CodeQL 2.5.8 (2021-07-26)¶

Contents

Security Coverage
CodeQL CLI
- Potentially Breaking Changes
- New Features

This is an overview of changes in the CodeQL CLI and relevant CodeQL query and library packs. For additional updates on changes to the CodeQL code scanning experience, check out the code scanning section on the GitHub blog, relevant GitHub Changelog updates, changes in the CodeQL extension for Visual Studio Code, and the CodeQL Action changelog.

Security Coverage¶

CodeQL 2.5.8 runs a total of 268 security queries when configured with the Default suite (covering 114 CWE). The Extended suite enables an additional 79 queries (covering 28 more CWE). 23 security queries have been added with this release.

CodeQL CLI¶

Potentially Breaking Changes¶

The QL compiler now verifies that @security-severity query metadata is numeric. You can disable this verification by passing the --no-metadata-verification flag.

New Features¶

The database index-files and database trace-command CLI commands now support --threads and --ram options, which are passed to extractors as suggestions.
The database finalize CLI command now supports the --ram option, which controls memory usage for finalization.
The database create CLI command now supports the --ram option, which controls memory usage for database creation. - The generate query-help CLI command now support rendering query help in SARIF format.

© GitHub, Inc.
Terms
Privacy