Find and fix code vulnerabilities

Configure code scanning for your repositories by choosing between default or advanced setup and customizing advanced settings as needed.

Manage and refine your code scanning configuration by monitoring tool status, updating default setup settings, and enforcing protections as your needs evolve.

Run code scanning from the command line using the CodeQL CLI to configure scans, customize queries, and troubleshoot results.

Scan and analyze code from Visual Studio Code using CodeQL to write, test, and run queries, explore code structure, and manage databases and packs.

Integrate code scanning with your existing tools and workflows by running scans in your CI system or uploading results to GitHub using Static Analysis Results Interchange Format (SARIF).