Skip to content

Upgrade CodeQL CLI dependency to v2.23.0 #228

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Sep 17, 2025
Merged

Upgrade CodeQL CLI dependency to v2.23.0 #228

merged 4 commits into from
Sep 17, 2025

Conversation

github-actions[bot]
Copy link

@github-actions github-actions bot commented Sep 5, 2025

This PR upgrades the CodeQL CLI version to v2.23.0.

Changes made:

  • Updated CodeQLCLI to 2.23.0
  • Updated CodeQLStandardLibrary to codeql-cli/v2.23.0
  • Updated CodeQLCLIBundle to codeql-bundle-v2.23.0
  • Upgraded all CodeQL pack lock files using codeql pack upgrade

@github-actions github-actions bot force-pushed the codeql/upgrade-to-v2.23.0 branch from 90b4707 to 9285ed3 Compare September 9, 2025 00:49
jeongsoolee09
jeongsoolee09 previously approved these changes Sep 15, 2025
View reviewed changes
Copy link
Contributor

@jeongsoolee09 jeongsoolee09 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jeongsoolee09 jeongsoolee09 dismissed their stale review September 15, 2025 14:41

Manual trigger of check failed.

@jeongsoolee09
Update expected results
56909a9 
The latest changes in CodeQL for JavaScript apparently improve on
the reported alert location.
@jeongsoolee09
Copy link
Contributor

There apparently was an improvement in CodeQL (could be only for JavaScript though) on the ending location of data flow nodes. For example, the x as in const x = y at line 1 was previously file://somefile.js:1:6:1:11 (which is wrong) but is now computed correctly as file://somefile.js:1:6:1:8.

Inspected and updated all changes.

@github-actions github-actions bot force-pushed the codeql/upgrade-to-v2.23.0 branch from 56909a9 to 5c25e78 Compare September 17, 2025 00:49
@jeongsoolee09
Merge branch 'codeql/upgrade-to-v2.23.0' of github.com:advanced-secur…
fbffb69 
…ity/codeql-sap-js into codeql/upgrade-to-v2.23.0
knewbury01
knewbury01 approved these changes Sep 17, 2025
View reviewed changes
Copy link
Contributor

@knewbury01 knewbury01 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm also! It is clear that the expected file changes are as @jeongsoolee09 documented and these are expected!

@jeongsoolee09 jeongsoolee09 merged commit 03a3884 into main Sep 17, 2025
10 of 13 checks passed
@jeongsoolee09 jeongsoolee09 deleted the codeql/upgrade-to-v2.23.0 branch September 17, 2025 16:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@knewbury01 knewbury01 knewbury01 approved these changes

@jeongsoolee09 jeongsoolee09 jeongsoolee09 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jeongsoolee09 @knewbury01 @lcartey