CodeQL queries

CodeQL queries are used in code scanning analyses to find problems in source code, including potential security vulnerabilities.

  • About CodeQL queries: CodeQL queries are used to analyze code for issues related to security, correctness, maintainability, and readability.
  • Metadata for CodeQL queries: Metadata tells users important information about CodeQL queries. You must include the correct query metadata in a query to be able to view query results in source code.
  • Query help files: Query help files tell users the purpose of a query, and recommend how to solve the potential problem the query finds.
  • Defining the results of a query: You can control how analysis results are displayed in source code by modifying a query’s select statement.
  • Providing locations in CodeQL queries: CodeQL includes mechanisms for extracting the location of elements in a codebase. Use these mechanisms when writing custom CodeQL queries and libraries to help display information to users.
  • About data flow analysis: Data flow analysis is used to compute the possible values that a variable can hold at various points in a program, determining how those values propagate through the program and where they are used.
  • Creating path queries: You can create path queries to visualize the flow of information through a codebase.
  • Troubleshooting query performance: Improve the performance of your CodeQL queries by following a few simple guidelines.