hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: Add change note about CFG cast deprecation.

Browse Source
This commit is contained in:
Anders Schack-Mulligen
2018-12-12 14:57:50 +00:00
parent be5ac2f2ff
commit 2150af9732
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
change-notes/1.19/analysis-java.md
View File

@@ -26,6 +26,11 @@ to run queries and explore the data flow in results.
## Changes to QL libraries ## Changes to QL libraries
* The class `ControlFlowNode` (and by extension `BasicBlock`) has until now
been directly equatable to `Expr` and `Stmt`. Exploiting these equalities,
for example by using casts, is now deprecated, and the conversions
`Expr.getControlFlowNode()` and `Stmt.getControlFlowNode()` should be used
instead.
* The default set of taint sources in the `FlowSources` library is extended to * The default set of taint sources in the `FlowSources` library is extended to
cover parameters annotated with Spring framework annotations indicating cover parameters annotated with Spring framework annotations indicating
remote user input from servlets. This affects all security queries, which remote user input from servlets. This affects all security queries, which