CodeQL 2.25.4 has been released with several notable updates: Swift 6.3.1 support, expanded ASP.NET taint flow coverage and C# 14 compound assignment operator support, Vercel serverless function security analysis for JavaScript/TypeScript, and multiple Java/Kotlin query improvements that reduce false positives for path injection, sensitive logging, and trust boundary violations. A cross-language new feature allows adding data flow barriers via data extensions across C/C++, C#, Go, Java/Kotlin, JavaScript/TypeScript, Python, Ruby, and Rust, making it easier to suppress false positives in custom configurations without modifying queries directly.
Sort: