Code scanning: support for additional libraries and frameworks improves CodeQL analysis

CodeQL now supports more libraries and frameworks for a variety of languages (C++, JavaScript, Python,Java, Go). The CodeQL engine can now detect more sources of untrusted user data, which improves the quality and depth of the code scanning alerts. The libraries and frameworks that have been added and improved are listed below.

C/C++

JavaScript and TypeScript

Python

Java

Go

Support for these libraries and frameworks has been deployed to GitHub.com. These improvements will also be available in GitHub Enterprise Server 3.1, which is due to be released in Q2.
Learn more about CodeQL and code scanning.