Back to updates

CodeQL - 1

2025 (12)

December (3)

github: CodeQL 2.23.7 and 2.23.8 add security queries for Go and Rust

GitHub

2025-12-18

GitHub released CodeQL versions 2.23.7 and 2.23.8, adding new security queries for Go and Rust. CodeQL is the static analysis engine used by GitHub Code Scanning and Code Quality to detect and help remediate code-quality and security issues.

github: More accurate Copilot Autofix usage metrics on security overview

GitHub

2025-12-16

GitHub updated the security overview dashboard to provide more accurate metrics for CodeQL alerts fixed using Copilot autofixes by refining how autofix usage is calculated, improving visibility into adoption and effectiveness without changing the fixes themselves.

github: CodeQL 2.23.6 adds Swift 6.2.1 and new C# security queries

GitHub

2025-12-04

CodeQL 2.23.6 has been released, adding support for Swift 6.2.1 and introducing new C# security queries. CodeQL is the static analysis engine behind GitHub code scanning, used to find and remediate security issues. The announcement appeared on The GitHub Blog.

November (1)

github: CodeQL 2.23.5 adds support for Swift 6.2, new Java queries, and improved analysis accuracy

GitHub

2025-11-19

GitHub released CodeQL 2.23.5, the static analysis engine used by GitHub code scanning. This update adds support for Swift 6.2, introduces three new Java security queries, and improves analysis accuracy.

October (5)

github: Upcoming deprecation of CodeQL Action v3

GitHub

2025-10-28

GitHub released CodeQL Action v4 on October 7, 2025; v4 runs on the Node.js 24 runtime. CodeQL Action v3 will be deprecated at the same time as GitHub Enterprise Server (GHES) 3.19.

github: New public preview features in Copilot code review: AI reviews that see the full picture

GitHub

2025-10-28

GitHub announced new public preview features for Copilot code review that combine LLM detections and tool-calling with deterministic analyzers (for example ESLint and CodeQL) to produce smarter, more comprehensive reviews and enable a smooth handoff to the Copilot coding agent.

github: CodeQL 2.23.3 adds a new Rust query, Rust support, and easier C/C++ scanning

GitHub

2025-10-23

CodeQL 2.23.3 is a maintenance release for GitHub's static analysis engine that adds a new Rust query, improves Rust support, and makes C/C++ scanning easier, helping GitHub code scanning find and remediate security issues more effectively.

github: CodeQL scanning Rust and C/C++ without builds is now generally available

GitHub

2025-10-14

GitHub announced that CodeQL now generally supports scanning Rust projects and scanning C/C++ projects without requiring builds. Both features have exited public preview and are available in GitHub code scanning.

github: CodeQL 2.23.2 adds additional detections for Rust, and improves accuracy across languages

GitHub

2025-10-09

CodeQL 2.23.2 is a maintenance release for the static analysis engine used by GitHub code scanning. The release adds additional Rust security detections and improves analysis accuracy across multiple languages.

September (3)

github: CodeQL 2.23.1 adds support for Java 25, TypeScript 5.9 and Swift 6.1.3

GitHub

2025-09-26

CodeQL 2.23.1 is a new release of GitHub's static analysis engine that adds language support for Java 25, TypeScript 5.9, and Swift 6.1.3 to improve code scanning and security analysis.

github: Incremental security analysis with CodeQL is now available for all languages

GitHub

2025-09-23

GitHub announced that CodeQL analysis on pull requests is now incremental for Go, C#, C/C++ and Swift, meaning all CodeQL-supported languages now use the new incremental analysis to provide faster security scans and feedback.

github: CodeQL 2.23.0 adds support for Rust log injection and other security detection improvements

GitHub

2025-09-10

CodeQL 2.23.0 is a new release of GitHub's static analysis engine used by code scanning. The release adds explicit support for detecting Rust log injection and includes other security detection improvements to help find and remediate vulnerabilities.