{"meta":{"title":"Concepts for CodeQL","intro":"Understand the core concepts behind CodeQL and how it helps you find vulnerabilities and errors in your code.","product":"Security and code quality","breadcrumbs":[{"href":"/en/code-security","title":"Security and code quality"},{"href":"/en/code-security/concepts","title":"Concepts"},{"href":"/en/code-security/concepts/code-scanning","title":"Code scanning"},{"href":"/en/code-security/concepts/code-scanning/codeql","title":"CodeQL"}],"documentType":"subcategory"},"body":"# Concepts for CodeQL\n\nUnderstand the core concepts behind CodeQL and how it helps you find vulnerabilities and errors in your code.\n\n## Links\n\n* [About code scanning with CodeQL](/en/code-security/concepts/code-scanning/codeql/about-code-scanning-with-codeql)\n\n  You can use CodeQL to identify vulnerabilities and errors in your code. The results are shown as code scanning alerts in GitHub.\n\n* [About CodeQL code scanning for compiled languages](/en/code-security/concepts/code-scanning/codeql/about-codeql-code-scanning-for-compiled-languages)\n\n  Understand how CodeQL analyzes compiled languages, the build options available, and learn how you can customize the database generation process if you need to.\n\n* [CodeQL query suites](/en/code-security/concepts/code-scanning/codeql/codeql-query-suites)\n\n  You can choose from different built-in CodeQL query suites to use in your CodeQL code scanning setup.\n\n* [Custom CodeQL queries](/en/code-security/concepts/code-scanning/codeql/custom-codeql-queries)\n\n  Custom queries extend CodeQL's built-in security analysis to detect vulnerabilities and enforce coding standards specific to your codebase.\n\n* [About the CodeQL CLI](/en/code-security/concepts/code-scanning/codeql/about-the-codeql-cli)\n\n  You can use the CodeQL CLI to run CodeQL processes locally on software projects or to generate code scanning results for upload to GitHub.\n\n* [About CodeQL for VS Code](/en/code-security/concepts/code-scanning/codeql/about-codeql-for-vs-code)\n\n  You can write, run, and test CodeQL queries inside Visual Studio Code with the CodeQL extension.\n\n* [About CodeQL workspaces](/en/code-security/concepts/code-scanning/codeql/about-codeql-workspaces)\n\n  CodeQL workspaces let you develop and maintain multiple related CodeQL packs together, resolving dependencies between them directly from source.\n\n* [Query reference files](/en/code-security/concepts/code-scanning/codeql/query-reference-files)\n\n  You can use query reference files to define the location of a query you want to run in tests.\n\n* [CodeQL query packs](/en/code-security/concepts/code-scanning/codeql/codeql-query-packs)\n\n  You can choose from different built-in CodeQL query suites to use in your CodeQL code scanning setup."}