown and ensure they are valid.

Specifying command options in a CodeQL configuration file

You can save default command options in a CodeQL configuration file.

Creating CodeQL CLI database bundles

You can create a database bundle with CodeQL troubleshooting information.