Formed in 2009, the Archive Team (not to be confused with the archive.org Archive-It Team) is a rogue archivist collective dedicated to saving copies of rapidly dying or deleted websites for the sake of history and digital heritage. The group is 100% composed of volunteers and interested parties, and has expanded into a large amount of related projects for saving online and digital history.
Improvement
CodeQL 2.23.6 adds Swift 6.2.1 and new C# security queries
CodeQL is the static analysis engine behind GitHub code scanning, which finds and remediates security issues in your code. We’ve recently released CodeQL 2.23.6, which adds support for Swift 6.2.1, promotes two C# cookie security queries, and includes various accuracy improvements across languages.
Language and framework support
- Swift: CodeQL now supports analysis of apps built with Swift 6.2.1.
- Rust: We’ve added models for cookie methods in the
poemcrate.
Query changes
- C#:
- The
cs/web/cookie-secure-not-setandcs/web/cookie-httponly-not-setqueries have been promoted from experimental to the main query pack. These queries detect cookies created without proper security attributes. - We’ve improved the Guards library for recognizing disjunctions, resulting in improved precision for
cs/constant-condition,cs/inefficient-containskey, andcs/dereferenced-value-may-be-nullqueries.
- The
- Rust: We’ve added taint flow barriers to the
rust/regex-injection,rust/sql-injection, andrust/log-injectionqueries, reducing the frequency of false positive results. - Java/Kotlin: We’ve reduced the
security-severityscore ofjava/overly-large-rangeandjava/insecure-cookiefrom 5.0 to 4.0 to better reflect their impact. - JavaScript/TypeScript: We’ve increased the
security-severityscore ofjs/xss-through-domfrom 6.1 to 7.8 to align with other XSS queries, and reduced the score ofjs/overly-large-rangefrom 5.0 to 4.0. - Python: We’ve reduced the
security-severityscore ofpy/overly-large-rangefrom 5.0 to 4.0 to better reflect its impact. - Ruby: We’ve reduced the
security-severityscore ofrb/overly-large-rangefrom 5.0 to 4.0 to better reflect its impact.
For a full list of changes, please refer to the complete changelog for version 2.23.6. Every new version of CodeQL is automatically deployed to users of GitHub code scanning on github.com. The new functionality in CodeQL 2.23.6 will also be included in GitHub Enterprise Server (GHES) 3.20 release. If you use an older version of GHES, you can manually upgrade your CodeQL version.