CodeQL tools

GitHub provides the CodeQL command-line interface and CodeQL for Visual Studio Code for performing CodeQL analysis on open source codebases.

CodeQL command-line interface

The CodeQL command-line interface (CLI) is primarily used to create databases for security research. You can also query CodeQL databases directly from the command line or using the Visual Studio Code extension. For more information, see “CodeQL CLI.”

CodeQL for Visual Studio Code

You can analyze CodeQL databases in Visual Studio Code using the CodeQL extension, which provides an enhanced environment for writing and running custom queries and viewing the results. For more information, see “About CodeQL for Visual Studio Code.”