CodeQL 2.25.5 improves query accuracy for GitHub Actions - GitHub Changelog

CodeQL is the static analysis engine behind GitHub code scanning, which finds and remediates security issues in your code. We’ve recently released CodeQL 2.25.5, which includes accuracy improvements across C/C++,…

giovedì 28 maggio 2026 New tab

268 words~1 min read

Language and framework support

Java/Kotlin

We’ve introduced a new sink kind, path-injection[read], for Models-as-Data rows that only read from a path (such as ClassLoader.getResource, FileInputStream, and FileReader). This helps queries distinguish read-only path sinks from more dangerous ones.

GitHub Actions

CodeQL 2.25.5 improves query accuracy for GitHub Actions - GitHub Changelog

CodeQL 2.25.5 improves query accuracy for GitHub Actions - GitHub Changelog

Other newsrooms on this story

Related reading

GitHub Code Coverage in Pull Requests: What Developers Should Set Up Now

GitLab 19.0 targets the gap between writing code and shipping it

Code coverage on pull requests is now in public preview - GitHub Changelog

VS Code update brings agent overload, TypeScript 7 preview, and the end of…

Claude Code and GitLab: Three workflows that ship

GitHub previews Agentic Workflows as part of continuous AI concept

Other newsrooms on this story

Related reading

GitHub Code Coverage in Pull Requests: What Developers Should Set Up Now

GitLab 19.0 targets the gap between writing code and shipping it

Code coverage on pull requests is now in public preview - GitHub Changelog

VS Code update brings agent overload, TypeScript 7 preview, and the end of…

Claude Code and GitLab: Three workflows that ship

GitHub previews Agentic Workflows as part of continuous AI concept