v2.12.6
Known issues
-
We recommend that customers using the CodeQL CLI in a third party CI system do not upgrade to this release, due to an issue with
codeql github upload-results
. Instead, please use CodeQL 2.12.5, or, when available, CodeQL 2.12.7 or 2.13.1.This issue occurs when uploading certain kinds of diagnostic information and causes the subcommand to fail with "A fatal error occurred: Invalid SARIF.", reporting an
InvalidDefinitionException
.Customers who wish to use CodeQL 2.12.6 or 2.13.0 can work around the problem by passing
--no-sarif-include-diagnostics
to any invocations ofcodeql database analyze
orcodeql database interpret-results
.
New features
- Several experimental subcommands have been added in support of the new code scanning tool status page. These include
codeql database add-diagnostic
,codeql database export-diagnostics
, and thecodeql diagnostic add
andcodeql diagnostic export
plumbing subcommands.
Bugs fixed
- Fixed a bug in
codeql database analyze
and related commands where the--max-paths
option was not respected correctly when multiple alerts with the same primary code location were grouped together.
For more information about the changes included in this release, see the CodeQL CLI changelog.
You can download either the codeql-PLATFORM.zip
for your platform, or the generic codeql.zip
which contains binaries for all supported platforms. Please ignore the additional "source code" downloads below the .zip
artifacts.
This release is compatible with the CodeQL language packs from github/codeql@codeql-cli/v2.12.6
.