Skip to main content
GitHub Docs
Search or ask Copilot
Select language: current language is English
Search or ask Copilot
Open menu
Open Sidebar
  • Security and code quality/
  • CodeQL CLI/
  • Advanced functionality/
  • Advanced setup of the CodeQL CLI
Home

Security and code quality

    • GitHub security features
    • Dependabot quickstart
    • Secure repository quickstart
    • Add a security policy
    • Audit security alerts
    • Prevent data leaks
    • GitHub secret types
    • Plan GHAS trial
    • Trial Advanced Security
    • Enable security features in trial
    • Trial Secret Protection
    • Trial Code Security
    • Introduction
    • 1. Align on strategy
    • 2. Preparation
    • 3. Pilot programs
    • 4. Create internal documentation
    • 5. Rollout code scanning
    • 6. Rollout secret scanning
      • About organization security
      • Create custom configuration
      • Apply custom configuration
      • Configure global settings
      • Give access to private registries
      • Interpret security data
      • Filter repositories
      • Edit custom configuration
      • Manage paid GHAS use
      • Detach security configuration
      • Find attachment failures
      • Delete custom configuration
      • Secret risk assessment
      • Assess your secret risk
      • View risk report
      • Export risk report CSV
      • Risk report CSV contents
      • Interpret results
      • Secret protection
      • Push protection cost savings
      • Secret protection pricing
      • Active advanced setup
      • Unexpected default setup
      • Not enough GHAS licenses
      • Feature disappears
      • Secret scanning
      • Push protection
      • Supported patterns
      • Enable secret scanning
      • Enable push protection
      • About alerts
      • View alerts
      • Evaluate alerts
      • Resolve alerts
      • Monitor alerts
      • Remediate a leaked secret
      • Push protection on the command line
      • Push protection from the REST API
      • Push protection in the GitHub UI
      • Exclude folders and files
        • Enable for non-provider patterns
        • Define custom patterns
        • Manage custom patterns
        • Custom pattern metrics
        • About delegated bypass
        • Enable delegated bypass
        • Manage bypass requests
      • Delegated alert dismissal
      • Troubleshoot secret scanning
      • About code scanning
      • About CodeQL code scanning
      • Configure code scanning
      • Evaluate code scanning
      • Code scanning at scale
      • Configure advanced setup
      • Customize advanced setup
      • CodeQL for compiled languages
      • CodeQL advanced setup at scale
      • Hardware resources for CodeQL
      • Code scanning in a container
      • About code scanning alerts
      • Assess alerts
      • Resolve alerts
      • Triage alerts in pull requests
      • Code scanning tool status
      • Edit default setup
      • Set merge protection
      • Enable delegated alert dismissal
      • CodeQL query suites
      • View code scanning logs
      • Actions CodeQL queries
      • C and C++ CodeQL queries
      • C# CodeQL queries
      • GitHub Actions queries
      • Go CodeQL queries
      • Java and Kotlin CodeQL queries
      • JavaScript and TypeScript queries
      • Python CodeQL queries
      • Ruby CodeQL queries
      • Rust CodeQL queries
      • Swift CodeQL queries
      • About integration
      • Using code scanning with your existing CI system
      • Upload a SARIF file
      • SARIF support
      • Code Security must be enabled
      • Alerts in generated code
      • Analysis takes too long
      • Automatic build failed
      • C# compiler failing
      • Cannot enable CodeQL in a private repository
      • Enabling default setup takes too long
      • Extraction errors in the database
      • Fewer lines scanned than expected
      • Logs not detailed enough
      • No source code seen during build
      • Not recognized
      • Out of disk or memory
      • Results different than expected
      • Some languages not analyzed
      • Two CodeQL workflows
      • Unclear what triggered a workflow
      • Unnecessary step found
      • Kotlin detected in no build
      • GitHub Code Security disabled
      • Default setup is enabled
      • GitHub token missing
      • SARIF file invalid
      • Results file too large
      • Results exceed limits
      • About the CodeQL CLI
      • Setting up the CodeQL CLI
      • Preparing code for analysis
      • Analyzing code
      • Uploading results to GitHub
      • Customizing analysis
      • Advanced setup of the CodeQL CLI
      • About CodeQL workspaces
      • Using custom queries with the CodeQL CLI