CodeQL code scanning launches Ruby analysis support in GA

Last year, we launched Ruby analysis support in beta for GitHub code scanning. Today, we're announcing the general availability of this feature — covering even more vulnerabilities in Ruby code.

Ruby is part of the top 10 most popular languages on GitHub today. In the past year alone, code scanning (powered by the CodeQL engine) helped Ruby developers resolve more than 4,000 security issues. Set up code scanning on your repositories today and receive actionable security alerts right on your pull-requests.

Since shipping in beta, our Ruby analysis has more than doubled the number of common weaknesses (CWEs) that it can detect. A total of 30 rules check your code for a range of vulnerabilities, including cross-site scripting (XSS), regular expression denial-of-service (ReDoS), SQL injection, and more. Additional library and framework coverage for Ruby-on-Rails ensures that web service developers get even more precise results. We currently support all common Ruby versions, up to and including 3.1. Check out the documentation for more details on compatibility.

Ruby support is available by default in GitHub.com code scanning, the CodeQL CLI, and the CodeQL extension for VS Code. GitHub Enterprise Server (GHES) version 3.4 shipped with Ruby (beta) support, and GHES 3.8 will include this GA release.

Workflows using the ubuntu-latest runner label will soon run on Ubuntu-22.04.

Ubuntu 22.04 became generally available on GitHub-hosted runners in August 2022. Now Ubuntu-22.04 is ready to be the default version for the ubuntu-latest label in GitHub Actions workflows. This change will be rolled out over a period of 8 weeks beginning on October 1, 2022.

If you see any issues with your workflows when they are transitioned to Ubuntu-22.04:

  • File an issue in the runner-images repository
  • Switch back to Ubuntu 20.04 by specifying the ubuntu-20.04 runner label. We will continue to support Ubuntu 20.04.

Note that image software between Ubuntu-20.04 and Ubuntu-22.04 differs by the pre-installed and default versions versions of some tools. See the full list.

See more

GitHub Enterprise Server 3.7 is now generally available. This release continues our trend of bringing new features to GitHub Enterprise Server (GHES) in record numbers. Beyond the numbers, the features in GHES 3.7 not only enable developers to build world class software every day, but also provide administrators with the tools needed to reliably run GitHub at scale.

We're making more than 70 features available, including:

  • Reusable workflows and new support for Google Cloud Storage, making it easier to build with GitHub Actions at scale.
  • Security Overview dashboard to give all security teams a single view of code risk.
  • An improved management console to keep your instance more secure than ever with automated user onboarding and offboarding.
  • New forking and repository policies, so adopting innersource best practices is easier, all while balancing auditability and project maintenance in the long term.
  • Code scanning alerts are now more collaborative and part of the flow for GitHub Advanced Security customers.

To learn more about GitHub Enterprise Server 3.7, read the release notes, and download it now.

See more