CodeQL 2.25.5 has been released, featuring accuracy improvements in static analysis across languages and specifically enhancing query accuracy for GitHub Actions security scanning.
CodeQL is the static analysis engine powering GitHub's code scanning capabilities, used to find and remediate security issues. The newly released version, 2.25.5, introduces significant accuracy improvements for queries across languages such as C/C++, and specifically enhances the performance and relevance of scanning for GitHub Actions workflows.