Customize code scanning
Learn how to customize code scanning to meet your project's unique security needs by creating and using CodeQL packs and custom queries.
Preparing your code for CodeQL analysis
You can build a CodeQL database containing the data needed to analyze your code.
Analyzing your code with CodeQL queries
You can run queries against a CodeQL database extracted from a codebase.
Uploading CodeQL analysis results to GitHub
You can use the CodeQL CLI to upload CodeQL analysis results to GitHub.
Running CodeQL code scanning in a container
You can run code scanning in a container by ensuring that all processes run in the same container.
Customizing analysis with CodeQL packs
You can use CodeQL packs to run CodeQL queries maintained by other people, or to share CodeQL queries that you've developed.
Creating CodeQL query suites
You can create query suites for queries you frequently use in your CodeQL analyses.
Testing custom queries
You can set up tests for your CodeQL queries to ensure that they continue to return the expected results with new releases of the CodeQL CLI.
Creating and working with CodeQL packs
You can use CodeQL packs to create, share, depend on, and run CodeQL queries and libraries.
Publishing and using CodeQL packs
You can publish your own CodeQL packs and use packs published by other people.