Learn how to install CodeQL on MacOS, Linux, and Windows. Follow the step-by-step guide to set up this powerful SAST tool for your projects.

CodeQL is an open-source, powerful static analysis engine that helps developers identify vulnerabilities and bugs in their code. This guide will walk you through installing CodeQL on macOS, Linux, and Windows systems.

You have two options for installing CodeQL on macOS:

Using Homebrew (Recommended)

The simplest way to install CodeQL on macOS is by using Homebrew:

brew install codeql

Manual Installation

1. Download the latest binary from the CodeQL CLI releases page for MacOS and unzip it.
2. Move the binary to the appropriate location.

sudo mv ~/Downloads/codeql /usr/local/

3. Add CodeQL to your PATH.

echo 'export PATH="/usr/local/codeql:$PATH"' >> ~/.zshrc
source ~/.zshrc

Note: To uninstall CodeQL, simply remove the directory and the PATH entry — sudo rm -rf /usr/local/codeql

Note: After unzipping the CodeQL archive, you’ll see a folder named codeql that contains the actual codeql executable plus supporting files. Some people prefer to move just the codeql executable into /usr/local/bin so it’s immediately in the PATH. If you move the entire codeql folder (for example, to /usr/local/codeql), you’ll need to update your PATH to include /usr/local/codeql/ (as discussed above).

Follow these steps to install CodeQL on the Linux machine:

1. Download the latest CodeQL Linux binary (replace v2.15.5 with the latest version):

cd ~
wget https://github.com/github/codeql-cli-binaries/releases/download/v2.15.5/codeql-linux64.zip
unzip codeql-linux64.zip

2. Move CodeQL to the appropriate location:

sudo mv codeql /opt/

3. Add to your PATH:

echo 'export PATH="/opt/codeql:$PATH"' >> ~/.bashrc
source ~/.bashrc

4. Once done, verify the installation:

codeql --version

Installation on Windows requires a few PowerShell commands:

1. Create and navigate to the installation directory:

cd C:\codeql

2. Download and extract CodeQL:

$version = "2.15.5"
Invoke-WebRequest -Uri "https://github.com/github/codeql-cli-binaries/releases/download/v$version/codeql-win64.zip" -OutFile "codeql.zip"
Expand-Archive -Path codeql.zip -DestinationPath . -Force

3. Add CodeQL to your system PATH:

$oldPath = [Environment]::GetEnvironmentVariable('Path', 'Machine')
$newPath = $oldPath + ';C:\codeql\codeql'
[Environment]::SetEnvironmentVariable('Path', $newPath, 'Machine')

Important: When modifying the system-wide Path environment variable on Windows, you need to run PowerShell as Administrator.

After installing CodeQL on any platform, verify the installation by running:

codeql --version

CodeQL is a versatile tool that can be installed on any major operating system. Whether you’re using macOS, Linux, or Windows, the installation process is straightforward and can be completed in just a few minutes. Once installed, you can verify your setup by running codeql --version in your terminal.