Scan from VS Code

Scan and analyze code from Visual Studio Code using CodeQL to write, test, and run queries, explore code structure, and manage databases and packs.

Installing CodeQL for Visual Studio Code

To get started with CodeQL for Visual Studio Code, you need to install and set up the extension.

Managing CodeQL databases

You can work with CodeQL databases using the extension.

Running CodeQL queries

You can run queries on CodeQL databases and view the results in Visual Studio Code.

Exploring data flow with path queries

You can run CodeQL queries in Visual Studio Code to help you track the flow of data through a program, highlighting areas that are potential security vulnerabilities.

Using the CodeQL model editor

You can view, write, and edit CodeQL model packs in Visual Studio Code.

Creating a custom query

You can work from a template to write your own code to create a custom query to analyze a specific language.

Managing CodeQL query packs and library packs

You can view, write, and edit CodeQL query and library packs in Visual Studio Code using the CodeQL extension.

Exploring the structure of your source code

You can use the AST viewer to display the abstract syntax tree of a CodeQL database.

Testing CodeQL queries in Visual Studio Code

You can run unit tests for CodeQL queries using the Visual Studio Code extension.

Customizing settings

You can edit the settings for the CodeQL for Visual Studio Code extension to suit your needs.

Setting up a CodeQL workspace

When you're working with CodeQL, you need access to the standard libraries and queries.

Configuring access to the CodeQL CLI

The CodeQL for Visual Studio Code extension uses the CodeQL CLI to compile and run queries.