Skip to content

Code scanning: support for additional libraries and frameworks improves CodeQL analysis

CodeQL now supports more libraries and frameworks for a variety of languages (C++, JavaScript, Python,Java, Go). The CodeQL engine can now detect more sources of untrusted user data, which improves the quality and depth of the code scanning alerts. The libraries and frameworks that have been added and improved are listed below.


JavaScript and TypeScript




Support for these libraries and frameworks has been deployed to These improvements will also be available in GitHub Enterprise Server 3.1, which is due to be released in Q2.
Learn more about CodeQL and code scanning.

GitHub Enterprise Cloud enterprise owners may verify domains across their enterprise account and restrict the sending of email notifications to addresses within those domains. This feature expands upon the existing organization verified domains functionality, allowing the email notification restrictions to apply to specific organizations or the entire enterprise.

Learn more about enterprise verified domains.

See more