5.5 KiB
title, shortTitle, intro, product, versions, topics, redirect_from
| title | shortTitle | intro | product | versions | topics | redirect_from | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| About CodeQL code scanning in your CI system | Code scanning in your CI | You can analyze your code with {% data variables.product.prodname_codeql %} in a third-party continuous integration system and upload the results to {% data variables.product.product_location %}. The resulting {% data variables.product.prodname_code_scanning %} alerts are shown alongside any alerts generated within {% data variables.product.product_name %}. | {% data reusables.gated-features.code-scanning %} |
|
|
|
{% data reusables.code-scanning.beta %} {% data reusables.code-scanning.enterprise-enable-code-scanning %}
About {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} in your CI system
{% data reusables.code-scanning.about-code-scanning %} For information, see "About {% data variables.product.prodname_code_scanning %} with {% data variables.product.prodname_codeql %}."
{% data reusables.code-scanning.codeql-context-for-actions-and-third-party-tools %}
{% ifversion fpt or ghes > 3.1 or ghae or ghec %}
{% data reusables.code-scanning.codeql-cli-context-for-third-party-tools %}
{% ifversion fpt or ghes > 3.4 or ghae-issue-6251 or ghec %} {% data reusables.code-scanning.about-analysis-origins-link %} {% endif %}
{% data reusables.code-scanning.upload-sarif-ghas %}
About the {% data variables.product.prodname_codeql_cli %}
{% data reusables.code-scanning.what-is-codeql-cli %}
Use the {% data variables.product.prodname_codeql_cli %} to analyze:
- Dynamic languages, for example, JavaScript and Python.
- Compiled languages, for example, C/C++, C# and Java.
- Codebases written in a mixture of languages.
For more information, see "Installing {% data variables.product.prodname_codeql_cli %} in your CI system."
{% data reusables.code-scanning.licensing-note %}
{% ifversion ghes = 3.2 %}
Since version 2.6.3, the {% data variables.product.prodname_codeql_cli %} has had full feature parity with the {% data variables.product.prodname_codeql_runner %}.
{% data reusables.code-scanning.deprecation-codeql-runner %}
{% endif %}
{% endif %}
{% ifversion ghes < 3.2 %} You add the {% data variables.product.prodname_codeql_cli %} or the {% data variables.product.prodname_codeql_runner %} to your third-party system, then call the tool to analyze code and upload the SARIF results to {% data variables.product.product_name %}. The resulting {% data variables.product.prodname_code_scanning %} alerts are shown alongside any alerts generated within {% data variables.product.product_name %}.
{% data variables.product.prodname_codeql_cli %} version 2.6.3 is available now for {% data variables.product.prodname_ghe_server %} 3.0 and later versions. For more information on migrating to the {% data variables.product.prodname_codeql_cli %}, see "Migrating from the CodeQL runner to CodeQL CLI."
{% data reusables.code-scanning.upload-sarif-ghas %}
Comparing {% data variables.product.prodname_codeql_cli %} and {% data variables.product.prodname_codeql_runner %}
{% data reusables.code-scanning.what-is-codeql-cli %}
The {% data variables.product.prodname_codeql_runner %} is a deprecated command-line tool that uses the {% data variables.product.prodname_codeql_cli %} to analyze code and upload the results to {% data variables.product.product_name %}. The tool mimics the analysis run natively within {% data variables.product.product_name %} using actions.
{% data variables.product.prodname_codeql_cli %} 2.6.3 is a complete replacement for the runner with full feature parity. Generally, it is better to use the {% data variables.product.prodname_codeql_cli %} directly.
For more information, see "Installing {% data variables.product.prodname_codeql_cli %} in your CI system."
{% data reusables.code-scanning.deprecation-codeql-runner %}
For more information about the {% data variables.product.prodname_codeql_runner %}, see "Running {% data variables.product.prodname_codeql_runner %} in your CI system."
{% endif %}