CodeQL

codeql · v2.25.3

8.0

Semantic code analysis engine

Developer Tools Homepage →

brew install --cask codeql

Compare with: vs. Codex vs. Microsoft Visual Studio Code vs. Codex vs. OpenCode

572

30-day installs

1.5K

90-day installs

4.2K

365-day installs

Install trend

Trust Score 5/10

✗ Open source (NOASSERTION) +0

✓ Active development +2

✓ Licensed +1

✗ No auto-updates +0

✓ Not deprecated +1

✓ Established (>1yr) +1

✗ Low installs +0

Version History

v2.25.3

4d ago2.25.2→2.25.3

20d ago2.25.1→2.25.2

1mo ago2.25.0→2.25.1

1mo ago2.24.3→2.25.0

Review

Mar 10, 2026

CodeQL is a powerful semantic code analysis engine designed for developers to identify security vulnerabilities and improve code quality. It supports multiple programming languages and integrates with various development workflows, making it an essential tool for software engineers focused on robust and secure coding practices.

CodeQL analyzes source code to detect security vulnerabilities and code quality issues.

Maturity: The project is mature with significant community engagement, though some compatibility issues remain.

Community: CodeQL has generated substantial discussion on Hacker News, particularly around security incidents and its application in various programming contexts.