From d7e5c484437725a3be6ac185a01f347c3f14c0f2 Mon Sep 17 00:00:00 2001
From: docs-bot <77750099+docs-bot@users.noreply.github.com>
Date: Thu, 25 Jul 2024 08:53:12 -0700
Subject: [PATCH 01/11] Update CodeQL CLI manual (#51743)

---
 .../codeql-cli/codeql-cli-manual/bqrs-interpret.md         | 7 +++++++
 .../codeql-cli/codeql-cli-manual/database-analyze.md       | 7 +++++++
 .../codeql-cli-manual/database-interpret-results.md        | 7 +++++++
 3 files changed, 21 insertions(+)

diff --git a/content/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret.md b/content/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret.md
index 0c93135268f2..68de0062e9cf 100644
--- a/content/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/bqrs-interpret.md
@@ -121,6 +121,13 @@ This option has no effect when passed to [codeql bqrs interpret](/code-security/
 
 Available since `v2.15.2`.
 
+#### `--no-sarif-include-alert-provenance`
+
+\[Advanced] \[SARIF formats only] Do not include alert provenance
+information in the SARIF output.
+
+Available since `v2.18.1`.
+
 #### `--[no-]sarif-group-rules-by-pack`
 
 \[SARIF formats only] Place the rule object for each query under its
diff --git a/content/code-security/codeql-cli/codeql-cli-manual/database-analyze.md b/content/code-security/codeql-cli/codeql-cli-manual/database-analyze.md
index 9745238f102e..41983a12459f 100644
--- a/content/code-security/codeql-cli/codeql-cli-manual/database-analyze.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/database-analyze.md
@@ -167,6 +167,13 @@ This option has no effect when passed to [codeql bqrs interpret](/code-security/
 
 Available since `v2.15.2`.
 
+#### `--no-sarif-include-alert-provenance`
+
+\[Advanced] \[SARIF formats only] Do not include alert provenance
+information in the SARIF output.
+
+Available since `v2.18.1`.
+
 #### `--[no-]sarif-group-rules-by-pack`
 
 \[SARIF formats only] Place the rule object for each query under its
diff --git a/content/code-security/codeql-cli/codeql-cli-manual/database-interpret-results.md b/content/code-security/codeql-cli/codeql-cli-manual/database-interpret-results.md
index 7779015b9a99..7375039caae3 100644
--- a/content/code-security/codeql-cli/codeql-cli-manual/database-interpret-results.md
+++ b/content/code-security/codeql-cli/codeql-cli-manual/database-interpret-results.md
@@ -129,6 +129,13 @@ This option has no effect when passed to [codeql bqrs interpret](/code-security/
 
 Available since `v2.15.2`.
 
+#### `--no-sarif-include-alert-provenance`
+
+\[Advanced] \[SARIF formats only] Do not include alert provenance
+information in the SARIF output.
+
+Available since `v2.18.1`.
+
 #### `--[no-]sarif-group-rules-by-pack`
 
 \[SARIF formats only] Place the rule object for each query under its

From 1086f7241666e9e0b84f4f83c6f12579a1bccba1 Mon Sep 17 00:00:00 2001
From: docs-bot <77750099+docs-bot@users.noreply.github.com>
Date: Thu, 25 Jul 2024 08:53:19 -0700
Subject: [PATCH 02/11] Update CodeQL query tables (#51744)

---
 .../code-scanning/codeql-query-tables/cpp.md  |  4 +-
 .../codeql-query-tables/javascript.md         |  2 +
 .../codeql-query-tables/swift.md              | 58 +++++++++----------
 3 files changed, 33 insertions(+), 31 deletions(-)

diff --git a/data/reusables/code-scanning/codeql-query-tables/cpp.md b/data/reusables/code-scanning/codeql-query-tables/cpp.md
index bc664bbbb4b2..5107f1c5cc56 100644
--- a/data/reusables/code-scanning/codeql-query-tables/cpp.md
+++ b/data/reusables/code-scanning/codeql-query-tables/cpp.md
@@ -18,6 +18,7 @@
 | [Failure to use HTTPS URLs](https://codeql.github.com/codeql-query-help/cpp/cpp-non-https-url/) | 319, 345 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [File opened with O_CREAT flag but without mode argument](https://codeql.github.com/codeql-query-help/cpp/cpp-open-call-with-mode-argument/) | 732 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Incorrect return-value check for a 'scanf'-like function](https://codeql.github.com/codeql-query-help/cpp/cpp-incorrectly-checked-scanf/) | 253 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Iterator to expired container](https://codeql.github.com/codeql-query-help/cpp/cpp-iterator-to-expired-container/) | 416, 664 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Likely overrunning write](https://codeql.github.com/codeql-query-help/cpp/cpp-very-likely-overrunning-write/) | 120, 787, 805 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Mismatching new/free or malloc/delete](https://codeql.github.com/codeql-query-help/cpp/cpp-new-free-mismatch/) | 401 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Multiplication result converted to larger type](https://codeql.github.com/codeql-query-help/cpp/cpp-integer-multiplication-cast-to-long/) | 190, 192, 197, 681 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
@@ -26,6 +27,7 @@
 | [Potential double free](https://codeql.github.com/codeql-query-help/cpp/cpp-double-free/) | 415 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Potential use after free](https://codeql.github.com/codeql-query-help/cpp/cpp-use-after-free/) | 416 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Potentially overflowing call to snprintf](https://codeql.github.com/codeql-query-help/cpp/cpp-overflowing-snprintf/) | 190, 253 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Potentially unsafe call to strncat](https://codeql.github.com/codeql-query-help/cpp/cpp-unsafe-strncat/) | 788, 676, 119, 251 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Redundant null check due to previous dereference](https://codeql.github.com/codeql-query-help/cpp/cpp-redundant-null-check-simple/) | 476 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Returning stack-allocated memory](https://codeql.github.com/codeql-query-help/cpp/cpp-return-stack-allocated-memory/) | 825 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Setting a DACL to NULL in a SECURITY_DESCRIPTOR](https://codeql.github.com/codeql-query-help/cpp/cpp-unsafe-dacl-security-descriptor/) | 732 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
@@ -62,7 +64,6 @@
 | [Incorrect 'not' operator usage](https://codeql.github.com/codeql-query-help/cpp/cpp-incorrect-not-operator-usage/) | 480 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Incorrect allocation-error handling](https://codeql.github.com/codeql-query-help/cpp/cpp-incorrect-allocation-error-handling/) | 570, 252, 755 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Invalid pointer dereference](https://codeql.github.com/codeql-query-help/cpp/cpp-invalid-pointer-deref/) | 119, 125, 193, 787 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Iterator to expired container](https://codeql.github.com/codeql-query-help/cpp/cpp-iterator-to-expired-container/) | 416, 664 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Missing return-value check for a 'scanf'-like function](https://codeql.github.com/codeql-query-help/cpp/cpp-missing-check-scanf/) | 252, 253 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Non-constant format string](https://codeql.github.com/codeql-query-help/cpp/cpp-non-constant-format/) | 134 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Not enough memory allocated for array of pointer type](https://codeql.github.com/codeql-query-help/cpp/cpp-suspicious-allocation-size/) | 131, 122 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
@@ -75,7 +76,6 @@
 | [Potentially overrunning write](https://codeql.github.com/codeql-query-help/cpp/cpp-overrunning-write/) | 120, 787, 805 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Potentially overrunning write with float to string conversion](https://codeql.github.com/codeql-query-help/cpp/cpp-overrunning-write-with-float/) | 120, 787, 805 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Potentially uninitialized local variable](https://codeql.github.com/codeql-query-help/cpp/cpp-uninitialized-local/) | 665, 457 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Potentially unsafe call to strncat](https://codeql.github.com/codeql-query-help/cpp/cpp-unsafe-strncat/) | 788, 676, 119, 251 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Potentially unsafe use of strcat](https://codeql.github.com/codeql-query-help/cpp/cpp-unsafe-strcat/) | 676, 120, 251 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Suspicious 'sizeof' use](https://codeql.github.com/codeql-query-help/cpp/cpp-suspicious-sizeof/) | 467 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Suspicious pointer scaling](https://codeql.github.com/codeql-query-help/cpp/cpp-suspicious-pointer-scaling/) | 468 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
diff --git a/data/reusables/code-scanning/codeql-query-tables/javascript.md b/data/reusables/code-scanning/codeql-query-tables/javascript.md
index 2684745bdc12..75229473e6dc 100644
--- a/data/reusables/code-scanning/codeql-query-tables/javascript.md
+++ b/data/reusables/code-scanning/codeql-query-tables/javascript.md
@@ -41,6 +41,7 @@
 | [Incorrect suffix check](https://codeql.github.com/codeql-query-help/javascript/js-incorrect-suffix-check/) | 020 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Inefficient regular expression](https://codeql.github.com/codeql-query-help/javascript/js-redos/) | 1333, 730, 400 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Information exposure through a stack trace](https://codeql.github.com/codeql-query-help/javascript/js-stack-trace-exposure/) | 209, 497 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Insecure configuration of Helmet security middleware](https://codeql.github.com/codeql-query-help/javascript/js-insecure-helmet-configuration/) | 693, 1021 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Insecure randomness](https://codeql.github.com/codeql-query-help/javascript/js-insecure-randomness/) | 338 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Insecure URL whitelist](https://codeql.github.com/codeql-query-help/javascript/js-angular-insecure-url-whitelist/) | 183, 625 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [JWT missing secret or public key verification](https://codeql.github.com/codeql-query-help/javascript/js-jwt-missing-verification/) | 347 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
@@ -76,6 +77,7 @@
 | [Unsafe HTML constructed from library input](https://codeql.github.com/codeql-query-help/javascript/js-html-constructed-from-input/) | 079, 116 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Unsafe jQuery plugin](https://codeql.github.com/codeql-query-help/javascript/js-unsafe-jquery-plugin/) | 079, 116 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Unsafe shell command constructed from library input](https://codeql.github.com/codeql-query-help/javascript/js-shell-command-constructed-from-input/) | 078, 088 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Untrusted domain used in script or other content](https://codeql.github.com/codeql-query-help/javascript/js-functionality-from-untrusted-domain/) | 830 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
 | [Unvalidated dynamic method call](https://codeql.github.com/codeql-query-help/javascript/js-unvalidated-dynamic-method-call/) | 754 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Use of a broken or weak cryptographic algorithm](https://codeql.github.com/codeql-query-help/javascript/js-weak-cryptographic-algorithm/) | 327, 328 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 | [Use of a weak cryptographic key](https://codeql.github.com/codeql-query-help/javascript/js-insufficient-key-size/) | 326 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
diff --git a/data/reusables/code-scanning/codeql-query-tables/swift.md b/data/reusables/code-scanning/codeql-query-tables/swift.md
index cce0f99a6bac..0cfd21ca742f 100644
--- a/data/reusables/code-scanning/codeql-query-tables/swift.md
+++ b/data/reusables/code-scanning/codeql-query-tables/swift.md
@@ -1,33 +1,33 @@
 {% rowheaders %}
 
-| Query name | Related CWEs | Default | Extended |
-| --- | --- | --- | --- |
-| [Bad HTML filtering regexp](https://codeql.github.com/codeql-query-help/swift/swift-bad-tag-filter/) | 116, 020, 185, 186 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Cleartext logging of sensitive information](https://codeql.github.com/codeql-query-help/swift/swift-cleartext-logging/) | 312, 359, 532 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Cleartext storage of sensitive information in a local database](https://codeql.github.com/codeql-query-help/swift/swift-cleartext-storage-database/) | 312 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Cleartext storage of sensitive information in an application preference store](https://codeql.github.com/codeql-query-help/swift/swift-cleartext-storage-preferences/) | 312 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Cleartext transmission of sensitive information](https://codeql.github.com/codeql-query-help/swift/swift-cleartext-transmission/) | 319 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Constant password](https://codeql.github.com/codeql-query-help/swift/swift-constant-password/) | 259 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Database query built from user-controlled sources](https://codeql.github.com/codeql-query-help/swift/swift-sql-injection/) | 089 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Encryption using ECB](https://codeql.github.com/codeql-query-help/swift/swift-ecb-encryption/) | 327 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Hard-coded encryption key](https://codeql.github.com/codeql-query-help/swift/swift-hardcoded-key/) | 321 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Incomplete regular expression for hostnames](https://codeql.github.com/codeql-query-help/swift/swift-incomplete-hostname-regexp/) | 020 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Inefficient regular expression](https://codeql.github.com/codeql-query-help/swift/swift-redos/) | 1333, 730, 400 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Insecure TLS configuration](https://codeql.github.com/codeql-query-help/swift/swift-insecure-tls/) | 757 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Insufficient hash iterations](https://codeql.github.com/codeql-query-help/swift/swift-insufficient-hash-iterations/) | 916 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Missing regular expression anchor](https://codeql.github.com/codeql-query-help/swift/swift-missing-regexp-anchor/) | 020 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Predicate built from user-controlled sources](https://codeql.github.com/codeql-query-help/swift/swift-predicate-injection/) | 943 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Regular expression injection](https://codeql.github.com/codeql-query-help/swift/swift-regex-injection/) | 730, 400 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Resolving XML external entity in user-controlled data](https://codeql.github.com/codeql-query-help/swift/swift-xxe/) | 611, 776, 827 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Static initialization vector for encryption](https://codeql.github.com/codeql-query-help/swift/swift-static-initialization-vector/) | 329, 1204 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [String length conflation](https://codeql.github.com/codeql-query-help/swift/swift-string-length-conflation/) | 135 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [System command built from user-controlled sources](https://codeql.github.com/codeql-query-help/swift/swift-command-line-injection/) | 078, 088 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Uncontrolled data used in path expression](https://codeql.github.com/codeql-query-help/swift/swift-path-injection/) | 022, 023, 036, 073, 099 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Uncontrolled format string](https://codeql.github.com/codeql-query-help/swift/swift-uncontrolled-format-string/) | 134 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Unsafe WebView fetch](https://codeql.github.com/codeql-query-help/swift/swift-unsafe-webview-fetch/) | 079, 095, 749 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Use of a broken or weak cryptographic hashing algorithm on sensitive data](https://codeql.github.com/codeql-query-help/swift/swift-weak-sensitive-data-hashing/) | 327, 328 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Use of an inappropriate cryptographic hashing algorithm on passwords](https://codeql.github.com/codeql-query-help/swift/swift-weak-password-hashing/) | 327, 328, 916 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [Use of constant salts](https://codeql.github.com/codeql-query-help/swift/swift-constant-salt/) | 760 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
-| [JavaScript Injection](https://codeql.github.com/codeql-query-help/swift/swift-unsafe-js-eval/) | 094, 095, 749 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} |
+| Query name | Related CWEs | Default | Extended | Autofix |
+| --- | --- | --- | --- | --- |
+| [Bad HTML filtering regexp](https://codeql.github.com/codeql-query-help/swift/swift-bad-tag-filter/) | 116, 020, 185, 186 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Cleartext logging of sensitive information](https://codeql.github.com/codeql-query-help/swift/swift-cleartext-logging/) | 312, 359, 532 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Cleartext storage of sensitive information in a local database](https://codeql.github.com/codeql-query-help/swift/swift-cleartext-storage-database/) | 312 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Cleartext storage of sensitive information in an application preference store](https://codeql.github.com/codeql-query-help/swift/swift-cleartext-storage-preferences/) | 312 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Cleartext transmission of sensitive information](https://codeql.github.com/codeql-query-help/swift/swift-cleartext-transmission/) | 319 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
+| [Constant password](https://codeql.github.com/codeql-query-help/swift/swift-constant-password/) | 259 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Database query built from user-controlled sources](https://codeql.github.com/codeql-query-help/swift/swift-sql-injection/) | 089 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
+| [Encryption using ECB](https://codeql.github.com/codeql-query-help/swift/swift-ecb-encryption/) | 327 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Hard-coded encryption key](https://codeql.github.com/codeql-query-help/swift/swift-hardcoded-key/) | 321 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Incomplete regular expression for hostnames](https://codeql.github.com/codeql-query-help/swift/swift-incomplete-hostname-regexp/) | 020 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Inefficient regular expression](https://codeql.github.com/codeql-query-help/swift/swift-redos/) | 1333, 730, 400 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "x" aria-label="Not included" %} |
+| [Insecure TLS configuration](https://codeql.github.com/codeql-query-help/swift/swift-insecure-tls/) | 757 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Insufficient hash iterations](https://codeql.github.com/codeql-query-help/swift/swift-insufficient-hash-iterations/) | 916 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Missing regular expression anchor](https://codeql.github.com/codeql-query-help/swift/swift-missing-regexp-anchor/) | 020 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Predicate built from user-controlled sources](https://codeql.github.com/codeql-query-help/swift/swift-predicate-injection/) | 943 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Regular expression injection](https://codeql.github.com/codeql-query-help/swift/swift-regex-injection/) | 730, 400 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Resolving XML external entity in user-controlled data](https://codeql.github.com/codeql-query-help/swift/swift-xxe/) | 611, 776, 827 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Static initialization vector for encryption](https://codeql.github.com/codeql-query-help/swift/swift-static-initialization-vector/) | 329, 1204 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [String length conflation](https://codeql.github.com/codeql-query-help/swift/swift-string-length-conflation/) | 135 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [System command built from user-controlled sources](https://codeql.github.com/codeql-query-help/swift/swift-command-line-injection/) | 078, 088 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Uncontrolled data used in path expression](https://codeql.github.com/codeql-query-help/swift/swift-path-injection/) | 022, 023, 036, 073, 099 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Uncontrolled format string](https://codeql.github.com/codeql-query-help/swift/swift-uncontrolled-format-string/) | 134 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Unsafe WebView fetch](https://codeql.github.com/codeql-query-help/swift/swift-unsafe-webview-fetch/) | 079, 095, 749 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Use of a broken or weak cryptographic hashing algorithm on sensitive data](https://codeql.github.com/codeql-query-help/swift/swift-weak-sensitive-data-hashing/) | 327, 328 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Use of an inappropriate cryptographic hashing algorithm on passwords](https://codeql.github.com/codeql-query-help/swift/swift-weak-password-hashing/) | 327, 328, 916 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [Use of constant salts](https://codeql.github.com/codeql-query-help/swift/swift-constant-salt/) | 760 | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
+| [JavaScript Injection](https://codeql.github.com/codeql-query-help/swift/swift-unsafe-js-eval/) | 094, 095, 749 | {% octicon "x" aria-label="Not included" %} | {% octicon "check" aria-label="Included" %} | {% octicon "check" aria-label="Included" %} |
 
 {% endrowheaders %}

From 7859093edd0fe63d3f993177af09f18674a1f471 Mon Sep 17 00:00:00 2001
From: Ashish Keshan <ashkeshan@gmail.com>
Date: Thu, 25 Jul 2024 09:34:22 -0700
Subject: [PATCH 03/11] Bump liquidjs to 10.16.1 (#51788)

---
 package-lock.json | 8 ++++----
 package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index aa7ee834e831..1b2008de2659 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -57,7 +57,7 @@
         "javascript-stringify": "^2.1.0",
         "js-cookie": "^3.0.1",
         "js-yaml": "^4.1.0",
-        "liquidjs": "^10.14.0",
+        "liquidjs": "^10.16.1",
         "lodash": "^4.17.21",
         "lodash-es": "^4.17.21",
         "lowdb": "7.0.1",
@@ -9037,9 +9037,9 @@
       }
     },
     "node_modules/liquidjs": {
-      "version": "10.14.0",
-      "resolved": "https://registry.npmjs.org/liquidjs/-/liquidjs-10.14.0.tgz",
-      "integrity": "sha512-Zjg35Yo3L/2aNy7QkICha/ulbXRtZS7oRenWyDDfw+J34Xy3fOKWWHxASC9r0gbxN661nrwmG/kOIKHfYcVk4Q==",
+      "version": "10.16.1",
+      "resolved": "https://registry.npmjs.org/liquidjs/-/liquidjs-10.16.1.tgz",
+      "integrity": "sha512-1JFL/Y7ONoajrfwav37yuz5yQHU3+Pgz1XWsg9E/2T8Fp65KalNfMF8QZ3+tNETqGUIB66waOSLOi64niYZE9A==",
       "dependencies": {
         "commander": "^10.0.0"
       },
diff --git a/package.json b/package.json
index 37d804e78831..95548ae3e8a5 100644
--- a/package.json
+++ b/package.json
@@ -273,7 +273,7 @@
     "javascript-stringify": "^2.1.0",
     "js-cookie": "^3.0.1",
     "js-yaml": "^4.1.0",
-    "liquidjs": "^10.14.0",
+    "liquidjs": "^10.16.1",
     "lodash": "^4.17.21",
     "lodash-es": "^4.17.21",
     "lowdb": "7.0.1",

From f468ded5996d7a6aa7d6e63df9b2e7c61c06cd30 Mon Sep 17 00:00:00 2001
From: docs-bot <77750099+docs-bot@users.noreply.github.com>
Date: Thu, 25 Jul 2024 09:34:38 -0700
Subject: [PATCH 04/11] Update audit log event data (#51792)

---
 src/audit-logs/lib/config.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/audit-logs/lib/config.json b/src/audit-logs/lib/config.json
index 57c5ecdc8493..0b360b762faf 100644
--- a/src/audit-logs/lib/config.json
+++ b/src/audit-logs/lib/config.json
@@ -3,5 +3,5 @@
     "apiOnlyEvents": "This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.",
     "apiRequestEvent": "This event is only available via audit log streaming."
   },
-  "sha": "f271371294d09bfaaff89f4a043ed51243be415c"
+  "sha": "e963c4e55388351f75020df4baa4a15f21fb044b"
 }
\ No newline at end of file

From 3e55c864569b0f8bcb8b696c5900396b7cb22200 Mon Sep 17 00:00:00 2001
From: docs-bot <77750099+docs-bot@users.noreply.github.com>
Date: Thu, 25 Jul 2024 09:34:41 -0700
Subject: [PATCH 05/11] GraphQL schema update (#51791)

Co-authored-by: rachmari <9831992+rachmari@users.noreply.github.com>
---
 src/graphql/data/fpt/changelog.json       | 16 ++++++++++++
 src/graphql/data/fpt/schema.docs.graphql  | 20 ++++++++++++++
 src/graphql/data/fpt/schema.json          | 32 +++++++++++++++++++++++
 src/graphql/data/ghec/schema.docs.graphql | 20 ++++++++++++++
 src/graphql/data/ghec/schema.json         | 32 +++++++++++++++++++++++
 5 files changed, 120 insertions(+)

diff --git a/src/graphql/data/fpt/changelog.json b/src/graphql/data/fpt/changelog.json
index 2d4d05e845c6..2b6bcb1d8a92 100644
--- a/src/graphql/data/fpt/changelog.json
+++ b/src/graphql/data/fpt/changelog.json
@@ -1,4 +1,20 @@
 [
+  {
+    "schemaChanges": [
+      {
+        "title": "The GraphQL schema includes these changes:",
+        "changes": [
+          "<p>Field <code>doNotEnforceOnCreate</code> was added to object type <code>RequiredStatusChecksParameters</code></p>",
+          "<p>Input field <code>doNotEnforceOnCreate</code> of type <code>Boolean</code> was added to input object type <code>RequiredStatusChecksParametersInput</code></p>",
+          "<p>Field <code>doNotEnforceOnCreate</code> was added to object type <code>WorkflowsParameters</code></p>",
+          "<p>Input field <code>doNotEnforceOnCreate</code> of type <code>Boolean</code> was added to input object type <code>WorkflowsParametersInput</code></p>"
+        ]
+      }
+    ],
+    "previewChanges": [],
+    "upcomingChanges": [],
+    "date": "2024-07-25"
+  },
   {
     "schemaChanges": [
       {
diff --git a/src/graphql/data/fpt/schema.docs.graphql b/src/graphql/data/fpt/schema.docs.graphql
index 7cd9e601d413..dfc225027bc7 100644
--- a/src/graphql/data/fpt/schema.docs.graphql
+++ b/src/graphql/data/fpt/schema.docs.graphql
@@ -48823,6 +48823,11 @@ Choose which status checks must pass before the ref is updated. When enabled,
 commits must first be pushed to another ref where the checks pass.
 """
 type RequiredStatusChecksParameters {
+  """
+  Allow repositories and branches to be created if a check would otherwise prohibit it.
+  """
+  doNotEnforceOnCreate: Boolean!
+
   """
   Status checks that are required.
   """
@@ -48841,6 +48846,11 @@ Choose which status checks must pass before the ref is updated. When enabled,
 commits must first be pushed to another ref where the checks pass.
 """
 input RequiredStatusChecksParametersInput {
+  """
+  Allow repositories and branches to be created if a check would otherwise prohibit it.
+  """
+  doNotEnforceOnCreate: Boolean
+
   """
   Status checks that are required.
   """
@@ -63696,6 +63706,11 @@ enum WorkflowState {
 Require all changes made to a targeted branch to pass the specified workflows before they can be merged.
 """
 type WorkflowsParameters {
+  """
+  Allow repositories and branches to be created if a check would otherwise prohibit it.
+  """
+  doNotEnforceOnCreate: Boolean!
+
   """
   Workflows that must pass for this rule to pass.
   """
@@ -63706,6 +63721,11 @@ type WorkflowsParameters {
 Require all changes made to a targeted branch to pass the specified workflows before they can be merged.
 """
 input WorkflowsParametersInput {
+  """
+  Allow repositories and branches to be created if a check would otherwise prohibit it.
+  """
+  doNotEnforceOnCreate: Boolean
+
   """
   Workflows that must pass for this rule to pass.
   """
diff --git a/src/graphql/data/fpt/schema.json b/src/graphql/data/fpt/schema.json
index f56b7c2071e3..f9555aa5a66d 100644
--- a/src/graphql/data/fpt/schema.json
+++ b/src/graphql/data/fpt/schema.json
@@ -65784,6 +65784,14 @@
       "href": "/graphql/reference/objects#requiredstatuschecksparameters",
       "description": "<p>Choose which status checks must pass before the ref is updated. When enabled,\ncommits must first be pushed to another ref where the checks pass.</p>",
       "fields": [
+        {
+          "name": "doNotEnforceOnCreate",
+          "description": "<p>Allow repositories and branches to be created if a check would otherwise prohibit it.</p>",
+          "type": "Boolean!",
+          "id": "boolean",
+          "kind": "scalars",
+          "href": "/graphql/reference/scalars#boolean"
+        },
         {
           "name": "requiredStatusChecks",
           "description": "<p>Status checks that are required.</p>",
@@ -79152,6 +79160,14 @@
       "href": "/graphql/reference/objects#workflowsparameters",
       "description": "<p>Require all changes made to a targeted branch to pass the specified workflows before they can be merged.</p>",
       "fields": [
+        {
+          "name": "doNotEnforceOnCreate",
+          "description": "<p>Allow repositories and branches to be created if a check would otherwise prohibit it.</p>",
+          "type": "Boolean!",
+          "id": "boolean",
+          "kind": "scalars",
+          "href": "/graphql/reference/scalars#boolean"
+        },
         {
           "name": "workflows",
           "description": "<p>Workflows that must pass for this rule to pass.</p>",
@@ -100516,6 +100532,14 @@
       "href": "/graphql/reference/input-objects#requiredstatuschecksparametersinput",
       "description": "<p>Choose which status checks must pass before the ref is updated. When enabled,\ncommits must first be pushed to another ref where the checks pass.</p>",
       "inputFields": [
+        {
+          "name": "doNotEnforceOnCreate",
+          "description": "<p>Allow repositories and branches to be created if a check would otherwise prohibit it.</p>",
+          "type": "Boolean",
+          "id": "boolean",
+          "kind": "scalars",
+          "href": "/graphql/reference/scalars#boolean"
+        },
         {
           "name": "requiredStatusChecks",
           "description": "<p>Status checks that are required.</p>",
@@ -105491,6 +105515,14 @@
       "href": "/graphql/reference/input-objects#workflowsparametersinput",
       "description": "<p>Require all changes made to a targeted branch to pass the specified workflows before they can be merged.</p>",
       "inputFields": [
+        {
+          "name": "doNotEnforceOnCreate",
+          "description": "<p>Allow repositories and branches to be created if a check would otherwise prohibit it.</p>",
+          "type": "Boolean",
+          "id": "boolean",
+          "kind": "scalars",
+          "href": "/graphql/reference/scalars#boolean"
+        },
         {
           "name": "workflows",
           "description": "<p>Workflows that must pass for this rule to pass.</p>",
diff --git a/src/graphql/data/ghec/schema.docs.graphql b/src/graphql/data/ghec/schema.docs.graphql
index 7cd9e601d413..dfc225027bc7 100644
--- a/src/graphql/data/ghec/schema.docs.graphql
+++ b/src/graphql/data/ghec/schema.docs.graphql
@@ -48823,6 +48823,11 @@ Choose which status checks must pass before the ref is updated. When enabled,
 commits must first be pushed to another ref where the checks pass.
 """
 type RequiredStatusChecksParameters {
+  """
+  Allow repositories and branches to be created if a check would otherwise prohibit it.
+  """
+  doNotEnforceOnCreate: Boolean!
+
   """
   Status checks that are required.
   """
@@ -48841,6 +48846,11 @@ Choose which status checks must pass before the ref is updated. When enabled,
 commits must first be pushed to another ref where the checks pass.
 """
 input RequiredStatusChecksParametersInput {
+  """
+  Allow repositories and branches to be created if a check would otherwise prohibit it.
+  """
+  doNotEnforceOnCreate: Boolean
+
   """
   Status checks that are required.
   """
@@ -63696,6 +63706,11 @@ enum WorkflowState {
 Require all changes made to a targeted branch to pass the specified workflows before they can be merged.
 """
 type WorkflowsParameters {
+  """
+  Allow repositories and branches to be created if a check would otherwise prohibit it.
+  """
+  doNotEnforceOnCreate: Boolean!
+
   """
   Workflows that must pass for this rule to pass.
   """
@@ -63706,6 +63721,11 @@ type WorkflowsParameters {
 Require all changes made to a targeted branch to pass the specified workflows before they can be merged.
 """
 input WorkflowsParametersInput {
+  """
+  Allow repositories and branches to be created if a check would otherwise prohibit it.
+  """
+  doNotEnforceOnCreate: Boolean
+
   """
   Workflows that must pass for this rule to pass.
   """
diff --git a/src/graphql/data/ghec/schema.json b/src/graphql/data/ghec/schema.json
index f56b7c2071e3..f9555aa5a66d 100644
--- a/src/graphql/data/ghec/schema.json
+++ b/src/graphql/data/ghec/schema.json
@@ -65784,6 +65784,14 @@
       "href": "/graphql/reference/objects#requiredstatuschecksparameters",
       "description": "<p>Choose which status checks must pass before the ref is updated. When enabled,\ncommits must first be pushed to another ref where the checks pass.</p>",
       "fields": [
+        {
+          "name": "doNotEnforceOnCreate",
+          "description": "<p>Allow repositories and branches to be created if a check would otherwise prohibit it.</p>",
+          "type": "Boolean!",
+          "id": "boolean",
+          "kind": "scalars",
+          "href": "/graphql/reference/scalars#boolean"
+        },
         {
           "name": "requiredStatusChecks",
           "description": "<p>Status checks that are required.</p>",
@@ -79152,6 +79160,14 @@
       "href": "/graphql/reference/objects#workflowsparameters",
       "description": "<p>Require all changes made to a targeted branch to pass the specified workflows before they can be merged.</p>",
       "fields": [
+        {
+          "name": "doNotEnforceOnCreate",
+          "description": "<p>Allow repositories and branches to be created if a check would otherwise prohibit it.</p>",
+          "type": "Boolean!",
+          "id": "boolean",
+          "kind": "scalars",
+          "href": "/graphql/reference/scalars#boolean"
+        },
         {
           "name": "workflows",
           "description": "<p>Workflows that must pass for this rule to pass.</p>",
@@ -100516,6 +100532,14 @@
       "href": "/graphql/reference/input-objects#requiredstatuschecksparametersinput",
       "description": "<p>Choose which status checks must pass before the ref is updated. When enabled,\ncommits must first be pushed to another ref where the checks pass.</p>",
       "inputFields": [
+        {
+          "name": "doNotEnforceOnCreate",
+          "description": "<p>Allow repositories and branches to be created if a check would otherwise prohibit it.</p>",
+          "type": "Boolean",
+          "id": "boolean",
+          "kind": "scalars",
+          "href": "/graphql/reference/scalars#boolean"
+        },
         {
           "name": "requiredStatusChecks",
           "description": "<p>Status checks that are required.</p>",
@@ -105491,6 +105515,14 @@
       "href": "/graphql/reference/input-objects#workflowsparametersinput",
       "description": "<p>Require all changes made to a targeted branch to pass the specified workflows before they can be merged.</p>",
       "inputFields": [
+        {
+          "name": "doNotEnforceOnCreate",
+          "description": "<p>Allow repositories and branches to be created if a check would otherwise prohibit it.</p>",
+          "type": "Boolean",
+          "id": "boolean",
+          "kind": "scalars",
+          "href": "/graphql/reference/scalars#boolean"
+        },
         {
           "name": "workflows",
           "description": "<p>Workflows that must pass for this rule to pass.</p>",

From d1f5623ff9eb8e0ad595bf64f1cd2b999aa5b8f9 Mon Sep 17 00:00:00 2001
From: Felicity Chapman <felicitymay@github.com>
Date: Thu, 25 Jul 2024 17:36:37 +0100
Subject: [PATCH 06/11] Minor changes for the GA of Kotlin and Swift (#51639)

---
 ...ql-code-scanning-for-compiled-languages.md | 21 +++++--------------
 ...g-your-advanced-setup-for-code-scanning.md |  3 ---
 .../java-kotlin-built-in-queries.md           |  2 --
 .../swift-built-in-queries.md                 |  2 --
 .../kotlin-detected-in-no-build.md            |  6 +++---
 .../customizing-analysis-with-codeql-packs.md |  4 ++--
 ...preparing-your-code-for-codeql-analysis.md |  7 +------
 .../github-language-support.md                |  2 --
 data/features/codeql-kotlin-beta.yml          |  3 +++
 data/features/codeql-swift-beta.yml           |  3 ++-
 .../alerts-found-in-generated-code.md         |  2 +-
 .../beta-kotlin-or-swift-support.md           | 19 -----------------
 .../code-scanning/beta-kotlin-support.md      |  9 --------
 .../code-scanning/beta-swift-support.md       |  8 -------
 .../codeql-language-identifiers-table.md      |  6 +-----
 .../code-scanning/codeql-languages-bullets.md | 10 +++------
 .../codeql-languages-keywords.md              |  2 +-
 data/variables/code-scanning.yml              |  2 +-
 18 files changed, 23 insertions(+), 88 deletions(-)
 delete mode 100644 data/reusables/code-scanning/beta-kotlin-or-swift-support.md
 delete mode 100644 data/reusables/code-scanning/beta-kotlin-support.md
 delete mode 100644 data/reusables/code-scanning/beta-swift-support.md

diff --git a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md
index 0e26c828b509..fda9e4d7f894 100644
--- a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md
+++ b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages.md
@@ -133,7 +133,7 @@ Creating a {% data variables.product.prodname_codeql %} database without a build
 
 To use `autobuild` or manual build steps, you can use advanced setup.
 
->[!NOTE] For Java analysis, if `build-mode` is set to `none` and Kotlin code is found in the repository, the Kotlin code will not be analyzed and a warning will be produced. See {% ifversion codeql-kotlin-beta %}"[Building Java and Kotlin](#building-java--and-kotlin)"{% else %}"[Building Java](#building-java)"{% endif %}.
+>[!NOTE] For Java analysis, if `build-mode` is set to `none` and Kotlin code is found in the repository, the Kotlin code will not be analyzed and a warning will be produced. See "[Building Java and Kotlin](#building-java-and-kotlin)."
 
 {% endif %}
 
@@ -269,10 +269,9 @@ If you added manual build steps for compiled languages and {% data variables.pro
 
 * [Building C/C++](#building-cc)
 * [Building C#](#building-c){% ifversion codeql-go-autobuild %}
-* [Building Go](#building-go){% endif %}{% ifversion codeql-kotlin-beta %}
-* [Building Java and Kotlin](#building-java--and-kotlin){% else %}
-* [Building Java](#building-java){% endif %}{% ifversion codeql-swift-beta %}
-* [Building Swift](#building-swift){% endif %}
+* [Building Go](#building-go){% endif %}
+* [Building Java and Kotlin](#building-java-and-kotlin)
+* [Building Swift](#building-swift)
 
 {% note %}
 
@@ -433,7 +432,7 @@ The `autobuild` process attempts to autodetect a suitable way to install the dep
 
 {% endif %}
 
-## Building Java {% ifversion codeql-kotlin-beta %} and Kotlin {% endif %}
+## Building Java and Kotlin
 
 {% ifversion codeql-no-build %}{% data variables.product.prodname_codeql %} supports the following build modes.
 
@@ -488,8 +487,6 @@ You will also need to install the build system (for example `make`, `cmake`, `ba
 
 Windows runners require `powershell.exe` to be on the `PATH`.
 
-{% ifversion codeql-swift-beta %}
-
 ## Building Swift
 
 {% ifversion codeql-no-build %}{% data variables.product.prodname_codeql %} supports build modes `autobuild` or `manual` for Swift code.
@@ -503,12 +500,6 @@ Windows runners require `powershell.exe` to be on the `PATH`.
 
 The `autobuild` process tries to build the biggest target from an Xcode project or workspace.
 
-{% endif %}
-
-{% ifversion codeql-swift-beta %}
-
-{% data reusables.code-scanning.beta-swift-support %}
-
 Code scanning of Swift code uses macOS runners by default. {% ifversion fpt or ghec %}Since {% data variables.product.company_short %}-hosted macOS runners are more expensive than Linux and Windows runners, we recommend that you build only the code that you want to analyze. For more information about pricing for {% data variables.product.company_short %}-hosted runners, see "[AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions)."{% endif %}
 
 {% data reusables.code-scanning.default-setup-swift-self-hosted-runners %}
@@ -520,5 +511,3 @@ Code scanning of Swift code uses macOS runners by default. {% ifversion fpt or g
 You can pass the `archive` and `test` options to `xcodebuild`. However, the standard `xcodebuild` command is recommended as it should be the fastest, and should be all that {% data variables.product.prodname_codeql %} requires for a successful scan.
 
 For Swift analysis, you must always explicitly install dependencies managed via CocoaPods or Carthage before generating the {% data variables.product.prodname_codeql %} database.
-
-{% endif %}
diff --git a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.md b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.md
index 467764625794..5700c280e211 100644
--- a/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.md
+++ b/content/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.md
@@ -143,7 +143,6 @@ This workflow scans:
 
 ## Specifying an operating system
 
-{% ifversion codeql-swift-beta %}
 {% note %}
 
 **Notes**:
@@ -154,8 +153,6 @@ This workflow scans:
 
 {% endnote %}
 
-{% endif %}
-
 If your code requires a specific operating system to compile, you can configure the operating system in your {% data variables.code-scanning.codeql_workflow %}. Edit the value of `jobs.analyze.runs-on` to specify the operating system for the machine that runs your {% data variables.product.prodname_code_scanning %} actions. {% ifversion ghes %}You specify the operating system by using an appropriate label as the second element in a two-element array, after `self-hosted`.{% else %}
 
 ``` yaml copy
diff --git a/content/code-security/code-scanning/managing-your-code-scanning-configuration/java-kotlin-built-in-queries.md b/content/code-security/code-scanning/managing-your-code-scanning-configuration/java-kotlin-built-in-queries.md
index e039a876d47e..a5bfd969a846 100644
--- a/content/code-security/code-scanning/managing-your-code-scanning-configuration/java-kotlin-built-in-queries.md
+++ b/content/code-security/code-scanning/managing-your-code-scanning-configuration/java-kotlin-built-in-queries.md
@@ -16,8 +16,6 @@ topics:
 
 {% data variables.product.prodname_codeql %} includes many queries for analyzing Java and Kotlin code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}
 
-{% data reusables.code-scanning.beta-kotlin-support %}
-
 ## Built-in queries for Java and Kotlin analysis
 
 {% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}
diff --git a/content/code-security/code-scanning/managing-your-code-scanning-configuration/swift-built-in-queries.md b/content/code-security/code-scanning/managing-your-code-scanning-configuration/swift-built-in-queries.md
index ba9b9faa3152..cae02ea131b2 100644
--- a/content/code-security/code-scanning/managing-your-code-scanning-configuration/swift-built-in-queries.md
+++ b/content/code-security/code-scanning/managing-your-code-scanning-configuration/swift-built-in-queries.md
@@ -16,8 +16,6 @@ topics:
 
 {% data variables.product.prodname_codeql %} includes many queries for analyzing Swift code. {% data reusables.code-scanning.codeql-query-tables.query-suite-behavior %}
 
-{% data reusables.code-scanning.beta-swift-support %}
-
 ## Built-in queries for Swift analysis
 
 {% data reusables.code-scanning.codeql-query-tables.codeql-version-info %}
diff --git a/content/code-security/code-scanning/troubleshooting-code-scanning/kotlin-detected-in-no-build.md b/content/code-security/code-scanning/troubleshooting-code-scanning/kotlin-detected-in-no-build.md
index d803e3d04463..a3d82647c45e 100644
--- a/content/code-security/code-scanning/troubleshooting-code-scanning/kotlin-detected-in-no-build.md
+++ b/content/code-security/code-scanning/troubleshooting-code-scanning/kotlin-detected-in-no-build.md
@@ -40,13 +40,13 @@ If you want to update the analysis to also include Kotlin files, then {% data va
 1. Wait until the Kotlin code is merged into the default branch for the repository.
 1. Disable and then re-enable default setup on the "Settings" page for your repository.
 
-This will trigger a new analysis using automatic build detection. See "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning)" and "[Building Java and Kotlin](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#building-java--and-kotlin)."
+This will trigger a new analysis using automatic build detection. See "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning)" and "[Building Java and Kotlin](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#building-java-and-kotlin)."
 
 If the automatic build detection fails, you will need to use advanced setup with the correct build commands for the project to analyze both languages.
 
 ### {% data variables.product.prodname_code_scanning_caps %} advanced setup
 
-If you already use advanced setup, you can edit the {% data variables.product.prodname_codeql %} workflow and change the build mode for `java-kotlin` from `none` to either `autobuild` to automatically build your project, or `manual` to specify your own build steps. "[Building Java and Kotlin](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#building-java--and-kotlin)."
+If you already use advanced setup, you can edit the {% data variables.product.prodname_codeql %} workflow and change the build mode for `java-kotlin` from `none` to either `autobuild` to automatically build your project, or `manual` to specify your own build steps. "[Building Java and Kotlin](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#building-java-and-kotlin)."
 
 If you need to convert from default setup to advanced setup, you need enable advanced setup on the on the "Settings" page for your repository and create a {% data variables.product.prodname_codeql %} workflow. Then you can define a `manual` build mode for `java-kotlin` and define the build commands for the project.
 
@@ -57,6 +57,6 @@ Update your calls to run the {% data variables.product.prodname_codeql_cli %} fo
 ## Further reading
 
 * "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning)"
-* "[Building Java and Kotlin](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#building-java--and-kotlin){% ifversion codeql-no-build %}
+* "[Building Java and Kotlin](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#building-java-and-kotlin){% ifversion codeql-no-build %}
 * "[CodeQL build modes](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes)"{% elsif ghes %}
 * "[Adding build steps for a compiled language](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#adding-build-steps-for-a-compiled-language)"{% endif %}
diff --git a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/customizing-analysis-with-codeql-packs.md b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/customizing-analysis-with-codeql-packs.md
index 488cf09e4687..aaaaafa3b33a 100644
--- a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/customizing-analysis-with-codeql-packs.md
+++ b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/customizing-analysis-with-codeql-packs.md
@@ -38,8 +38,8 @@ The standard {% data variables.product.prodname_codeql %} packs for all supporte
   * `codeql/java-queries`
   * `codeql/javascript-queries`
   * `codeql/python-queries`
-  * `codeql/ruby-queries` {% ifversion codeql-swift-beta %}
-  * `codeql/swift-queries` {% endif %}
+  * `codeql/ruby-queries`
+  * `codeql/swift-queries`
 
 You can also use the {% data variables.product.prodname_codeql_cli %} to create your own {% data variables.product.prodname_codeql %} packs, add dependencies to packs, and install or update dependencies. For more information, see "[AUTOTITLE](/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/creating-and-working-with-codeql-packs#creating-and-working-with-codeql-packs)."
 
diff --git a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis.md b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis.md
index 48c977655b73..727599cb8238 100644
--- a/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis.md
+++ b/content/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis.md
@@ -56,8 +56,6 @@ You must specify:
 
     {% data reusables.code-scanning.codeql-language-identifiers-table %}
 
-  {% data reusables.code-scanning.beta-kotlin-or-swift-support %}
-
 If your codebase has a build command or script that invokes the build process, we recommend that you specify it as well:
 
 ```shell
@@ -75,7 +73,7 @@ You can specify additional options depending on the location of your source file
 | {% ifversion codeql-language-identifiers-311 %} |
 | <code><span style="white-space: nowrap;">--language</span></code> | {% octicon "check" aria-label="Required" %} | Specify the identifier for the language to create a database for, one of: {% data reusables.code-scanning.codeql-languages-keywords %}. When used with <code><span style="white-space: nowrap;">--db-cluster</span></code>, the option accepts a comma-separated list, or can be specified more than once. |
 | {% else %} |
-| <code><span style="white-space: nowrap;">--language</span></code> | {% octicon "check" aria-label="Required" %} | Specify the identifier for the language to create a database for, one of: {% data reusables.code-scanning.codeql-languages-keywords %} (use `javascript` to analyze TypeScript code {% ifversion codeql-kotlin-beta %} and `java` to analyze Kotlin code{% endif %}). When used with <code><span style="white-space: nowrap;">--db-cluster</span></code>, the option accepts a comma-separated list, or can be specified more than once. |
+| <code><span style="white-space: nowrap;">--language</span></code> | {% octicon "check" aria-label="Required" %} | Specify the identifier for the language to create a database for, one of: {% data reusables.code-scanning.codeql-languages-keywords %} (use `javascript` to analyze TypeScript code and `java` to analyze Kotlin code). When used with <code><span style="white-space: nowrap;">--db-cluster</span></code>, the option accepts a comma-separated list, or can be specified more than once. |
 | {% endif %} |
 | <code><span style="white-space: nowrap;">--command</span></code> | {% octicon "x" aria-label="Optional" %} | **Recommended.** Use to specify the build command or script that invokes the build process for the codebase. Commands are run from the current folder or, where it is defined, from <code><span style="white-space: nowrap;">--source-root</span></code>. Not needed for Python and JavaScript/TypeScript analysis. |
 | {% ifversion codeql-no-build %} |
@@ -286,7 +284,6 @@ The following examples are designed to give you an idea of some of the build com
   codeql database create java-database --language={% ifversion codeql-language-identifiers-311 %}java-kotlin{% else %}java{% endif %} --command='ant -f build.xml'
   ```
 
-{% ifversion codeql-swift-beta %}
 * Swift project built from an Xcode project or workspace. By default, the largest Swift target is built:
 
   It's a good idea to ensure that the project is in a clean state and that there are no build artefacts available.
@@ -316,8 +313,6 @@ The following examples are designed to give you an idea of some of the build com
   codeql database create -l swift -c "./scripts/build.sh" swift-database
   ```
 
-{% endif %}
-
 * Project built using Bazel:
 
   ```shell
diff --git a/content/get-started/learning-about-github/github-language-support.md b/content/get-started/learning-about-github/github-language-support.md
index dc95e19f1a69..23ea1d277cfb 100644
--- a/content/get-started/learning-about-github/github-language-support.md
+++ b/content/get-started/learning-about-github/github-language-support.md
@@ -37,9 +37,7 @@ Some features are supported for additional languages or package managers. If you
 {% data reusables.supported-languages.ruby %}
 {% data reusables.supported-languages.rust %}
 {% data reusables.supported-languages.scala %}
-{%- ifversion codeql-swift-beta or supply-chain-features-swift-support %}
 {% data reusables.supported-languages.swift %}
-{%- endif %}
 {% data reusables.supported-languages.typescript %}
 
 {% note %}
diff --git a/data/features/codeql-kotlin-beta.yml b/data/features/codeql-kotlin-beta.yml
index 47cd2bcc8a7c..27d98ca79cb6 100644
--- a/data/features/codeql-kotlin-beta.yml
+++ b/data/features/codeql-kotlin-beta.yml
@@ -1,3 +1,6 @@
+# Reference: #2703 and #15120
+# 2024-07-17 GA
+
 versions:
   fpt: '*'
   ghec: '*'
diff --git a/data/features/codeql-swift-beta.yml b/data/features/codeql-swift-beta.yml
index 1ce4c2ad51c5..061d1e9890e4 100644
--- a/data/features/codeql-swift-beta.yml
+++ b/data/features/codeql-swift-beta.yml
@@ -1,5 +1,6 @@
-# Reference: #10251.
+# Reference: #10251 and #15120
 # [2023-06-01] Swift support for code scanning users (GitHub docs site) [Public beta]
+# 2024-07-17 GA
 versions:
   fpt: '*'
   ghec: '*'
diff --git a/data/reusables/code-scanning/alerts-found-in-generated-code.md b/data/reusables/code-scanning/alerts-found-in-generated-code.md
index 71a2bf2180c4..904988afb82f 100644
--- a/data/reusables/code-scanning/alerts-found-in-generated-code.md
+++ b/data/reusables/code-scanning/alerts-found-in-generated-code.md
@@ -1,3 +1,3 @@
-For compiled languages like Java,{% ifversion codeql-kotlin-beta %} Kotlin, {% endif %}{% ifversion codeql-go-autobuild %} Go,{% endif %} C, C++, and C#, {% data variables.product.prodname_codeql %} analyzes all of the code which was built during the workflow run. To limit the amount of code being analyzed, build only the code which you wish to analyze by specifying your own build steps in a `run` block. You can combine specifying your own build steps with using the `paths` or `paths-ignore` filters on the `pull_request` and `push` events to ensure that your workflow only runs when specific code is changed. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore)."
+For compiled languages like Java, Kotlin, {% ifversion codeql-go-autobuild %} Go,{% endif %} C, C++, and C#, {% data variables.product.prodname_codeql %} analyzes all of the code which was built during the workflow run. To limit the amount of code being analyzed, build only the code which you wish to analyze by specifying your own build steps in a `run` block. You can combine specifying your own build steps with using the `paths` or `paths-ignore` filters on the `pull_request` and `push` events to ensure that your workflow only runs when specific code is changed. For more information, see "[AUTOTITLE](/actions/using-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore)."
 
 For languages like{% ifversion codeql-go-autobuild %}{% else %} Go,{% endif %} JavaScript, Python, and TypeScript, that {% data variables.product.prodname_codeql %} analyzes without compiling the source code, you can specify additional configuration options to limit the amount of code to analyze. For more information, see "[AUTOTITLE](/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan)."
diff --git a/data/reusables/code-scanning/beta-kotlin-or-swift-support.md b/data/reusables/code-scanning/beta-kotlin-or-swift-support.md
deleted file mode 100644
index b440bd2b76bb..000000000000
--- a/data/reusables/code-scanning/beta-kotlin-or-swift-support.md
+++ /dev/null
@@ -1,19 +0,0 @@
-{% ifversion codeql-swift-beta and codeql-kotlin-beta %}
-   {% note %}
-
-   **Note:** {% data variables.product.prodname_codeql %} analysis for Kotlin and Swift is currently in beta. During the beta, analysis of Kotlin and Swift code, and the accompanying documentation, will not be as comprehensive as for other languages. Additionally, Swift 5.9 is not yet supported.
-
-   {% endnote %}
-{% elsif codeql-swift-beta %}
-   {% note %}
-
-   **Note:** {% data variables.product.prodname_codeql %} analysis for Swift is currently in beta. During the beta, analysis of Swift code, and the accompanying documentation, will not be as comprehensive as for other languages. Additionally, Swift 5.8 is not yet supported.
-
-   {% endnote %}
-{% elsif codeql-kotlin-beta %}
-   {% note %}
-
-   **Note:** {% data variables.product.prodname_codeql %} analysis for Kotlin is currently in beta. During the beta, analysis of Kotlin code, and the accompanying documentation, will not be as comprehensive as for other languages.
-
-   {% endnote %}
-{% endif %}
diff --git a/data/reusables/code-scanning/beta-kotlin-support.md b/data/reusables/code-scanning/beta-kotlin-support.md
deleted file mode 100644
index db54caba63ca..000000000000
--- a/data/reusables/code-scanning/beta-kotlin-support.md
+++ /dev/null
@@ -1,9 +0,0 @@
-{% ifversion codeql-kotlin-beta %}
-
-{% note %}
-
-**Note**: {% data variables.product.prodname_codeql %} analysis for Kotlin is currently in beta. During the beta, analysis of Kotlin will be less comprehensive than {% data variables.product.prodname_codeql %} analysis of other languages.
-
-{% endnote %}
-
-{% endif %}
diff --git a/data/reusables/code-scanning/beta-swift-support.md b/data/reusables/code-scanning/beta-swift-support.md
deleted file mode 100644
index 4e6cc5cf1332..000000000000
--- a/data/reusables/code-scanning/beta-swift-support.md
+++ /dev/null
@@ -1,8 +0,0 @@
-{% ifversion codeql-swift-beta %}
-{% note %}
-
-**Notes:**
-* {% data variables.product.prodname_codeql %} analysis for Swift is currently in beta. During the beta, analysis of Swift code, and the accompanying documentation, will not be as comprehensive as for other languages.
-
-{% endnote %}
-{% endif %}
diff --git a/data/reusables/code-scanning/codeql-language-identifiers-table.md b/data/reusables/code-scanning/codeql-language-identifiers-table.md
index 8def181409ff..e9d7951b1b38 100644
--- a/data/reusables/code-scanning/codeql-language-identifiers-table.md
+++ b/data/reusables/code-scanning/codeql-language-identifiers-table.md
@@ -9,9 +9,7 @@
 | JavaScript/TypeScript | `javascript-typescript` | `javascript` or `typescript` |
 | Python | `python` |
 | Ruby | `ruby`
-{%- ifversion codeql-swift-beta %}
 | Swift | `swift`
-{%- endif %}
 
 {% note %}
 
@@ -26,12 +24,10 @@
 | C/C++ | `cpp`
 | C# | `csharp`
 | Go | `go`
-| Java{% ifversion codeql-kotlin-beta %}/Kotlin{% endif %} | `java`
+| Java/Kotlin | `java`
 | JavaScript/TypeScript | `javascript`
 | Python | `python`
 | Ruby | `ruby`
-{%- ifversion codeql-swift-beta %}
 | Swift | `swift`
-{%- endif %}
 
 {% endif %}
diff --git a/data/reusables/code-scanning/codeql-languages-bullets.md b/data/reusables/code-scanning/codeql-languages-bullets.md
index 866b73507612..a18f355da740 100644
--- a/data/reusables/code-scanning/codeql-languages-bullets.md
+++ b/data/reusables/code-scanning/codeql-languages-bullets.md
@@ -2,21 +2,17 @@
 * C/C++
 * C#
 * Go
-* Java{% ifversion codeql-kotlin-beta %}/Kotlin{% endif %}
+* Java/Kotlin
 * JavaScript/TypeScript
 * Python
 * Ruby
-{% ifversion codeql-swift-beta %}- Swift{% endif %}
+* Swift
 
 {% note %}
 
 **Notes**:
 
-{% ifversion codeql-swift-beta %}
-* {% data variables.product.prodname_codeql %} analysis for Swift is currently in beta. During the beta, analysis of Swift will be less comprehensive than {% data variables.product.prodname_codeql %} analysis of other languages. Additionally, Swift 5.8 is not yet supported.{% endif %}
-{% ifversion codeql-kotlin-beta %}
-* {% data variables.product.prodname_codeql %} analysis for Kotlin is currently in beta. During the beta, analysis of Kotlin will be less comprehensive than {% data variables.product.prodname_codeql %} analysis of other languages.
-* Use {% ifversion codeql-language-identifiers-311 %}`java-kotlin`{% else %}`java`{% endif %} to analyze code written in Java, Kotlin or both.{% endif %}
+* Use {% ifversion codeql-language-identifiers-311 %}`java-kotlin`{% else %}`java`{% endif %} to analyze code written in Java, Kotlin or both.
 * Use {% ifversion codeql-language-identifiers-311 %}`javascript-typescript`{% else %}`javascript`{% endif %} to analyze code written in JavaScript, TypeScript or both.
 
 {% endnote %}
diff --git a/data/reusables/code-scanning/codeql-languages-keywords.md b/data/reusables/code-scanning/codeql-languages-keywords.md
index 9d9e0975b7e4..f48194a2a506 100644
--- a/data/reusables/code-scanning/codeql-languages-keywords.md
+++ b/data/reusables/code-scanning/codeql-languages-keywords.md
@@ -1 +1 @@
-{% ifversion codeql-language-identifiers-311 %}`c-cpp`, `csharp`, `go`, `java-kotlin`, `javascript-typescript`, `python`, {% ifversion codeql-swift-beta %}`ruby`, and `swift`{% else %}and `ruby`{% endif %}{% else %}`cpp`, `csharp`, `go`, `java`, `javascript`, `python`, {% ifversion codeql-swift-beta %}`ruby`, and `swift`{% else %}and `ruby`{% endif %}{% endif %}
+{% ifversion codeql-language-identifiers-311 %}`c-cpp`, `csharp`, `go`, `java-kotlin`, `javascript-typescript`, `python`, `ruby`, and `swift`{% else %}`cpp`, `csharp`, `go`, `java`, `javascript`, `python`, `ruby`, and `swift`{% endif %}
diff --git a/data/variables/code-scanning.yml b/data/variables/code-scanning.yml
index 386a8991ac16..edad4694ffe6 100644
--- a/data/variables/code-scanning.yml
+++ b/data/variables/code-scanning.yml
@@ -10,7 +10,7 @@ tool_status_page: 'tool status page'
 no_build_support: 'Java{% ifversion codeql-no-build-csharp %} and C#{% endif %}'
 
 # List of compiled languages
-compiled_languages: 'C/C++, C#, {% ifversion codeql-go-autobuild %} Go,{% endif %} {% ifversion codeql-swift-beta %} Java, and Swift{% else %} and Java{% endif %}'
+compiled_languages: 'C/C++, C#, {% ifversion codeql-go-autobuild %} Go,{% endif %} Java, and Swift'
 
 # List of languages where the libraries support expansion using CodeQL model packs at the repository level.
 codeql_model_packs_support: '{% ifversion fpt or ghec or ghes > 3.12 %}C#, Java/Kotlin, and Ruby{% elsif ghes > 3.10 %}Java/Kotlin{% endif %}'

From e0ee8bd49070f84d2ecc2cf62762feb89d32e644 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 25 Jul 2024 10:57:17 -0700
Subject: [PATCH 07/11] Bump docker/build-push-action from 6.3.0 to 6.5.0
 (#51782)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/azure-preview-env-deploy-public.yml | 2 +-
 .github/workflows/azure-preview-env-deploy.yml        | 2 +-
 .github/workflows/azure-prod-build-deploy.yml         | 2 +-
 .github/workflows/azure-staging-build-deploy.yml      | 2 +-
 .github/workflows/main-preview-docker-cache.yml       | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/azure-preview-env-deploy-public.yml b/.github/workflows/azure-preview-env-deploy-public.yml
index 020550d37a47..0c977f53cfe6 100644
--- a/.github/workflows/azure-preview-env-deploy-public.yml
+++ b/.github/workflows/azure-preview-env-deploy-public.yml
@@ -112,7 +112,7 @@ jobs:
         run: src/workflows/prune-for-preview-env.sh
 
       - name: 'Build and push image'
-        uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c
+        uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445
         with:
           context: .
           push: true
diff --git a/.github/workflows/azure-preview-env-deploy.yml b/.github/workflows/azure-preview-env-deploy.yml
index fd6fd2a9181d..91929613ea95 100644
--- a/.github/workflows/azure-preview-env-deploy.yml
+++ b/.github/workflows/azure-preview-env-deploy.yml
@@ -171,7 +171,7 @@ jobs:
         run: src/workflows/prune-for-preview-env.sh
 
       - name: 'Build and push image'
-        uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c
+        uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445
         with:
           context: .
           push: true
diff --git a/.github/workflows/azure-prod-build-deploy.yml b/.github/workflows/azure-prod-build-deploy.yml
index bd1cc03963ac..b5cabc9afe6c 100644
--- a/.github/workflows/azure-prod-build-deploy.yml
+++ b/.github/workflows/azure-prod-build-deploy.yml
@@ -92,7 +92,7 @@ jobs:
           token: ${{ secrets.DOCS_BOT_PAT_READPUBLICKEY }}
 
       - name: 'Build and push image'
-        uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c
+        uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445
         with:
           context: .
           push: true
diff --git a/.github/workflows/azure-staging-build-deploy.yml b/.github/workflows/azure-staging-build-deploy.yml
index 1506b74f9498..d92dad5ffe78 100644
--- a/.github/workflows/azure-staging-build-deploy.yml
+++ b/.github/workflows/azure-staging-build-deploy.yml
@@ -91,7 +91,7 @@ jobs:
         run: src/early-access/scripts/merge-early-access.sh
 
       - name: 'Build and push image'
-        uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c
+        uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445
         with:
           context: .
           push: true
diff --git a/.github/workflows/main-preview-docker-cache.yml b/.github/workflows/main-preview-docker-cache.yml
index 01c8a64cfc0d..2c849dc0577d 100644
--- a/.github/workflows/main-preview-docker-cache.yml
+++ b/.github/workflows/main-preview-docker-cache.yml
@@ -68,7 +68,7 @@ jobs:
         run: src/workflows/prune-for-preview-env.sh
 
       - name: 'Build and push image'
-        uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c
+        uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445
         with:
           context: .
           push: true

From 2844807aecadb6b9f7f808e0c53502f91badf34a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 25 Jul 2024 10:57:58 -0700
Subject: [PATCH 08/11] Bump docker/setup-buildx-action from 3.4.0 to 3.5.0
 (#51781)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/azure-preview-env-deploy-public.yml | 2 +-
 .github/workflows/azure-preview-env-deploy.yml        | 2 +-
 .github/workflows/azure-prod-build-deploy.yml         | 2 +-
 .github/workflows/azure-staging-build-deploy.yml      | 2 +-
 .github/workflows/main-preview-docker-cache.yml       | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/azure-preview-env-deploy-public.yml b/.github/workflows/azure-preview-env-deploy-public.yml
index 0c977f53cfe6..16320d0cddaa 100644
--- a/.github/workflows/azure-preview-env-deploy-public.yml
+++ b/.github/workflows/azure-preview-env-deploy-public.yml
@@ -66,7 +66,7 @@ jobs:
           password: ${{ secrets.NONPROD_REGISTRY_PASSWORD }}
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4
+        uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27
 
       - name: Check out main branch
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
diff --git a/.github/workflows/azure-preview-env-deploy.yml b/.github/workflows/azure-preview-env-deploy.yml
index 91929613ea95..f89a48ecae48 100644
--- a/.github/workflows/azure-preview-env-deploy.yml
+++ b/.github/workflows/azure-preview-env-deploy.yml
@@ -79,7 +79,7 @@ jobs:
           password: ${{ secrets.NONPROD_REGISTRY_PASSWORD }}
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4
+        uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27
 
       - name: Check out PR code
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
diff --git a/.github/workflows/azure-prod-build-deploy.yml b/.github/workflows/azure-prod-build-deploy.yml
index b5cabc9afe6c..c6e0539d3419 100644
--- a/.github/workflows/azure-prod-build-deploy.yml
+++ b/.github/workflows/azure-prod-build-deploy.yml
@@ -49,7 +49,7 @@ jobs:
           password: ${{ secrets.PROD_REGISTRY_PASSWORD }}
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4
+        uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27
 
       - name: Check out repo
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
diff --git a/.github/workflows/azure-staging-build-deploy.yml b/.github/workflows/azure-staging-build-deploy.yml
index d92dad5ffe78..33d9ed119c88 100644
--- a/.github/workflows/azure-staging-build-deploy.yml
+++ b/.github/workflows/azure-staging-build-deploy.yml
@@ -57,7 +57,7 @@ jobs:
           password: ${{ secrets.NONPROD_REGISTRY_PASSWORD }}
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4
+        uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27
 
       - name: Check out repo
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
diff --git a/.github/workflows/main-preview-docker-cache.yml b/.github/workflows/main-preview-docker-cache.yml
index 2c849dc0577d..daa8fb7f3ec7 100644
--- a/.github/workflows/main-preview-docker-cache.yml
+++ b/.github/workflows/main-preview-docker-cache.yml
@@ -42,7 +42,7 @@ jobs:
           password: ${{ secrets.NONPROD_REGISTRY_PASSWORD }}
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4
+        uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27
 
       - name: Check out repo
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

From 70e8340723aefcf3e2d0908f71bd824c269e6167 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 25 Jul 2024 18:02:09 +0000
Subject: [PATCH 09/11] Bump express-rate-limit from 7.3.0 to 7.4.0 (#51768)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package-lock.json | 8 ++++----
 package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 1b2008de2659..4334a2a4eb6d 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -35,7 +35,7 @@
         "dotenv": "^16.4.5",
         "escape-string-regexp": "5.0.0",
         "express": "4.19.2",
-        "express-rate-limit": "7.3.0",
+        "express-rate-limit": "7.4.0",
         "fastest-levenshtein": "1.0.16",
         "file-type": "19.1.0",
         "flat": "^6.0.1",
@@ -6601,9 +6601,9 @@
       }
     },
     "node_modules/express-rate-limit": {
-      "version": "7.3.0",
-      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.3.0.tgz",
-      "integrity": "sha512-ZPfWlcQQ1PsZonB/vqksOsBQV74z5osi/QcdoBCyKJXl/wOVjS1yRDmvkpMM52KJeLbiF2+djwVEnEgVCDdvtw==",
+      "version": "7.4.0",
+      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.4.0.tgz",
+      "integrity": "sha512-v1204w3cXu5gCDmAvgvzI6qjzZzoMWKnyVDk3ACgfswTQLYiGen+r8w0VnXnGMmzEN/g8fwIQ4JrFFd4ZP6ssg==",
       "engines": {
         "node": ">= 16"
       },
diff --git a/package.json b/package.json
index 95548ae3e8a5..e8f0a938fe93 100644
--- a/package.json
+++ b/package.json
@@ -251,7 +251,7 @@
     "dotenv": "^16.4.5",
     "escape-string-regexp": "5.0.0",
     "express": "4.19.2",
-    "express-rate-limit": "7.3.0",
+    "express-rate-limit": "7.4.0",
     "fastest-levenshtein": "1.0.16",
     "file-type": "19.1.0",
     "flat": "^6.0.1",

From 38d62daa2da9c21bf23e76ee74b8f14772573582 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 25 Jul 2024 11:13:01 -0700
Subject: [PATCH 10/11] Bump glob from 10.4.1 to 11.0.0 (#51766)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package-lock.json | 146 +++++++++++++---------------------------------
 package.json      |   2 +-
 2 files changed, 41 insertions(+), 107 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 4334a2a4eb6d..4a98e3bc08ff 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -40,7 +40,7 @@
         "file-type": "19.1.0",
         "flat": "^6.0.1",
         "github-slugger": "^2.0.0",
-        "glob": "10.4.1",
+        "glob": "11.0.0",
         "got": "^13.0.0",
         "gray-matter": "^4.0.3",
         "hast-util-from-parse5": "^8.0.1",
@@ -7170,21 +7170,22 @@
       "license": "ISC"
     },
     "node_modules/glob": {
-      "version": "10.4.1",
-      "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.1.tgz",
-      "integrity": "sha512-2jelhlq3E4ho74ZyVLN03oKdAZVUa6UDZzFLVH1H7dnoax+y9qyaq8zBkfDIggjniU19z0wU18y16jMB2eyVIw==",
+      "version": "11.0.0",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-11.0.0.tgz",
+      "integrity": "sha512-9UiX/Bl6J2yaBbxKoEBRm4Cipxgok8kQYcOPEhScPwebu2I0HoQOuYdIO6S3hLuWoZgpDpwQZMzTFxgpkyT76g==",
       "dependencies": {
         "foreground-child": "^3.1.0",
-        "jackspeak": "^3.1.2",
-        "minimatch": "^9.0.4",
+        "jackspeak": "^4.0.1",
+        "minimatch": "^10.0.0",
         "minipass": "^7.1.2",
-        "path-scurry": "^1.11.1"
+        "package-json-from-dist": "^1.0.0",
+        "path-scurry": "^2.0.0"
       },
       "bin": {
         "glob": "dist/esm/bin.mjs"
       },
       "engines": {
-        "node": ">=16 || 14 >=14.18"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
@@ -7201,6 +7202,20 @@
         "node": ">= 6"
       }
     },
+    "node_modules/glob/node_modules/minimatch": {
+      "version": "10.0.1",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.0.1.tgz",
+      "integrity": "sha512-ethXTt3SGGR+95gudmqJ1eNhRO7eGEGIgYA9vnPatK4/etz2MEVDno5GMCibdMTuBMyElzIlgxMna3K94XDIDQ==",
+      "dependencies": {
+        "brace-expansion": "^2.0.1"
+      },
+      "engines": {
+        "node": "20 || >=22"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
     "node_modules/globals": {
       "version": "11.12.0",
       "license": "MIT",
@@ -8627,14 +8642,14 @@
       }
     },
     "node_modules/jackspeak": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.1.2.tgz",
-      "integrity": "sha512-kWmLKn2tRtfYMF/BakihVVRzBKOxz4gJMiL2Rj91WnAB5TPZumSH99R/Yf1qE1u4uRimvCSJfm6hnxohXeEXjQ==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.0.1.tgz",
+      "integrity": "sha512-cub8rahkh0Q/bw1+GxP7aeSe29hHHn2V4m29nnDlvCdlgU+3UGxkZp7Z53jLUdpX3jdTO0nJZUDl3xvbWc2Xog==",
       "dependencies": {
         "@isaacs/cliui": "^8.0.2"
       },
       "engines": {
-        "node": ">=14"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
@@ -9311,11 +9326,11 @@
       }
     },
     "node_modules/lru-cache": {
-      "version": "10.2.2",
-      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.2.2.tgz",
-      "integrity": "sha512-9hp3Vp2/hFQUiIwKo8XCeFVnrg8Pk3TYNPIR7tJADKi5YfcF7vEaK7avFHTlSy3kOKYaJQaalfEo6YuXdceBOQ==",
+      "version": "11.0.0",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.0.0.tgz",
+      "integrity": "sha512-Qv32eSV1RSCfhY3fpPE2GNZ8jgM9X7rdAfemLWqTUxwiyIC4jJ6Sy0fZ8H+oLWevO6i4/bizg7c8d8i6bxrzbA==",
       "engines": {
-        "node": "14 || >=16.14"
+        "node": "20 || >=22"
       }
     },
     "node_modules/magic-string": {
@@ -10463,6 +10478,7 @@
       "version": "9.0.4",
       "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.4.tgz",
       "integrity": "sha512-KqWh+VchfxcMNRAJjj2tnsSJdNbHsVgnkBhTNrW7AjVo6OvLtxw8zfT9oLw1JSohlFzJ8jCoTgaoXvJ+kHt6fw==",
+      "dev": true,
       "dependencies": {
         "brace-expansion": "^2.0.1"
       },
@@ -11070,8 +11086,7 @@
     "node_modules/package-json-from-dist": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.0.tgz",
-      "integrity": "sha512-dATvCeZN/8wQsGywez1mzHtTlP22H8OEfPrVMLNr4/eGa+ijtLn/6M5f0dY8UKNrC2O9UCU6SSoG3qRKnt7STw==",
-      "dev": true
+      "integrity": "sha512-dATvCeZN/8wQsGywez1mzHtTlP22H8OEfPrVMLNr4/eGa+ijtLn/6M5f0dY8UKNrC2O9UCU6SSoG3qRKnt7STw=="
     },
     "node_modules/parent-module": {
       "version": "1.0.1",
@@ -11152,15 +11167,15 @@
       "license": "MIT"
     },
     "node_modules/path-scurry": {
-      "version": "1.11.1",
-      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz",
-      "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-2.0.0.tgz",
+      "integrity": "sha512-ypGJsmGtdXUOeM5u93TyeIEfEhM6s+ljAhrk5vAvSx8uyY/02OvrZnA0YNGUrPXfpJMgI1ODd3nwz8Npx4O4cg==",
       "dependencies": {
-        "lru-cache": "^10.2.0",
-        "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
+        "lru-cache": "^11.0.0",
+        "minipass": "^7.1.2"
       },
       "engines": {
-        "node": ">=16 || 14 >=14.18"
+        "node": "20 || >=22"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
@@ -12693,7 +12708,7 @@
       "integrity": "sha512-u+yqhM92LW+89cxUQK0SRyvXYQmyuKHx0jkx4W7KfwLGLqJnQM5031Uv1trE4gB9XEXBM/s6MxKlfW95IidqaA==",
       "dev": true,
       "dependencies": {
-        "glob": "^11.0.0"
+        "glob": "11.0.0"
       },
       "bin": {
         "rimraf": "dist/esm/bin.mjs"
@@ -12705,87 +12720,6 @@
         "url": "https://github.com/sponsors/isaacs"
       }
     },
-    "node_modules/rimraf/node_modules/glob": {
-      "version": "11.0.0",
-      "resolved": "https://registry.npmjs.org/glob/-/glob-11.0.0.tgz",
-      "integrity": "sha512-9UiX/Bl6J2yaBbxKoEBRm4Cipxgok8kQYcOPEhScPwebu2I0HoQOuYdIO6S3hLuWoZgpDpwQZMzTFxgpkyT76g==",
-      "dev": true,
-      "dependencies": {
-        "foreground-child": "^3.1.0",
-        "jackspeak": "^4.0.1",
-        "minimatch": "^10.0.0",
-        "minipass": "^7.1.2",
-        "package-json-from-dist": "^1.0.0",
-        "path-scurry": "^2.0.0"
-      },
-      "bin": {
-        "glob": "dist/esm/bin.mjs"
-      },
-      "engines": {
-        "node": "20 || >=22"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/isaacs"
-      }
-    },
-    "node_modules/rimraf/node_modules/jackspeak": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.0.1.tgz",
-      "integrity": "sha512-cub8rahkh0Q/bw1+GxP7aeSe29hHHn2V4m29nnDlvCdlgU+3UGxkZp7Z53jLUdpX3jdTO0nJZUDl3xvbWc2Xog==",
-      "dev": true,
-      "dependencies": {
-        "@isaacs/cliui": "^8.0.2"
-      },
-      "engines": {
-        "node": "20 || >=22"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/isaacs"
-      },
-      "optionalDependencies": {
-        "@pkgjs/parseargs": "^0.11.0"
-      }
-    },
-    "node_modules/rimraf/node_modules/lru-cache": {
-      "version": "11.0.0",
-      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.0.0.tgz",
-      "integrity": "sha512-Qv32eSV1RSCfhY3fpPE2GNZ8jgM9X7rdAfemLWqTUxwiyIC4jJ6Sy0fZ8H+oLWevO6i4/bizg7c8d8i6bxrzbA==",
-      "dev": true,
-      "engines": {
-        "node": "20 || >=22"
-      }
-    },
-    "node_modules/rimraf/node_modules/minimatch": {
-      "version": "10.0.1",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.0.1.tgz",
-      "integrity": "sha512-ethXTt3SGGR+95gudmqJ1eNhRO7eGEGIgYA9vnPatK4/etz2MEVDno5GMCibdMTuBMyElzIlgxMna3K94XDIDQ==",
-      "dev": true,
-      "dependencies": {
-        "brace-expansion": "^2.0.1"
-      },
-      "engines": {
-        "node": "20 || >=22"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/isaacs"
-      }
-    },
-    "node_modules/rimraf/node_modules/path-scurry": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-2.0.0.tgz",
-      "integrity": "sha512-ypGJsmGtdXUOeM5u93TyeIEfEhM6s+ljAhrk5vAvSx8uyY/02OvrZnA0YNGUrPXfpJMgI1ODd3nwz8Npx4O4cg==",
-      "dev": true,
-      "dependencies": {
-        "lru-cache": "^11.0.0",
-        "minipass": "^7.1.2"
-      },
-      "engines": {
-        "node": "20 || >=22"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/isaacs"
-      }
-    },
     "node_modules/robots-parser": {
       "version": "3.0.0",
       "dev": true,
diff --git a/package.json b/package.json
index e8f0a938fe93..1336b0cf242f 100644
--- a/package.json
+++ b/package.json
@@ -256,7 +256,7 @@
     "file-type": "19.1.0",
     "flat": "^6.0.1",
     "github-slugger": "^2.0.0",
-    "glob": "10.4.1",
+    "glob": "11.0.0",
     "got": "^13.0.0",
     "gray-matter": "^4.0.3",
     "hast-util-from-parse5": "^8.0.1",

From 23d285f4603f84cebd0e2a661ef3135934fdc294 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 25 Jul 2024 11:15:18 -0700
Subject: [PATCH 11/11] Bump eslint-plugin-primer-react from 5.3.0 to 5.4.0
 (#51767)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Evan Bonsignori <evanabonsignori@gmail.com>
---
 package-lock.json                       | 8 ++++----
 package.json                            | 2 +-
 src/rest/components/RestCodeSamples.tsx | 5 +++--
 3 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 4a98e3bc08ff..c51d3522a717 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -137,7 +137,7 @@
         "eslint-plugin-github": "^5.0.1",
         "eslint-plugin-import": "^2.29.1",
         "eslint-plugin-jsx-a11y": "^6.9.0",
-        "eslint-plugin-primer-react": "^5.3.0",
+        "eslint-plugin-primer-react": "^5.4.0",
         "event-to-promise": "^0.8.0",
         "graphql": "^16.9.0",
         "http-status-code": "^2.1.0",
@@ -6205,9 +6205,9 @@
       }
     },
     "node_modules/eslint-plugin-primer-react": {
-      "version": "5.3.0",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-primer-react/-/eslint-plugin-primer-react-5.3.0.tgz",
-      "integrity": "sha512-Nw9pAZww4ZPgzffrvexbNytOkoyKm4RLOmrPio5VEZ5BIFNy+uLyiBE5WGRuig4a0KbbjjOM5haLCvC43daAvw==",
+      "version": "5.4.0",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-primer-react/-/eslint-plugin-primer-react-5.4.0.tgz",
+      "integrity": "sha512-t3F8RGOG+88SOZTjC5+ZBDhLIJitlRN4qkdRmwDuaL5mkxIA4LzyhLf4KfM595NwDan8mj37Fjbt3Nj04PxUDQ==",
       "dev": true,
       "dependencies": {
         "@styled-system/props": "^5.1.5",
diff --git a/package.json b/package.json
index 1336b0cf242f..6766cd08355b 100644
--- a/package.json
+++ b/package.json
@@ -353,7 +353,7 @@
     "eslint-plugin-github": "^5.0.1",
     "eslint-plugin-import": "^2.29.1",
     "eslint-plugin-jsx-a11y": "^6.9.0",
-    "eslint-plugin-primer-react": "^5.3.0",
+    "eslint-plugin-primer-react": "^5.4.0",
     "event-to-promise": "^0.8.0",
     "graphql": "^16.9.0",
     "http-status-code": "^2.1.0",
diff --git a/src/rest/components/RestCodeSamples.tsx b/src/rest/components/RestCodeSamples.tsx
index 9162e6a7f013..ede5cc4d152e 100644
--- a/src/rest/components/RestCodeSamples.tsx
+++ b/src/rest/components/RestCodeSamples.tsx
@@ -1,5 +1,6 @@
 import { useState, useEffect, useRef, FormEvent } from 'react'
-import { FormControl, Select, Tooltip, TabNav } from '@primer/react'
+import { FormControl, Select, TabNav } from '@primer/react'
+import { Tooltip } from '@primer/react/next'
 import { CheckIcon, CopyIcon } from '@primer/octicons-react'
 import Cookies from 'src/frame/components/lib/cookies'
 import cx from 'classnames'
@@ -283,7 +284,7 @@ export function RestCodeSamples({ operation, slug, heading }: Props) {
             <Tooltip
               className="mr-2"
               direction="w"
-              aria-label={isCopied ? t('button_text.copied') : t('button_text.copy_to_clipboard')}
+              text={isCopied ? t('button_text.copied') : t('button_text.copy_to_clipboard')}
             >
               <button
                 className="js-btn-copy btn-octicon"