Formed in 2009, the Archive Team (not to be confused with the archive.org Archive-It Team) is a rogue archivist collective dedicated to saving copies of rapidly dying or deleted websites for the sake of history and digital heritage. The group is 100% composed of volunteers and interested parties, and has expanded into a large amount of related projects for saving online and digital history.
CodeQL is the static analysis engine that powers GitHub code scanning. CodeQL version 2.17.1 has been released and has now been rolled out to code scanning users on GitHub.com.
CodeQL code scanning now supports automatic fix suggestions for C# alerts on pull requests, powered by Copilot. This is automatically enabled for all private repositories for all GitHub Advanced Security customers. For the first time, autofix covers nearly all security queries for a language, with 49 supported queries for C# from our Default and Extended suites. Use our public discussion for questions and feedback.
Also included in this release:
- Over 13,000 new models have been added to improve Java coverage. The models can results in alerts being both introduced as well as removed.
- Two new queries have been added for Ruby:
rb/insecure-mass-assignmentdetects instances of mass assignment operations accepting arbitrary parametersrb/csrf-protection-not-enableddetects cases where Cross-Site Request Forgery protection is not enabled in Ruby on Rails controllers- Results created using
PathGraphnow produce information about the models used for each flow step.
For a full list of changes, please refer to the complete changelog for version 2.17.1. All new functionality will also be included in GHES 3.13. Users of GHES 3.12 or older can upgrade their CodeQL version.