Skip to content

v2.14.0
Compare
Choose a tag to compare
@codeql-ci codeql-ci released this 13 Jul 16:44
· 68 commits to main since this release
v2.14.0
799e59b

Potentially breaking changes

  • The legacy option --search-path will now be used, if provided, when searching for the dependencies of packages that have no lock file.
  • CodeQL query packs that specify their dependencies using the legacy libraryPathDependencies property in qlpack.yml/codeql-pack.yml files are no longer permitted to contain a codeql-pack.lock.yml lock file.
  • CodeQL CLI commands that create packages or update package lock files, such as codeql pack publish and codeql pack create, will no longer work on query packs that specify their dependencies using the legacy libraryPathDependencies property. To fix this error, convert libraryPathDependencies to dependencies.

Deprecations

  • Missing override annotations on class member predicates now raise errors rather than warnings. This is to avoid confusion with the shadowing behaviour in the presence of final member predicates.

Improvements

  • Unqualified imports can now be marked as deprecated to indicate that the import may be removed in the future. Usage of names only reachable through deprecated imports will generate deprecation warnings.
  • Classes declared inside a parameterized modules can final extend parameters of the module as well as types that are declared outside the parameterized module.
  • Fields are fully functional when extending types from within a module instantiation.
  • Files with a .yaml extension will now be included in compiled CodeQL packs. Previously, files with this extension were excluded even though .yml files were included.
  • When interpreting results (e.g., using bqrs interpret or database interpret-results), extra placeholders in alert messages are treated as normal text. Previously, results with more placeholders than placeholder values were skipped.
  • Windows users of the CodeQL extension for VS Code will see faster start times.
  • In VS Code, errors in the current file are rechecked when dependencies change.
  • In VS Code, autocomplete in large QL files is now faster.
  • Member predicates can shadow final member predicates of the same arity even when the signatures are not fully matching.

Bugs fixed

  • Fixed super calls on final base classes (or final aliases) so that they are now dispatched the same way as super calls on instanceof supertypes.
  • Fixed a bug where running codeql database finalize with a large number of threads would fail due to running out of file descriptors.
  • Fixed a bug where codeql database create --overwrite would not work with database clusters.
  • Fixed a bug where the CodeQL documentation coverage statistics were incorrect.
  • Fixed a bug where the generated CodeQL libarary documentation could generate invalid uris on windows.

For more information about the changes included in this release, see the CodeQL CLI changelog.

You can download either the codeql-PLATFORM.zip for your platform, or the generic codeql.zip which contains binaries for all supported platforms. Please ignore the additional "source code" downloads below the .zip artifacts.

This release is compatible with the CodeQL language packs from github/codeql@codeql-cli/v2.14.0.

Assets 6
Loading