hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 14:23:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #479 from smowton/smowton/admin/add-missing-change-notes

Browse Source 
Add missing change notes
This commit is contained in:
Chris Smowton
2021-02-16 09:58:29 +00:00
committed by GitHub
parent 1c6a68ae93 95008d1ccb
commit 2be66d1d74
2 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
change-notes/2021-02-09-html-templates.md Normal file
View File

@@ -0,0 +1,2 @@
lgtm,codescanning
* Improved our modeling of Go's builtin `html/template` package to understand that these templates provide context-sensitive escaping of HTML and Javascript special characters. This may reduce false-positives seen by the `go/reflected-xss` query, as well as other queries for which HTML escaping is relevant.

2
change-notes/2021-02-10-cfg-equality-panic-edges.md Normal file
View File

@@ -0,0 +1,2 @@
lgtm,codescanning
* Improved the Go control-flow graph to exclude more edges representing panics due to comparisons when the types of the compared values indicate a panic is impossible (for example, comparing integers cannot panic). This may reduce false-positives or false-negatives for any query for which control-flow is relevant.