v2.1.31

CodeQL Action Changelog

2.1.31 - 04 Nov 2022

• The rb/weak-cryptographic-algorithm Ruby query has been updated to no longer report uses of hash functions such as MD5 and SHA1 even if they are known to be weak. These hash algorithms are used very often in non-sensitive contexts, making the query too imprecise in practice. For more information, see the corresponding change in the github/codeql repository. #1344

See the full CHANGELOG.md for more information.

v1.1.31

CodeQL Action Changelog

1.1.31 - 04 Nov 2022

• The rb/weak-cryptographic-algorithm Ruby query has been updated to no longer report uses of hash functions such as MD5 and SHA1 even if they are known to be weak. These hash algorithms are used very often in non-sensitive contexts, making the query too imprecise in practice. For more information, see the corresponding change in the github/codeql repository. #1344

See the full CHANGELOG.md for more information.

v2.1.30

CodeQL Action Changelog

2.1.30 - 02 Nov 2022

• Improve the error message when using CodeQL bundle version 2.7.2 and earlier in a workflow that runs on a runner image such as ubuntu-22.04 that uses glibc version 2.34 and later. #1334

See the full CHANGELOG.md for more information.

v1.1.30

CodeQL Action Changelog

1.1.30 - 02 Nov 2022

• Improve the error message when using CodeQL bundle version 2.7.2 and earlier in a workflow that runs on a runner image such as ubuntu-22.04 that uses glibc version 2.34 and later. #1334

See the full CHANGELOG.md for more information.

v2.1.29

CodeQL Action Changelog

2.1.29 - 26 Oct 2022

• Update default CodeQL bundle version to 2.11.2. #1320

See the full CHANGELOG.md for more information.

v1.1.29

CodeQL Action Changelog

1.1.29 - 26 Oct 2022

• Update default CodeQL bundle version to 2.11.2. #1320

See the full CHANGELOG.md for more information.

v2.1.28

CodeQL Action Changelog

2.1.28 - 18 Oct 2022

• Update default CodeQL bundle version to 2.11.1. #1294
• Replace uses of GitHub Actions command set-output because it is now deprecated. See more information in the GitHub Changelog. #1301

See the full CHANGELOG.md for more information.

v1.1.28

CodeQL Action Changelog

1.1.28 - 18 Oct 2022

• Update default CodeQL bundle version to 2.11.1. #1294
• Replace uses of GitHub Actions command set-output because it is now deprecated. See more information in the GitHub Changelog. #1301

See the full CHANGELOG.md for more information.

CodeQL Bundle

Bundles CodeQL CLI v2.11.2

• (changelog, release)

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.11.2:

• codeql/cpp-queries (changelog, source)
• codeql/cpp-all (changelog, source)
• codeql/csharp-queries (changelog, source)
• codeql/csharp-all (changelog, source)
• codeql/go-queries (changelog, source)
• codeql/go-all (changelog, source)
• codeql/java-queries (changelog, source)
• codeql/java-all (changelog, source)
• codeql/javascript-queries (changelog, source)
• codeql/javascript-all (changelog, source)
• codeql/python-queries (changelog, source)
• codeql/python-all (changelog, source)
• codeql/ruby-queries (changelog, source)
• codeql/ruby-all (changelog, source)

v1.1.27

CodeQL Action Changelog

1.1.27 - 06 Oct 2022

• We are rolling out a feature of the CodeQL Action in October 2022 that changes the way that Go code is analyzed to be more consistent with other compiled languages like C/C++, C#, and Java. You do not need to alter your code scanning workflows. If you encounter any problems, please file an issue or open a private ticket with GitHub Support and request an escalation to engineering.

See the full CHANGELOG.md for more information.