Try GitHub Copilot CLIAttend GitHub Universe
Back to changelog
Improvement

January 30, 20241 Minute Read

CodeQL 2.16.1: Swift 5.9.2 Support, New Queries, and Scanned-File Count Changes

CodeQL 2.16.1 is now available to users of GitHub code scanning on github.com, and all new functionality will also be included in GHES 3.13. Users of GHES 3.12 or older can upgrade their CodeQL version.

Important changes in this release include:

Swift 5.9.2 is now supported.

We added a new query for Swift, swift/weak-password-hashing, to detect the use of inappropriate hashing algorithms for password hashing and a new query for Java, java/exec-tainted-environment, to detect the injection of environment variables names or values from remote input.

We improved the tracking of flows from handler methods of a PageModel class to the corresponding Razor Page (.cshtml) file, which may result in additional alerts from some queries.

JavaScript now supports doT templates and Go added support for AWS Lambda functions and fasthttp framework.

In the previous version, 2.16.0, we announced that we will update the way we measure the number of scanned files in the Code Scanning UI. This change is now live for JavaScript/TypeScript, Python, Ruby, Swift, and C#.

For a full list of changes, please refer to the complete changelog for version 2.16.1.

Related Posts

Subscribe to our developer newsletter

Discover tips, technical guides, and best practices in our biweekly newsletter just for devs.

By submitting, I agree to let GitHub and its affiliates use my information for personalized communications, targeted advertising, and campaign effectiveness. See the GitHub Privacy Statement for more details.

CodeQL 2.16.1: Swift 5.9.2 Support, New Queries, and Scanned-File Count Changes - GitHub Changelog