3b092b4cb8
* Update enterprise-server-releases.js * Run deprecation script * Remove finding / managing security vulnerabilities * remove vuln from translations * remove more dead pages * Restore heavily used files * Remove 2.22 refs in tests * Update working-with-the-npm-registry.md
2.7 KiB
When you use {% data variables.product.prodname_codeql %} to scan code, the {% data variables.product.prodname_codeql %} analysis engine generates a database from the code and runs queries on it. {% data variables.product.prodname_codeql %} analysis uses a default set of queries, but you can specify more queries to run, in addition to the default queries.
{% if codeql-packs %} You can run extra queries if they are part of a {% data variables.product.prodname_codeql %} pack (beta) published to the {% data variables.product.company_short %} {% data variables.product.prodname_container_registry %} or a {% data variables.product.prodname_ql %} pack stored in a repository. For more information, see "About {% data variables.product.prodname_code_scanning %} with {% data variables.product.prodname_codeql %}."
The options available to specify the additional queries you want to run are:
packsto install one or more {% data variables.product.prodname_codeql %} query packs (beta) and run the default query suite or queries for those packs.queriesto specify a single .ql file, a directory containing multiple .ql files, a .qls query suite definition file, or any combination. For more information about query suite definitions, see "Creating {% data variables.product.prodname_codeql %} query suites."
You can use both packs and queries in the same workflow.
{% else %}
Any additional queries you want to run must belong to a {% data variables.product.prodname_ql %} pack in a repository. For more information, see "About {% data variables.product.prodname_code_scanning %} with {% data variables.product.prodname_codeql %}."
You can specify a single .ql file, a directory containing multiple .ql files, a .qls query suite definition file, or any combination. For more information about query suite definitions, see "Creating {% data variables.product.prodname_codeql %} query suites." {% endif %}
{% ifversion fpt or ghec %}We don't recommend referencing query suites directly from the github/codeql repository, like github/codeql/cpp/ql/src@main. Such queries may not be compiled with the same version of {% data variables.product.prodname_codeql %} as used for your other queries, which could lead to errors during analysis.{% endif %}