I'd like to enable users of my service to write and execute CodeQL queries. I don't want to offload their execution to GitHub's / Semmle's servers. It's unclear whether this is doable, or whether I'd run into licensing issues.
In the security lab, it says "CodeQL is free for research and open source". I do want for the queries––which users write––to be open source. I don't, however, want for their execution to done by an external service.
Any thoughts would be greatly appreciated. Thank you!
The full CodeQL license terms are available here. The license states (emphasis added):
What you are considering is explicitly disallowed by the license.
If you'd like to explore options, I'd suggest reaching out to the GitHub Security Lab directly.