CodeQL is the static analysis engine behind GitHub code scanning, which identifies and remediates security issues in your code. We’ve recently released CodeQL 2.21.2, which now supports Swift 6.1.

With this release, projects built with Swift 6.1 can now be analyzed for security vulnerabilities.

The false positive rate for the query cs/web/missing-function-level-access-control has been reduced by improving the detection of authorization checks. Additionally, the true positive rate for the cs/invalid-string-formatting query has been increased by accounting for methods and additional overloads of existing format-like methods.

For a full list of changes, please refer to the complete changelog for version 2.21.2. Every new version of CodeQL is automatically deployed to users of GitHub code scanning on github.com. The new functionality in CodeQL 2.21.2 will also be included in GitHub Enterprise Server (GHES) 3.18 releases. If you’re using an older version of GHES, you can manually upgrade your CodeQL version.