CodeQL documentation
CodeQL resources

CodeQL 2.23.8 (2025-12-10)

This is an overview of changes in the CodeQL CLI and relevant CodeQL query and library packs. For additional updates on changes to the CodeQL code scanning experience, check out the code scanning section on the GitHub blog, relevant GitHub Changelog updates, changes in the CodeQL extension for Visual Studio Code, and the CodeQL Action changelog.

Security Coverage

CodeQL 2.23.8 runs a total of 491 security queries when configured with the Default suite (covering 166 CWE). The Extended suite enables an additional 135 queries (covering 35 more CWE).

CodeQL CLI

There are no user-facing CLI changes in this release.

Query Packs

Minor Analysis Improvements

Java/Kotlin

  • Java analysis no longer forces --source and --target compiler flags for Maven builds. This allows Maven to use the project’s own compiler configuration, improving build compatibility.

  • © GitHub, Inc.
  • Terms
  • Privacy