CodeQL now supports more libraries and frameworks for a variety of languages (C++, JavaScript, Python,Java, Go). The CodeQL engine can now detect more sources of untrusted user data, which improves the quality and depth of the code scanning alerts. The libraries and frameworks that have been added and improved are listed below.


JavaScript and TypeScript




Support for these libraries and frameworks has been deployed to These improvements will also be available in GitHub Enterprise Server 3.1, which is due to be released in Q2.
Learn more about CodeQL and code scanning.