Code scanning with GitHub CodeQL

DevOps Engineer

Learn how to use CodeQL, a powerful static analysis tool, to implement code scanning on GitHub.

Learning objectives

By the end of this module, you'll be able to:

  • Understand CodeQL and how it analyzes code.
  • Understand QL, a unique logic programming language.
  • Set up CodeQL based code scanning in a GitHub repository.
  • Reference a custom CodeQL query.
  • Configure the language matrix in a CodeQL workflow.
  • Learn how to use the CodeQL CLI to generate code scanning results and upload them to GitHub.
  • Implement custom build steps.


  • A GitHub enterprise account with a GitHub Advanced Security license
  • Necessary permissions to administrate your repository
  • Knowledge of GitHub Advanced Security's code scanning feature
  • Knowledge of GitHub Actions