Contents
This is an overview of changes in the CodeQL CLI and relevant CodeQL query and library packs. For additional updates on changes to the CodeQL code scanning experience, check out the code scanning section on the GitHub blog, relevant GitHub Changelog updates, changes in the CodeQL extension for Visual Studio Code, and the CodeQL Action changelog.
Security Coverage¶CodeQL 2.9.4 runs a total of 335 security queries when configured with the Default suite (covering 142 CWE). The Extended suite enables an additional 104 queries (covering 30 more CWE).
CodeQL CLI¶ New Features¶Users of CodeQL Packaging Beta can now optionally authenticate to Container registries on GitHub Enterprise Server (GHES) versions 3.6 and later using standard input instead of the CODEQL_REGISTRIES_AUTH environment variable. To authenticate via standard input, pass --registries-auth-stdin. The value you provide will override the value of the CODEQL_REGISTRIES_AUTH environment variable.
Calls to Zip::File.open and Zip::File.new have been added as FileSystemAccess sinks. As a result queries like rb/path-injection now flag up cases where users may access arbitrary archive files.
An isBraced predicate was added to the Initializer class which holds when a C++ braced initializer was used in the initialization.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4