CodeQL 2.4.1 (2020-12-19)¶
This is an overview of changes in the CodeQL CLI and relevant CodeQL query and library packs. For additional updates on changes to the CodeQL code scanning experience, check out the code scanning section on the GitHub blog, relevant GitHub Changelog updates, changes in the CodeQL extension for Visual Studio Code, and the CodeQL Action changelog.
Security Coverage¶
CodeQL 2.4.1 runs a total of 231 security queries when configured with the Default suite (covering 105 CWE). The Extended suite enables an additional 77 queries (covering 26 more CWE). 3 security queries have been added with this release.
CodeQL CLI¶
New Features¶
codeql query formatnow checks all files rather than stopping after the first failure when the--check-onlyoption is given.codeql resolve databasewill produce alanguageskey giving the language the database was created for. This can be useful in IDEs to help describe the database and suggest default actions or queries. For databases created by earlier versions, the result will be a best-effort guess.codeql database interpret-resultscan now produce Graphviz.dotfiles from queries with@kind graph.
Removed Features¶
codeql test runhad some special compatibility support for running unit tests for the “code duplication” extractor features of certain discontinued Semmle products. Those tests have since been removed from the public QL repository, so the compatibility support for them has been removed. This should not affect any external users (since the extractor feature in question was never supported bycodeql database createanyway), but if you runcodeql test runagainst the unit tests belonging to an old checkout of the repository, you may now see some failures amongMetricstests.