CodeQL documentation
CodeQL resources

CodeQL 2.22.3 (2025-08-06)ΒΆ

This is an overview of changes in the CodeQL CLI and relevant CodeQL query and library packs. For additional updates on changes to the CodeQL code scanning experience, check out the code scanning section on the GitHub blog, relevant GitHub Changelog updates, changes in the CodeQL extension for Visual Studio Code, and the CodeQL Action changelog.

Security CoverageΒΆ

CodeQL 2.22.3 runs a total of 476 security queries when configured with the Default suite (covering 169 CWE). The Extended suite enables an additional 130 queries (covering 32 more CWE). 2 security queries have been added with this release.

CodeQL CLIΒΆ

New FeaturesΒΆ

  • The codeql database cleanup command now takes the --cache-cleanup=overlay option, which trims the cache to just the data that will be useful when evaluating against an overlay.

Query PacksΒΆ

Minor Analysis ImprovementsΒΆ

C/C++ΒΆ

  • The β€œInitialization code not run” query (cpp/initialization-not-run) no longer reports an alert on static global variables that have no dereference.

RustΒΆ

  • Type inference now supports closures, calls to closures, and trait bounds using the FnOnce trait.

  • Type inference now supports trait objects, i.e., dyn Trait types.

  • Type inference now supports tuple types.

New QueriesΒΆ

RustΒΆ

  • Added a new query, rust/hard-coded-cryptographic-value, for detecting use of hardcoded keys, passwords, salts and initialization vectors.

Language LibrariesΒΆ

Minor Analysis ImprovementsΒΆ

C/C++ΒΆ

  • The cpp/overrun-write query now recognizes more bound checks and thus produces fewer false positives.

JavaScript/TypeScriptΒΆ

  • The regular expressions in SensitiveDataHeuristics.qll have been extended to find more instances of sensitive data such as secrets used in authentication, finance and health information, and device data. The heuristics have also been refined to find fewer false positive matches. This will improve results for queries related to sensitive information.

PythonΒΆ

  • The regular expressions in SensitiveDataHeuristics.qll have been extended to find more instances of sensitive data such as secrets used in authentication, finance and health information, and device data. The heuristics have also been refined to find fewer false positive matches. This will improve results for queries related to sensitive information.

RubyΒΆ

  • The regular expressions in SensitiveDataHeuristics.qll have been extended to find more instances of sensitive data such as secrets used in authentication, finance and health information, and device data. The heuristics have also been refined to find fewer false positive matches. This will improve results for queries related to sensitive information.

SwiftΒΆ

  • The regular expressions in SensitiveDataHeuristics.qll have been extended to find more instances of sensitive data such as secrets used in authentication, finance and health information, and device data. The heuristics have also been refined to find fewer false positive matches. This will improve results for queries related to sensitive information.

RustΒΆ

  • Removed deprecated dataflow extensible predicates sourceModelDeprecated, sinkModelDeprecated, and summaryModelDeprecated, along with their associated classes.

  • The regular expressions in SensitiveDataHeuristics.qll have been extended to find more instances of sensitive data such as secrets used in authentication, finance and health information, and device data. The heuristics have also been refined to find fewer false positive matches. This will improve results for queries related to sensitive information.

New FeaturesΒΆ

C/C++ΒΆ

  • Exposed various SSA-related classes (Definition, PhiNode, ExplicitDefinition, DirectExplicitDefinition, and IndirectExplicitDefinition) which were previously only usable inside the internal dataflow directory.

Java/KotlinΒΆ

  • Kotlin versions up to 2.2.2x are now supported.

  • Β© GitHub, Inc.
  • Terms
  • Privacy