CodeQL

CodeQL is a semantic code analysis engine that treats programs as queryable databases, enabling users to write expressive queries that identify security vulnerabilities, logic bugs, and code quality issues across large codebases. Instead of just pattern matching text, CodeQL ingests source code, builds rich representations of structure and data flow, and allows queries that reason about control flow, type systems, and interprocedural relationships. This makes it powerful not just for basic linting but for deep detection of complex security flaws like SQL injection, cross-site scripting, and taint propagation that traditional static analyzers can miss. CodeQL is used by security teams, developers, and open-source tooling to create reusable query libraries, enforce policy across repositories, and automate findings in CI/CD pipelines.

Features

Semantic code analysis via queryable code databases
Detects complex security vulnerabilities and logic bugs
Multi-language support with extensible schemas
Integrates into CI/CD for automated scanning
Custom query library creation for domain-specific rules
Designed to reduce false positives and shift security left

Project Samples

Project Activity

See All Activity >

License

MIT License

Follow CodeQL

CodeQL Web Site

Other Useful Business Software

IT Asset Management (ITAM) Software

Supercharge Your IT Assets, the Easy Way

EZO AssetSonar is a comprehensive IT asset management platform that provides real-time visibility into your entire digital infrastructure. Track and optimize hardware, software, and license management to reduce risks, control IT spend, and improve compliance.

Learn More

Rate This Project

User Reviews

Be the first to post a review of CodeQL!

Additional Project Details

Programming Language

Related Categories

C# Libraries

Registered

2026-01-23

Similar Business Software

Webix

JavaScript UI library and framework for speeding up web development. JS Framework for cross-platform web Apps development 102 UI widgets and feature-rich CSS / HTML5 JavaScript controls. Save at least 3000+ development hours by using ready-made widgets and UI controls. Develop Web UI 30% faster....

See Software
Dexie

Dexie.js is a minimalistic and bulletproof IndexedDB wrapper library designed to simplify client-side storage. At only ~29k minified and gzipped, it offers a concise API that addresses the complexities of native IndexedDB, such as ambivalent error handling, poor queries, lack of reactivity, and...

See Software
React

React makes it painless to create interactive UIs. Design simple views for each state in your application, and React will efficiently update and render just the right components when your data changes. Declarative views make your code more predictable and easier to debug. Build encapsulated...

See Software
Kendo UI

Kendo UI is the ultimate collection of JavaScript UI components with libraries for jQuery, Angular, React, and Vue. Quickly build eye-catching, high-performance, responsive web applications—regardless of your JavaScript framework choice. Easily add advanced JavaScript components into your...

See Software
WinJS

Microsoft is committed to making sure that WinJS continues to run for existing customers. At this time we don't have plans to invest in new features or feature requests. Bug fixes will be limited to correcting substantial issues that are blocking customer deployments. We may also consider bug...

See Software
DHTMLX

DHTMLX is a JavaScript UI library that provides a set of highly customizable and flexible components for building modern and responsive web applications. The library includes more than 30 UI components, such as Gantt, Scheduler, Kanban, diagrams, charts, grids, spreadsheets, calendars, trees,...

See Software