How can you limit the scope of CodeQL analysis to specific languages or paths?

Limiting CodeQL analysis scope is done by configuring the workflow to target only chosen languages and to exclude certain paths. The languages setting tells CodeQL which language databases to build and analyze, so you can focus on just the languages relevant to your project and avoid spending time on others. Excluding paths or folders tells CodeQL to skip files in those locations, such as generated code, dependencies, or test assets, keeping the scan focused on the areas you care about and reducing runtime. In practice, you configure the CodeQL action to list the desired languages, and you add path filtering (via workflow path filters or a CodeQL config) to omit specific directories from analysis. This approach automates selective scanning and scales with project changes, unlike turning off CodeQL, scanning only the latest commit, or reviewing files manually, which either disables the benefits or undermines automation.