What is a CodeQL query pack, and how is it used in Code Scanning?

CodeQL query packs are packaged groups of reusable CodeQL queries and related resources built for a specific language or domain. They let you share and reuse curated analyses across projects, so organizations can enforce the security checks they care about. In Code Scanning, packs are brought into the scan by the CodeQL analyzer: you fetch and install packs from the CodeQL packs registry, and the scanner runs the queries contained in those packs alongside the default analyses. This modular approach makes it easy to tailor scanning to your environment, version and maintain analyses independently, and apply consistent checks across your codebase. A pack includes multiple queries, metadata, tests, and dependencies rather than just a single query, and it’s not a runtime module or a container image containing the entire codebase.