codeql ☆

« Back to VersTracker

Description:
Semantic code analysis engine

Type: Cask | Latest Version: 2.24.1@0 | Tracked Since: Dec 17, 2025

Links: Homepage | @github | formulae.brew.sh

Category: Security

Tags: security static-analysis code-scanning developer-tools vulnerability-detection

Install: brew install --cask codeql

About:
CodeQL is a powerful semantic code analysis engine that treats code as data, enabling developers to query and find vulnerabilities across codebases. It powers GitHub Advanced Security's code scanning and allows for custom queries to identify complex security flaws and bugs. This tool is essential for automating deep code inspection to proactively improve software security.

Key Features:

Semantic code analysis engine that treats code as data
Powers GitHub Advanced Security code scanning
Supports custom query writing in QL language
Identifies vulnerabilities, bugs, and logic errors
Integrates with CI/CD pipelines for automated scanning

Use Cases:

Automated security vulnerability detection in CI/CD pipelines
Deep codebase auditing for compliance and security standards
Developing custom static analysis rules for specific code patterns

Alternatives:

SonarQube – SonarQube provides broader code quality metrics and rules, while CodeQL focuses specifically on semantic analysis and security vulnerabilities through data flow analysis.

Version History

Detected	Version	Change	Commit
Feb 5, 2026 6:49pm	2.24.1	VERSION_BUMP	11b4ffa4
Jan 26, 2026 12:57pm	2.24.0	VERSION_BUMP	632ecf8c
Jan 9, 2026 6:52pm	2.23.9	VERSION_BUMP	035cf34f
Aug 23, 2025 12:08pm	2.22.4	VERSION_BUMP	c8832069
Aug 6, 2025 9:51pm	2.22.3	VERSION_BUMP	37e5cbf1
Jul 29, 2025 6:47pm	2.22.2	VERSION_BUMP	ee3f93e6
Aug 13, 2024 3:36pm	2.18.2	VERSION_BUMP	34993cc4
Jul 25, 2024 6:36pm	2.18.1	VERSION_BUMP	9492e751
Jul 11, 2024 9:38am	2.18.0	VERSION_BUMP	64d3774d
Jun 30, 2024 11:17am	2.17.6	VERSION_BUMP	fa5cb04d
Jun 28, 2024 9:41am	2.17.6	VERSION_BUMP	027460b4