Skip to content

v2.6.2

Choose a tag to compare

View all tags
@codeql-ci codeql-ci released this 21 Sep 16:53
· 158 commits to main since this release
v2.6.2
d7b08e6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

  • CodeQL CLI 2.6.2 includes the same functionality as the CodeQL runner, which is being deprecated. For more information, see: CodeQL runner deprecation.

  • The bundled extractors are updated to match the versions currently used on LGTM.com. These are newer than the last release (1.27) of LGTM Enterprise. If you plan to upload databases to an LGTM Enterprise 1.27 instance, you need to create them with release 2.4.6.

Bugs fixed

  • A bug where codeql generate log-summary would sometimes crash with a JsonMappingException has been fixed.

New features

  • The CodeQL CLI now counts the lines of code found under --source-root when codeql database init or codeql database create is called. This information can be viewed later by either the new codeql database print-baseline command or the new --print-baseline-loc argument to codeql database interpret-results.
  • qlpack.yml files now support an additional field include in which glob patterns of additional files that should be included (or excluded) when creating a given CodeQL pack can be specified.
  • QL packs created by the experimental codeql pack create command will now include some information about the build in a new buildMetadata field of their qlpack.yml file.
  • codeql database create now supports the same flags as codeql database init for automatically recognizing the languages present in checkouts of GitHub repositories:
    • --github-url accepts the URL of a custom GitHub instance (previously only github.com was supported).
    • --github-auth-stdin allows a personal access token to be provided through standard input (previously only the GITHUB_TOKEN environment variable was supported).

Notable documentation changes

  • Documentation has been added detailing how to use the "indirect build tracing" feature, which is enabled by using the --begin-tracing flag provided by codeql database init. The new documentation can be found here. This feature was temporarily described as "sandwiched tracing" in the 2.6.0 release notes.

For more information about the changes included in this release, see the CodeQL CLI changelog.

You can download either the codeql-PLATFORM.zip for your platform, or the generic codeql.zip which contains binaries for all supported platforms. Please ignore the additional "source code" downloads below the .zip artifacts.

Assets 6
Loading