CINXE.COM

CodeQL documentation

<!DOCTYPE html> <html lang="en"> <head> <title>CodeQL documentation</title> <meta name="viewport" content="width=device-width, initial-scale=1" /> <link rel="stylesheet" href="_static/primer.css" /> <link rel="shortcut icon" href="_static/favicon.ico"/> </head> <body> <div class="Header"> <div class="Header-item--full"> <a href="index.html" class="Header-link f2 d-flex flex-items-center"> <!-- <%= octicon "mark-github", class: "mr-2", height: 32 %> --> <svg height="32" class="octicon octicon-mark-github mr-2" viewBox="0 0 16 16" version="1.1" width="32" aria-hidden="true"> <path fill-rule="evenodd" d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0 0 16 8c0-4.42-3.58-8-8-8z"> </path> </svg> <span class="hide-sm">CodeQL documentation</span> </a> </div> <div class="Header-item hide-sm hide-md"> <script src="https://addsearch.com/js/?key=93b4d287e2fc079a4089412b669785d5&categories=!0xhelp.semmle.com,0xcodeql.github.com,1xdocs,1xcodeql-query-help,1xcodeql-standard-libraries"></script> </div> <div class="Header-item"> <details class="dropdown details-reset details-overlay d-inline-block"> <summary class="btn bg-gray-dark text-white border" aria-haspopup="true"> CodeQL resources <div class="dropdown-caret"></div> </summary> <ul class="dropdown-menu dropdown-menu-se dropdown-menu-dark"> <li><a class="dropdown-item" href="codeql-overview">CodeQL overview</a></li> <li class="dropdown-divider" role="separator"></li> <div class="dropdown-header"> CodeQL guides </div> <li><a class="dropdown-item" href="writing-codeql-queries">Writing CodeQL queries</a></li> <li><a class="dropdown-item" href="codeql-language-guides">CodeQL language guides</a> <li class="dropdown-divider" role="separator"></li> <div class="dropdown-header"> Reference docs </div> <li><a class="dropdown-item" href="ql-language-reference/">QL language reference</a> <li><a class="dropdown-item" href="../codeql-standard-libraries">CodeQL standard-libraries</a> <li><a class="dropdown-item" href="../codeql-query-help">CodeQL query help</a> <li class="dropdown-divider" role="separator"></li> <div class="dropdown-header"> Source files </div> <li><a class="dropdown-item" href="https://github.com/github/codeql">CodeQL repository</a> <li class="dropdown-divider" role="separator"></li> <div class="dropdown-header"> Academic </div> <li><a class="dropdown-item" href="../publications">QL publications</a> </ul> </details> </div> </div> <article class="pb-6" style="min-height: calc(100vh - 68px);"> <div class="blankslate"> <img src="https://ghicons.github.com/assets/images/blue/svg/Code%20QL.svg" class="mb-3" /> <h1>CodeQL documentation</h1> <p class="f2">CodeQL enables you to query code as though it were data. Write a query to find all variants of a vulnerability, eradicating it forever. Then share your query to help others do the same.</p> </div> <div class="d-flex flex-column flex-md-row flex-justify-center"> <div class="Box col-lg-5 col-sm-12 border-0"> <div class="Box-header border-0 bg-white"> <h2 class="Box-title text-mono f2 text-center"> CODEQL RELEASE INFORMATION </h2> </div> <div class="Box-body border-bottom-0"> <div class="Subhead border-0"> <a href="codeql-overview/supported-languages-and-frameworks/"> <div class="Subhead-heading f4 text-center">Supported languages and frameworks</div> </a> <div class="Subhead-description">View the languages, libraries, and frameworks supported in the latest release of CodeQL...</div> </div> <div class="Subhead border-0"> <a href="codeql-overview/codeql-changelog/"> <div class="Subhead-heading f4 text-center">Change logs</div> </a> <div class="Subhead-description">Read about the improvements to the queries, libraries, and tooling in each release...</div> </div> <div class="Subhead border-0"> <a href="codeql-overview/system-requirements/"> <div class="Subhead-heading f4 text-center">System requirements</div> </a> <div class="Subhead-description">View the system requirements for running the latest version of CodeQL...</div> </div> <div class="Subhead border-0"> <a href="../codeql-query-help/codeql-cwe-coverage/"> <div class="Subhead-heading f4 text-center">CodeQL coverage of CWEs</div> </a> <div class="Subhead-description">Detailed information on the coverage of Common Weakness Enumerations (CWEs) in the latest release...</div> </div> </div> </div> <div class="Box col-lg-5 col-sm-12 border-0"> <div class="Box-header border-0 bg-white"> <h2 class="Box-title text-mono f2 text-center"> LEARN TO WRITE CODEQL </h2> </div> <div class="Subhead border-0"> <a href="codeql-overview/about-codeql"> <div class="Subhead-heading f4 text-center">About CodeQL</div> </a> <div class="Subhead-description">Learn what CodeQL is and how it works...</div> </div> <div class="Subhead border-0"> <a href="writing-codeql-queries"> <div class="Subhead-heading f4 text-center">Writing CodeQL queries</div> </a> <div class="Subhead-description">Get to know more about queries and learn some key query-writing skills by solving puzzles...</div> </div> <div class="Subhead border-0"> <a href="codeql-language-guides"> <div class="Subhead-heading f4 text-center">CodeQL language guides</div> </a> <div class="Subhead-description">Experiment and learn how to write effective and efficient queries for CodeQL databases generated from the languages supported in CodeQL analysis...</div> </div> <div class="Subhead border-0"> <a href="writing-codeql-queries/running-codeql-queries"> <div class="Subhead-heading f4 text-center">Running CodeQL queries</div> </a> <div class="Subhead-description">Learn about the options available for running CodeQL queries on one or multiple codebases...</div> </div> </div> </div> <div class="d-flex flex-column flex-md-row flex-justify-center"> <div class="Box col-lg-5 col-sm-12 border-0"> <div class="Box-header border-0 bg-white"> <h2 class="Box-title text-mono f2 text-center"> CODEQL RESOURCES </h2> </div> <div class="Subhead border-0"> <a href="https://github.com/github/codeql-cli-binaries/releases"> <div class="Subhead-heading f4 text-center">CodeQL CLI releases</div> </a> <div class="Subhead-description">Download the latest version of the CodeQL CLI...</div> </div> <div class="Subhead border-0"> <a href="https://marketplace.visualstudio.com/items?itemName=GitHub.vscode-codeql"> <div class="Subhead-heading f4 text-center">CodeQL extension for Visual Studio Code</div> </a> <div class="Subhead-description">Download the extension from the Visual Studio Code Marketplace...</div> </div> <div class="Subhead border-0"> <a href="https://github.com/github/codeql"> <div class="Subhead-heading f4 text-center">CodeQL repository</div> </a> <div class="Subhead-description">Contribute to the source code of the libraries and queries for CodeQL... </div> </div> </div> <div class="Box col-lg-5 col-sm-12 border-0"> <div class="Box-header border-0 bg-white"> <h2 class="Box-title text-mono f2 text-center"> CODEQL REFERENCE DOCS </h2> </div> <div class="Box-body border-bottom-0"> <div class="Subhead border-0"> <div class="Subhead border-0"> <a href="ql-language-reference"> <div class="Subhead-heading f4 text-center">QL language reference</div> </a> <div class="Subhead-description">Learn all about QL, the powerful query language that underlies the code scanning tool CodeQL... </div> </div> <a href="../codeql-standard-libraries"> <div class="Subhead-heading f4 text-center">CodeQL standard libraries</div> </a> <div class="Subhead-description">Find details of the predicates, modules, and classes included with CodeQL...</div> </div> <div class="Subhead border-0"> <a href="../codeql-query-help"> <div class="Subhead-heading f4 text-center">CodeQL query help</div> </a> <div class="Subhead-description">View the query help for the queries included in the code scanning query suites...</div> </div> </div> </div> </div> </article> <div class="footer mt-6 bg-gray-light border-y border-gray-dark no-print"> <div class="container-xl px-3 px-md-6"> <div class="d-flex flex-wrap py-5 mb-5"> <div class="col-12 col-lg-4 mb-5"> <a href="https://github.com/" data-ga-click="Footer, go to home, text:home" class="text-gray-dark" aria-label="Go to GitHub homepage"> <svg version="1.1" width="84.375" height="30" viewBox="0 0 45 16" class="octicon octicon-logo-github" aria-hidden="true"> <path fill-rule="evenodd" d="M18.53 12.03h-.02c.009 0 .015.01.024.011h.006l-.01-.01zm.004.011c-.093.001-.327.05-.574.05-.78 0-1.05-.36-1.05-.83V8.13h1.59c.09 0 .16-.08.16-.19v-1.7c0-.09-.08-.17-.16-.17h-1.59V3.96c0-.08-.05-.13-.14-.13h-2.16c-.09 0-.14.05-.14.13v2.17s-1.09.27-1.16.28c-.08.02-.13.09-.13.17v1.36c0 .11.08.19.17.19h1.11v3.28c0 2.44 1.7 2.69 2.86 2.69.53 0 1.17-.17 1.27-.22.06-.02.09-.09.09-.16v-1.5a.177.177 0 00-.146-.18zM42.23 9.84c0-1.81-.73-2.05-1.5-1.97-.6.04-1.08.34-1.08.34v3.52s.49.34 1.22.36c1.03.03 1.36-.34 1.36-2.25zm2.43-.16c0 3.43-1.11 4.41-3.05 4.41-1.64 0-2.52-.83-2.52-.83s-.04.46-.09.52c-.03.06-.08.08-.14.08h-1.48c-.1 0-.19-.08-.19-.17l.02-11.11c0-.09.08-.17.17-.17h2.13c.09 0 .17.08.17.17v3.77s.82-.53 2.02-.53l-.01-.02c1.2 0 2.97.45 2.97 3.88zm-8.72-3.61h-2.1c-.11 0-.17.08-.17.19v5.44s-.55.39-1.3.39-.97-.34-.97-1.09V6.25c0-.09-.08-.17-.17-.17h-2.14c-.09 0-.17.08-.17.17v5.11c0 2.2 1.23 2.75 2.92 2.75 1.39 0 2.52-.77 2.52-.77s.05.39.08.45c.02.05.09.09.16.09h1.34c.11 0 .17-.08.17-.17l.02-7.47c0-.09-.08-.17-.19-.17zm-23.7-.01h-2.13c-.09 0-.17.09-.17.2v7.34c0 .2.13.27.3.27h1.92c.2 0 .25-.09.25-.27V6.23c0-.09-.08-.17-.17-.17zm-1.05-3.38c-.77 0-1.38.61-1.38 1.38 0 .77.61 1.38 1.38 1.38.75 0 1.36-.61 1.36-1.38 0-.77-.61-1.38-1.36-1.38zm16.49-.25h-2.11c-.09 0-.17.08-.17.17v4.09h-3.31V2.6c0-.09-.08-.17-.17-.17h-2.13c-.09 0-.17.08-.17.17v11.11c0 .09.09.17.17.17h2.13c.09 0 .17-.08.17-.17V8.96h3.31l-.02 4.75c0 .09.08.17.17.17h2.13c.09 0 .17-.08.17-.17V2.6c0-.09-.08-.17-.17-.17zM8.81 7.35v5.74c0 .04-.01.11-.06.13 0 0-1.25.89-3.31.89-2.49 0-5.44-.78-5.44-5.92S2.58 1.99 5.1 2c2.18 0 3.06.49 3.2.58.04.05.06.09.06.14L7.94 4.5c0 .09-.09.2-.2.17-.36-.11-.9-.33-2.17-.33-1.47 0-3.05.42-3.05 3.73s1.5 3.7 2.58 3.7c.92 0 1.25-.11 1.25-.11v-2.3H4.88c-.11 0-.19-.08-.19-.17V7.35c0-.09.08-.17.19-.17h3.74c.11 0 .19.08.19.17z"> </path> </svg> </a> </div> <div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-lg-0 pl-lg-4"> <h3 class="mb-3 text-mono text-gray-light text-normal">Product</h3> <ul class="list-style-none text-gray f5"> <li class="lh-condensed mb-3"><a href="https://github.com/features" data-ga-click="Footer, go to features, text:features" class="link-gray">Features</a> </li> <li class="lh-condensed mb-3"><a href="https://github.com/security" data-ga-click="Footer, go to security, text:security" class="link-gray">Security</a> </li> <li class="lh-condensed mb-3"><a href="https://github.com/features/copilot" data-ga-click="Footer, go to copilot, text:copilot" class="link-gray">Copilot</a></li> <li class="lh-condensed mb-3"><a href="https://github.com/enterprise" data-ga-click="Footer, go to enterprise, text:enterprise" class="link-gray">Enterprise</a></li> <li class="lh-condensed mb-3"><a href="https://github.com/case-studies?type=customers" data-ga-click="Footer, go to case studies, text:case studies" class="link-gray">Case Studies</a></li> <li class="lh-condensed mb-3"><a href="https://github.com/pricing" data-ga-click="Footer, go to pricing, text:pricing" class="link-gray">Pricing</a></li> <li class="lh-condensed mb-3"><a href="https://resources.github.com" data-ga-click="Footer, go to resources, text:resources" class="link-gray">Resources</a> </li> </ul> </div> <div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-md-0 pl-md-4"> <h3 class="mb-3 text-mono text-gray-light text-normal">Platform</h3> <ul class="list-style-none f5"> <li class="lh-condensed mb-3"><a href="https://docs.github.com/get-started/exploring-integrations/about-building-integrations" data-ga-click="Footer, go to api, text:api" class="link-gray">Developer API</a></li> <li class="lh-condensed mb-3"><a href="http://partner.github.com/" data-ga-click="Footer, go to partner, text:partner" class="link-gray">Partners</a></li> <li class="lh-condensed mb-3"><a href="https://github.com/edu" data-ga-click="Footer, go to education, text:education" class="link-gray">Education</a></li> <li class="lh-condensed mb-3"><a href="https://cli.github.com/" data-ga-click="Footer, go to cli, text:cli" class="link-gray">GitHub CLI</a> </li> <li class="lh-condensed mb-3"><a href="https://desktop.github.com/" data-ga-click="Footer, go to desktop, text:desktop" class="link-gray">GitHub Desktop</a> </li> </ul> </div> <div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-md-0 pl-md-4"> <h3 class="mb-3 text-mono text-gray-light text-normal">Support</h3> <ul class="list-style-none f5"> <li class="lh-condensed mb-3"><a href="https://docs.github.com" class="link-gray">GitHub Docs</a></li> <li class="lh-condensed mb-3"><a href="https://github.community" class="link-gray">Community Forum</a></li> <li class="lh-condensed mb-3"><a href="https://services.github.com/" class="link-gray">Training</a></li> <li class="lh-condensed mb-3"><a href="https://githubstatus.com/" class="link-gray">Status</a> </li> <li class="lh-condensed mb-3"><a href="https://support.github.com/contact" class="link-gray">Contact GitHub</a></li> </ul> </div> <div class="col-6 col-sm-3 col-lg-2 mb-6 mb-md-2 pr-3 pr-md-0 pl-md-4"> <h3 class="mb-3 text-mono text-gray-light text-normal">Company</h3> <ul class="list-style-none f5"> <li class="lh-condensed mb-3"><a href="https://github.com/about" class="link-gray">About</a> </li> <li class="lh-condensed mb-3"><a href="https://github.blog/" class="link-gray">Blog</a></li> <li class="lh-condensed mb-3"><a href="https://github.careers/" class="link-gray">Careers</a></li> <li class="lh-condensed mb-3"><a href="https://github.com/about/press" class="link-gray">Press</a></li> <li class="lh-condensed mb-3"><a href="https://shop.github.com" class="link-gray">Shop</a></li> </ul> </div> </div> </div> <div class="bg-gray-light"> <div class="container-xl px-3 px-md-6 f6 py-4 d-sm-flex flex-justify-between flex-row-reverse flex-items-center"> <ul class="list-style-none d-flex flex-items-center mb-3 mb-sm-0 lh-condensed-ultra"> <li class="mr-3"> <a href="https://twitter.com/github" title="GitHub on Twitter" style="color: #959da5;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 273.5 222.3" class="d-block" height="18"> <path d="M273.5 26.3a109.77 109.77 0 0 1-32.2 8.8 56.07 56.07 0 0 0 24.7-31 113.39 113.39 0 0 1-35.7 13.6 56.1 56.1 0 0 0-97 38.4 54 54 0 0 0 1.5 12.8A159.68 159.68 0 0 1 19.1 10.3a56.12 56.12 0 0 0 17.4 74.9 56.06 56.06 0 0 1-25.4-7v.7a56.11 56.11 0 0 0 45 55 55.65 55.65 0 0 1-14.8 2 62.39 62.39 0 0 1-10.6-1 56.24 56.24 0 0 0 52.4 39 112.87 112.87 0 0 1-69.7 24 119 119 0 0 1-13.4-.8 158.83 158.83 0 0 0 86 25.2c103.2 0 159.6-85.5 159.6-159.6 0-2.4-.1-4.9-.2-7.3a114.25 114.25 0 0 0 28.1-29.1" fill="currentColor"></path> </svg> </a> </li> <li class="mr-3"> <a href="https://www.facebook.com/GitHub" title="GitHub on Facebook" style="color: #959da5;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 15.3 15.4" class="d-block" height="18"> <path d="M14.5 0H.8a.88.88 0 0 0-.8.9v13.6a.88.88 0 0 0 .8.9h7.3v-6h-2V7.1h2V5.4a2.87 2.87 0 0 1 2.5-3.1h.5a10.87 10.87 0 0 1 1.8.1v2.1h-1.3c-1 0-1.1.5-1.1 1.1v1.5h2.3l-.3 2.3h-2v5.9h3.9a.88.88 0 0 0 .9-.8V.8a.86.86 0 0 0-.8-.8z" fill="currentColor"></path> </svg> </a> </li> <li class="mr-3"> <a href="https://www.youtube.com/github" title="GitHub on YouTube" style="color: #959da5;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.17 13.6" class="d-block" height="16"> <path d="M18.77 2.13A2.4 2.4 0 0 0 17.09.42C15.59 0 9.58 0 9.58 0a57.55 57.55 0 0 0-7.5.4A2.49 2.49 0 0 0 .39 2.13 26.27 26.27 0 0 0 0 6.8a26.15 26.15 0 0 0 .39 4.67 2.43 2.43 0 0 0 1.69 1.71c1.52.42 7.5.42 7.5.42a57.69 57.69 0 0 0 7.51-.4 2.4 2.4 0 0 0 1.68-1.71 25.63 25.63 0 0 0 .4-4.67 24 24 0 0 0-.4-4.69zM7.67 9.71V3.89l5 2.91z" fill="currentColor"></path> </svg> </a> </li> <li class="mr-3 flex-self-start"> <a href="https://www.linkedin.com/company/github" title="GitHub on Linkedin" style="color: #959da5;"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19 18" class="d-block" height="18"> <path d="M3.94 2A2 2 0 1 1 2 0a2 2 0 0 1 1.94 2zM4 5.48H0V18h4zm6.32 0H6.34V18h3.94v-6.57c0-3.66 4.77-4 4.77 0V18H19v-7.93c0-6.17-7.06-5.94-8.72-2.91z" fill="currentColor"></path> </svg> </a> </li> <li> <a href="https://github.com/github" title="GitHub's organization" style="color: #959da5;"> <svg version="1.1" width="20" height="20" viewBox="0 0 16 16" class="octicon octicon-mark-github" aria-hidden="true"> <path fill-rule="evenodd" d="M8 0C3.58 0 0 3.58 0 8c0 3.54 2.29 6.53 5.47 7.59.4.07.55-.17.55-.38 0-.19-.01-.82-.01-1.49-2.01.37-2.53-.49-2.69-.94-.09-.23-.48-.94-.82-1.13-.28-.15-.68-.52-.01-.53.63-.01 1.08.58 1.23.82.72 1.21 1.87.87 2.33.66.07-.52.28-.87.51-1.07-1.78-.2-3.64-.89-3.64-3.95 0-.87.31-1.59.82-2.15-.08-.2-.36-1.02.08-2.12 0 0 .67-.21 2.2.82.64-.18 1.32-.27 2-.27.68 0 1.36.09 2 .27 1.53-1.04 2.2-.82 2.2-.82.44 1.1.16 1.92.08 2.12.51.56.82 1.27.82 2.15 0 3.07-1.87 3.75-3.65 3.95.29.25.54.73.54 1.48 0 1.07-.01 1.93-.01 2.2 0 .21.15.46.55.38A8.013 8.013 0 0016 8c0-4.42-3.58-8-8-8z"> </path> </svg> </a> </li> </ul> <ul class="list-style-none d-flex text-gray"> <li class="mr-3">&copy; <script type="text/javascript">document.write(new Date().getFullYear());</script> GitHub, Inc.</li> <li class="mr-3"><a href="https://docs.github.com/site-policy/github-terms/github-terms-of-service" class="link-gray">Terms </a></li> <li><a href="https://docs.github.com/site-policy/privacy-policies/github-privacy-statement" class="link-gray">Privacy </a></li> </ul> </div> </div> </div> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10