Skip to content

v2.25.0

Latest
Latest

Choose a tag to compare

View all tags
@codeql-ci codeql-ci released this 19 Mar 12:16
Immutable release. Only release title and notes can be modified.
v2.25.0
249f3d5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Release 2.25.0 (2026-03-19)

Breaking Changes

  • codeql database interpret-results and codeql database analyze no longer attempt to reconstruct file baseline information from databases created with CLI versions before 2.11.2.

Bug Fixes

  • Upgraded Jackson library from 2.16.1 to 2.18.6 to address a high-severity denial of service vulnerability (GHSA-72hv-8253-57qq) in jackson-core's async JSON parser.
  • Upgraded snakeyaml (which is a dependency of jackson-dataformat-yaml) from 2.2 to 2.3.

Release 2.24.4 (2026-03-16)

This release was skipped.

For more information about the changes included in this release, see the CodeQL CLI changelog.

You can download either the codeql-PLATFORM.zip for your platform, or the generic codeql.zip which contains binaries for all supported platforms. Please ignore the additional "source code" downloads below the .zip artifacts.

This release is compatible with the CodeQL language packs from github/codeql@codeql-cli/v2.25.0.

Assets 10
Loading