Skip to content

specifying-command-options-in-a-codeql-configuration-file.md

Latest commit

 

History

History
60 lines (46 loc) · 2.87 KB

specifying-command-options-in-a-codeql-configuration-file.md

File metadata and controls

60 lines (46 loc) · 2.87 KB
title Specifying command options in a CodeQL configuration file
shortTitle Specify command options in a CodeQL configuration file
intro Save time by adding your frequently used command options and custom {% data variables.product.prodname_codeql %} packs to a {% data variables.product.prodname_codeql %} configuration file.
product {% data reusables.gated-features.codeql %}
versions
fpt ghes ghec
*
*
*
redirect_from
/code-security/codeql-cli/specifying-command-options-in-a-codeql-configuration-file
/code-security/codeql-cli/using-the-codeql-cli/specifying-command-options-in-a-codeql-configuration-file
/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/specifying-command-options-in-a-codeql-configuration-file
/code-security/how-tos/scan-code-for-vulnerabilities/scan-from-the-command-line/specifying-command-options-in-a-codeql-configuration-file
contentType how-tos
category
Customize vulnerability detection with CodeQL

Using a {% data variables.product.prodname_codeql %} configuration file

  1. Create and save a config file under your home (Linux and macOS) or user profile (Windows) directory in the .config/codeql/ subdirectory. For example, $HOME/.config/codeql/config.

  2. In the config file, specify the options you want to apply to your {% data variables.product.prodname_codeql %} commands. The syntax for specifying options is as follows:

    <command> <subcommand> <option> <value>

  3. To apply the same options to more than one command, you can:

    • Omit <subcommand>, which will specify the option for every relevant <subcommand>
    • Omit both <command> and <subcommand>, which will specify the option globally for every relevant <command> and <subcommand>

Note

  • config files only accept spaces, not =, between option flags and values.
  • Specifying an option on the command line overrides any config value defined for that option.
  • To specify more than one option for a <command>, <subcommand>, or globally, use one line per option.

Examples

  • To output all analysis results generated by codeql database analyze as CSV format, you would specify:

    database analyze --format csv

    Here, you have to specify the command and subcommand to prevent any of the low-level commands that are executed during database analyze being passed the same --format option.

  • To define the RAM (4096 MB) and number of threads (4) to use when running {% data variables.product.prodname_codeql %} commands, specify the following, on separate lines:

    --ram 4096
--threads 4

  • To globally specify a directory for {% data variables.product.prodname_codeql %} to scan for {% data variables.product.prodname_codeql %} packs (which is not a sibling of the installation directory), use:

    --search-path <path-to-directory>