CodeQL 2.25.5 (2026-05-21)¶

This is an overview of changes in the CodeQL CLI and relevant CodeQL query and library packs. For additional updates on changes to the CodeQL code scanning experience, check out the code scanning section on the GitHub blog, relevant GitHub Changelog updates, changes in the CodeQL extension for Visual Studio Code, and the CodeQL Action changelog.

Security Coverage¶

CodeQL 2.25.5 runs a total of 496 security queries when configured with the Default suite (covering 169 CWE). The Extended suite enables an additional 131 queries (covering 32 more CWE).

CodeQL CLI¶

There are no user-facing CLI changes in this release.

Query Packs¶

Bug Fixes¶

GitHub Actions¶

Fixed help file descriptions for queries: actions/untrusted-checkout/critical, actions/untrusted-checkout/high, actions/untrusted-checkout/medium. Previously the messages were unclear as to why and how the vulnerabilities could occur.

Minor Analysis Improvements¶

C/C++¶

The ‘Cleartext transmission of sensitive information’ query (cpp/cleartext-transmission) no longer raises an alert on calls to fscanf (and variants) when the call reads from an “obviously local” FILE stream such as stdin.

Java/Kotlin¶

The java/zipslip query no longer reports archive entry names that flow only to read-only path sinks such as ClassLoader.getResource, FileInputStream, and FileReader. The query now restricts its sinks to the path-injection kind and deliberately excludes the new path-injection[read] sub-kind, matching the Zip Slip threat model of unsafe archive extraction.

GitHub Actions¶

The actions/unpinned-tag query now analyzes composite action metadata (action.yml/action.yaml files) in addition to workflow files, providing more comprehensive detection of unpinned action references across the entire Actions ecosystem.

Query Metadata Changes¶

GitHub Actions¶

Adjusted the name of actions/untrusted-checkout/high to more clearly describe which parts of the scenario are in a privileged context.

Language Libraries¶

Minor Analysis Improvements¶

C/C++¶

The RemoteFlowSourceFunction model for fscanf (and variants) now implements hasSocketInput to reflect that these functions may read from a socket.

Java/Kotlin¶

Introduced a new sink kind path-injection[read] for Models-as-Data rows that only read from a path (such as ClassLoader.getResource, FileInputStream, FileReader, Files.readAllBytes, and related APIs). The general java/path-injection query continues to consider both path-injection and path-injection[read] sinks.

GitHub Actions¶

Altered 2 patterns in the poisonable_steps modelling. Extra sinks are detected in the following cases: scripts executed via python modules and go run in directories are detected as potential mechanisms of injection. For the go execution pattern, the pattern is updated to now ignore flags that occur between go and the specific command. This change may lead to more results being detected by the following queries: actions/untrusted-checkout/high, actions/untrusted-checkout/critical, actions/untrusted-checkout-toctou/high, actions/untrusted-checkout-toctou/critical, actions/cache-poisoning/poisonable-step, actions/cache-poisoning/direct-cache and actions/artifact-poisoning/path-traversal.

New Features¶

Swift¶

The TypeDecl class now defines a getDeclaredInterfaceType predicate, which yields the declared interface type of the type declaration.

© GitHub, Inc.
Terms
Privacy