CodeQL 2.5.7 (2021-07-02)¶
This is an overview of changes in the CodeQL CLI and relevant CodeQL query and library packs. For additional updates on changes to the CodeQL code scanning experience, check out the code scanning section on the GitHub blog, relevant GitHub Changelog updates, changes in the CodeQL extension for Visual Studio Code, and the CodeQL Action changelog.
Security Coverage¶
CodeQL 2.5.7 runs a total of 268 security queries when configured with the Default suite (covering 114 CWE). The Extended suite enables an additional 56 queries (covering 28 more CWE). 1 security query has been added with this release.
CodeQL CLI¶
New Features¶
codeql database create
andcodeql database init
can now automatically recognise the languages present in checkouts of GitHub repositories by making an API call to the GitHub server. This requires a PAT token to either be set in theGITHUB_TOKEN
environment variable, or passed by stdin with the--github-auth-stdin
argument.- Operations that make outgoing HTTP calls (that is,
codeql github upload-results
and the language-detection feature described above) now support the use of HTTP proxies. To use a proxy, specify an$https_proxy
environment variable for HTTPS requests or a$http_proxy
environment variable for HTTP requests. If the$no_proxy
variable is also set, these variables will be ignored and requests will be made without a proxy.
QL Language¶
- The QL language now has a new method
toUnicode
on theint
type. This method converts Unicode codepoint to a one-character string. For example,65.toUnicode() = "A"
,128512.toUnicode()
results in a smiley, andany(int i | i.toUnicode() = "A") = 65
.