Skip to content

Upgrade CodeQL CLI dependency to v2.25.5#283

Merged
data-douser merged 2 commits into
mainfrom
codeql/upgrade-to-v2.25.5
May 25, 2026
Merged

Upgrade CodeQL CLI dependency to v2.25.5#283
data-douser merged 2 commits into
mainfrom
codeql/upgrade-to-v2.25.5

Conversation

@github-actions

@github-actions github-actions Bot commented May 22, 2026

Copy link
Copy Markdown
Contributor

This PR upgrades the CodeQL CLI version to v2.25.5.

Changes made:

  • Updated .codeql-version to v2.25.5
  • Updated all version-bearing files (package.json, extensions/vscode/package.json, codeql-pack.yml) to 2.25.5
  • Regenerated package-lock.json
  • Upgraded CodeQL pack lock files
  • Build and tests passed ✅

@github-actions github-actions Bot requested review from a team, data-douser and enyil as code owners May 22, 2026 14:57
@data-douser data-douser reopened this May 22, 2026
@github-actions

github-actions Bot commented May 22, 2026
edited
Loading

Copy link
Copy Markdown
Contributor Author

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 2 package(s) with unknown licenses.
See the Details below.

License Issues

package-lock.json

PackageVersionLicenseIssue Type
extensions/vscode2.25.5NullUnknown License
server2.25.5NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
npm/extensions/vscode 2.25.5 UnknownUnknown
npm/server 2.25.5 UnknownUnknown

Scanned Files

  • package-lock.json

@data-douser
Update PrintCFG expected baselines for CodeQL CLI v2.25.5
f8d3ab2 
The CodeQL CLI v2.25.5 CFG model introduces new
`After <constant> [match]` / `After <constant> [no-match]` nodes for
switch case constants, shifting the edges between `case ...`, the case
constant, and the surrounding `After case ...` nodes.

Accepts the new baselines for the affected tests:
  - server/ql/csharp/tools/test/PrintCFG/PrintCFG.expected
  - server/ql/java/tools/test/PrintCFG/PrintCFG.expected

No query logic changes; updates reflect upstream extractor/CFG changes
only. Verified locally via `codeql test run` against v2.25.5.
@data-douser data-douser merged commit d53a392 into main May 25, 2026
31 checks passed
@data-douser data-douser deleted the codeql/upgrade-to-v2.25.5 branch May 25, 2026 23:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@data-douser data-douser data-douser approved these changes

@enyil enyil Awaiting requested review from enyil enyil is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@data-douser