mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
Release preparation for version 2.7.3
This commit is contained in:
github-actions[bot]
@@ -1,7 +1,7 @@
|
|||||||
---
|
## 0.0.4
|
||||||
category: feature
|
|
||||||
tags: [lgtm,codescanning]
|
### New Features
|
||||||
---
|
|
||||||
* The QL library `semmle.code.cpp.commons.Exclusions` now contains a predicate
|
* The QL library `semmle.code.cpp.commons.Exclusions` now contains a predicate
|
||||||
`isFromSystemMacroDefinition` for identifying code that originates from a
|
`isFromSystemMacroDefinition` for identifying code that originates from a
|
||||||
macro outside the project being analyzed.
|
macro outside the project being analyzed.
|
||||||
7
cpp/ql/lib/change-notes/released/0.0.4.md
Normal file
7
cpp/ql/lib/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1,7 @@
|
|||||||
|
## 0.0.4
|
||||||
|
|
||||||
|
### New Features
|
||||||
|
|
||||||
|
* The QL library `semmle.code.cpp.commons.Exclusions` now contains a predicate
|
||||||
|
`isFromSystemMacroDefinition` for identifying code that originates from a
|
||||||
|
macro outside the project being analyzed.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/cpp-all
|
name: codeql/cpp-all
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
groups: cpp
|
groups: cpp
|
||||||
dbscheme: semmlecode.cpp.dbscheme
|
dbscheme: semmlecode.cpp.dbscheme
|
||||||
extractor: cpp
|
extractor: cpp
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
---
|
## 0.0.4
|
||||||
category: newQuery
|
|
||||||
tags: [lgtm,codescanning]
|
### New Queries
|
||||||
---
|
|
||||||
* A new query `cpp/non-https-url` has been added for C/C++. The query flags uses of `http` URLs that might be better replaced with `https`.
|
* A new query `cpp/non-https-url` has been added for C/C++. The query flags uses of `http` URLs that might be better replaced with `https`.
|
||||||
5
cpp/ql/src/change-notes/released/0.0.4.md
Normal file
5
cpp/ql/src/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1,5 @@
|
|||||||
|
## 0.0.4
|
||||||
|
|
||||||
|
### New Queries
|
||||||
|
|
||||||
|
* A new query `cpp/non-https-url` has been added for C/C++. The query flags uses of `http` URLs that might be better replaced with `https`.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/cpp-queries
|
name: codeql/cpp-queries
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
groups: cpp
|
groups: cpp
|
||||||
dependencies:
|
dependencies:
|
||||||
codeql/cpp-all: "*"
|
codeql/cpp-all: "*"
|
||||||
|
|||||||
1
cpp/upgrades/CHANGELOG.md
Normal file
1
cpp/upgrades/CHANGELOG.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
1
cpp/upgrades/change-notes/released/0.0.4.md
Normal file
1
cpp/upgrades/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/cpp-upgrades
|
name: codeql/cpp-upgrades
|
||||||
groups: cpp
|
groups: cpp
|
||||||
upgrades: .
|
upgrades: .
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
library: true
|
library: true
|
||||||
|
|||||||
1
csharp/ql/lib/CHANGELOG.md
Normal file
1
csharp/ql/lib/CHANGELOG.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
1
csharp/ql/lib/change-notes/released/0.0.4.md
Normal file
1
csharp/ql/lib/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/csharp-all
|
name: codeql/csharp-all
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
groups: csharp
|
groups: csharp
|
||||||
dbscheme: semmlecode.csharp.dbscheme
|
dbscheme: semmlecode.csharp.dbscheme
|
||||||
extractor: csharp
|
extractor: csharp
|
||||||
|
|||||||
1
csharp/ql/src/CHANGELOG.md
Normal file
1
csharp/ql/src/CHANGELOG.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
1
csharp/ql/src/change-notes/released/0.0.4.md
Normal file
1
csharp/ql/src/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/csharp-queries
|
name: codeql/csharp-queries
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
groups: csharp
|
groups: csharp
|
||||||
suites: codeql-suites
|
suites: codeql-suites
|
||||||
extractor: csharp
|
extractor: csharp
|
||||||
|
|||||||
1
csharp/upgrades/CHANGELOG.md
Normal file
1
csharp/upgrades/CHANGELOG.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
1
csharp/upgrades/change-notes/released/0.0.4.md
Normal file
1
csharp/upgrades/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/csharp-upgrades
|
name: codeql/csharp-upgrades
|
||||||
groups: csharp
|
groups: csharp
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
upgrades: .
|
upgrades: .
|
||||||
library: true
|
library: true
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
---
|
## 0.0.4
|
||||||
category: fix
|
|
||||||
tags: [lgtm,codescanning]
|
### Bug Fixes
|
||||||
---
|
|
||||||
* `CharacterLiteral`'s `getCodePointValue` predicate now returns the correct value for UTF-16 surrogates.
|
* `CharacterLiteral`'s `getCodePointValue` predicate now returns the correct value for UTF-16 surrogates.
|
||||||
* The `RangeAnalysis` module and the `java/constant-comparison` queries no longer raise false alerts regarding comparisons with Unicode surrogate character literals.
|
* The `RangeAnalysis` module and the `java/constant-comparison` queries no longer raise false alerts regarding comparisons with Unicode surrogate character literals.
|
||||||
|
* The predicate `Method.overrides(Method)` was accidentally transitive. This has been fixed. This fix also affects `Method.overridesOrInstantiates(Method)` and `Method.getASourceOverriddenMethod()`.
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: fix
|
|
||||||
tags: [lgtm,codescanning]
|
|
||||||
---
|
|
||||||
* The predicate `Method.overrides(Method)` was accidentally transitive. This has been fixed. This fix also affects `Method.overridesOrInstantiates(Method)` and `Method.getASourceOverriddenMethod()`.
|
|
||||||
7
java/ql/lib/change-notes/released/0.0.4.md
Normal file
7
java/ql/lib/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1,7 @@
|
|||||||
|
## 0.0.4
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* `CharacterLiteral`'s `getCodePointValue` predicate now returns the correct value for UTF-16 surrogates.
|
||||||
|
* The `RangeAnalysis` module and the `java/constant-comparison` queries no longer raise false alerts regarding comparisons with Unicode surrogate character literals.
|
||||||
|
* The predicate `Method.overrides(Method)` was accidentally transitive. This has been fixed. This fix also affects `Method.overridesOrInstantiates(Method)` and `Method.getASourceOverriddenMethod()`.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/java-all
|
name: codeql/java-all
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
groups: java
|
groups: java
|
||||||
dbscheme: config/semmlecode.dbscheme
|
dbscheme: config/semmlecode.dbscheme
|
||||||
extractor: java
|
extractor: java
|
||||||
|
|||||||
1
java/ql/src/CHANGELOG.md
Normal file
1
java/ql/src/CHANGELOG.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
1
java/ql/src/change-notes/released/0.0.4.md
Normal file
1
java/ql/src/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/java-queries
|
name: codeql/java-queries
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
groups: java
|
groups: java
|
||||||
suites: codeql-suites
|
suites: codeql-suites
|
||||||
extractor: java
|
extractor: java
|
||||||
|
|||||||
1
java/upgrades/CHANGELOG.md
Normal file
1
java/upgrades/CHANGELOG.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
1
java/upgrades/change-notes/released/0.0.4.md
Normal file
1
java/upgrades/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -2,4 +2,4 @@ name: codeql/java-upgrades
|
|||||||
groups: java
|
groups: java
|
||||||
upgrades: .
|
upgrades: .
|
||||||
library: true
|
library: true
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
|
|||||||
1
javascript/ql/lib/CHANGELOG.md
Normal file
1
javascript/ql/lib/CHANGELOG.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.5
|
||||||
1
javascript/ql/lib/change-notes/released/0.0.5.md
Normal file
1
javascript/ql/lib/change-notes/released/0.0.5.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.5
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.4
|
lastReleaseVersion: 0.0.5
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/javascript-all
|
name: codeql/javascript-all
|
||||||
version: 0.0.4
|
version: 0.0.5
|
||||||
groups: javascript
|
groups: javascript
|
||||||
dbscheme: semmlecode.javascript.dbscheme
|
dbscheme: semmlecode.javascript.dbscheme
|
||||||
extractor: javascript
|
extractor: javascript
|
||||||
|
|||||||
7
javascript/ql/src/CHANGELOG.md
Normal file
7
javascript/ql/src/CHANGELOG.md
Normal file
@@ -0,0 +1,7 @@
|
|||||||
|
## 0.0.5
|
||||||
|
|
||||||
|
### New Queries
|
||||||
|
|
||||||
|
* The `js/sensitive-get-query` query has been added. It highlights GET requests that read sensitive information from the query string.
|
||||||
|
* The `js/insufficient-key-size` query has been added. It highlights the creation of cryptographic keys with a short key size.
|
||||||
|
* The `js/session-fixation` query has been added. It highlights servers that reuse a session after a user has logged in.
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: newQuery
|
|
||||||
tags: [lgtm, codescanning]
|
|
||||||
---
|
|
||||||
* The `js/insufficient-key-size` query has been added. It highlights the creation of cryptographic keys with a short key size.
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: newQuery
|
|
||||||
tags: [lgtm, codescanning]
|
|
||||||
---
|
|
||||||
* The `js/session-fixation` query has been added. It highlights servers that reuse a session after a user has logged in.
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: newQuery
|
|
||||||
tags: [lgtm, codescanning]
|
|
||||||
---
|
|
||||||
* The `js/sensitive-get-query` query has been added. It highlights GET requests that read sensitive information from the query string.
|
|
||||||
7
javascript/ql/src/change-notes/released/0.0.5.md
Normal file
7
javascript/ql/src/change-notes/released/0.0.5.md
Normal file
@@ -0,0 +1,7 @@
|
|||||||
|
## 0.0.5
|
||||||
|
|
||||||
|
### New Queries
|
||||||
|
|
||||||
|
* The `js/sensitive-get-query` query has been added. It highlights GET requests that read sensitive information from the query string.
|
||||||
|
* The `js/insufficient-key-size` query has been added. It highlights the creation of cryptographic keys with a short key size.
|
||||||
|
* The `js/session-fixation` query has been added. It highlights servers that reuse a session after a user has logged in.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.4
|
lastReleaseVersion: 0.0.5
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/javascript-queries
|
name: codeql/javascript-queries
|
||||||
version: 0.0.4
|
version: 0.0.5
|
||||||
groups: javascript
|
groups: javascript
|
||||||
suites: codeql-suites
|
suites: codeql-suites
|
||||||
extractor: javascript
|
extractor: javascript
|
||||||
|
|||||||
1
javascript/upgrades/CHANGELOG.md
Normal file
1
javascript/upgrades/CHANGELOG.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.5
|
||||||
1
javascript/upgrades/change-notes/released/0.0.5.md
Normal file
1
javascript/upgrades/change-notes/released/0.0.5.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.5
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.4
|
lastReleaseVersion: 0.0.5
|
||||||
|
|||||||
@@ -2,4 +2,4 @@ name: codeql/javascript-upgrades
|
|||||||
groups: javascript
|
groups: javascript
|
||||||
upgrades: .
|
upgrades: .
|
||||||
library: true
|
library: true
|
||||||
version: 0.0.4
|
version: 0.0.5
|
||||||
|
|||||||
10
python/ql/lib/CHANGELOG.md
Normal file
10
python/ql/lib/CHANGELOG.md
Normal file
@@ -0,0 +1,10 @@
|
|||||||
|
## 0.0.4
|
||||||
|
|
||||||
|
### Major Analysis Improvements
|
||||||
|
|
||||||
|
* Added modeling of `os.stat`, `os.lstat`, `os.statvfs`, `os.fstat`, and `os.fstatvfs`, which are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
|
||||||
|
* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
|
||||||
|
* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources.
|
||||||
|
* Added modeling of `aiopg` for sinks executing SQL.
|
||||||
|
* Added modeling of HTTP requests and responses when using `flask_admin` (`Flask-Admin` PyPI package), which leads to additional remote flow sources.
|
||||||
|
* Added modeling of the PyPI package `toml`, which provides encoding/decoding of TOML documents, leading to new taint-tracking steps.
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: majorAnalysis
|
|
||||||
tags: [lgtm, codescanning]
|
|
||||||
---
|
|
||||||
* Added modeling of HTTP requests and responses when using `flask_admin` (`Flask-Admin` PyPI package), which leads to additional remote flow sources.
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: majorAnalysis
|
|
||||||
tags: [lgtm, codescanning]
|
|
||||||
---
|
|
||||||
* Added modeling of the PyPI package `toml`, which provides encoding/decoding of TOML documents, leading to new taint-tracking steps.
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: majorAnalysis
|
|
||||||
tags: [lgtm, codescanning]
|
|
||||||
---
|
|
||||||
* Added modeling of `aiopg` for sinks executing SQL.
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: majorAnalysis
|
|
||||||
tags: [lgtm,codescanning]
|
|
||||||
---
|
|
||||||
* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources.
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: majorAnalysis
|
|
||||||
tags: [lgtm,codescanning]
|
|
||||||
---
|
|
||||||
* Added modeling of `os.stat`, `os.lstat`, `os.statvfs`, `os.fstat`, and `os.fstatvfs`, which are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: majorAnalysis
|
|
||||||
tags: [lgtm,codescanning]
|
|
||||||
---
|
|
||||||
* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
|
|
||||||
10
python/ql/lib/change-notes/released/0.0.4.md
Normal file
10
python/ql/lib/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1,10 @@
|
|||||||
|
## 0.0.4
|
||||||
|
|
||||||
|
### Major Analysis Improvements
|
||||||
|
|
||||||
|
* Added modeling of `os.stat`, `os.lstat`, `os.statvfs`, `os.fstat`, and `os.fstatvfs`, which are new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
|
||||||
|
* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.
|
||||||
|
* Added modeling of `wsgiref.simple_server` applications, leading to new remote flow sources.
|
||||||
|
* Added modeling of `aiopg` for sinks executing SQL.
|
||||||
|
* Added modeling of HTTP requests and responses when using `flask_admin` (`Flask-Admin` PyPI package), which leads to additional remote flow sources.
|
||||||
|
* Added modeling of the PyPI package `toml`, which provides encoding/decoding of TOML documents, leading to new taint-tracking steps.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/python-all
|
name: codeql/python-all
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
groups: python
|
groups: python
|
||||||
dbscheme: semmlecode.python.dbscheme
|
dbscheme: semmlecode.python.dbscheme
|
||||||
extractor: python
|
extractor: python
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
---
|
## 0.0.4
|
||||||
category: queryMetadata
|
|
||||||
tags: [lgtm,codescanning]
|
### Query Metadata Changes
|
||||||
---
|
|
||||||
* Fixed the query ids of two queries that are meant for manual exploration: `python/count-untrusted-data-external-api` and `python/untrusted-data-to-external-api` have been changed to `py/count-untrusted-data-external-api` and `py/untrusted-data-to-external-api`.
|
* Fixed the query ids of two queries that are meant for manual exploration: `python/count-untrusted-data-external-api` and `python/untrusted-data-to-external-api` have been changed to `py/count-untrusted-data-external-api` and `py/untrusted-data-to-external-api`.
|
||||||
5
python/ql/src/change-notes/released/0.0.4.md
Normal file
5
python/ql/src/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1,5 @@
|
|||||||
|
## 0.0.4
|
||||||
|
|
||||||
|
### Query Metadata Changes
|
||||||
|
|
||||||
|
* Fixed the query ids of two queries that are meant for manual exploration: `python/count-untrusted-data-external-api` and `python/untrusted-data-to-external-api` have been changed to `py/count-untrusted-data-external-api` and `py/untrusted-data-to-external-api`.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/python-queries
|
name: codeql/python-queries
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
groups: python
|
groups: python
|
||||||
dependencies:
|
dependencies:
|
||||||
codeql/python-all: "*"
|
codeql/python-all: "*"
|
||||||
|
|||||||
1
python/upgrades/CHANGELOG.md
Normal file
1
python/upgrades/CHANGELOG.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
1
python/upgrades/change-notes/released/0.0.4.md
Normal file
1
python/upgrades/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -2,4 +2,4 @@ name: codeql/python-upgrades
|
|||||||
groups: python
|
groups: python
|
||||||
upgrades: .
|
upgrades: .
|
||||||
library: true
|
library: true
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
|
|||||||
1
ruby/ql/lib/CHANGELOG.md
Normal file
1
ruby/ql/lib/CHANGELOG.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
1
ruby/ql/lib/change-notes/released/0.0.4.md
Normal file
1
ruby/ql/lib/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1 @@
|
|||||||
|
## 0.0.4
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/ruby-all
|
name: codeql/ruby-all
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
groups: ruby
|
groups: ruby
|
||||||
extractor: ruby
|
extractor: ruby
|
||||||
dbscheme: ruby.dbscheme
|
dbscheme: ruby.dbscheme
|
||||||
|
|||||||
10
ruby/ql/src/CHANGELOG.md
Normal file
10
ruby/ql/src/CHANGELOG.md
Normal file
@@ -0,0 +1,10 @@
|
|||||||
|
## 0.0.4
|
||||||
|
|
||||||
|
### New Queries
|
||||||
|
|
||||||
|
* A new query (`rb/request-forgery`) has been added. The query finds HTTP requests made with user-controlled URLs.
|
||||||
|
* A new query (`rb/csrf-protection-disabled`) has been added. The query finds cases where cross-site forgery protection is explictly disabled.
|
||||||
|
|
||||||
|
### Query Metadata Changes
|
||||||
|
|
||||||
|
* The precision of "Hard-coded credentials" (`rb/hardcoded-credentials`) has been decreased from "high" to "medium". This query will no longer be run and displayed by default on Code Scanning and LGTM.
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: newQuery
|
|
||||||
tags: [lgtm,codescanning]
|
|
||||||
---
|
|
||||||
* A new query (`rb/csrf-protection-disabled`) has been added. The query finds cases where cross-site forgery protection is explictly disabled.
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: queryMetadata
|
|
||||||
tags: [lgtm, codescanning]
|
|
||||||
---
|
|
||||||
* The precision of "Hard-coded credentials" (`rb/hardcoded-credentials`) has been decreased from "high" to "medium". This query will no longer be run and displayed by default on Code Scanning and LGTM.
|
|
||||||
@@ -1,5 +0,0 @@
|
|||||||
---
|
|
||||||
category: newQuery
|
|
||||||
tags: [lgtm,codescanning]
|
|
||||||
---
|
|
||||||
* A new query (`rb/request-forgery`) has been added. The query finds HTTP requests made with user-controlled URLs.
|
|
||||||
10
ruby/ql/src/change-notes/released/0.0.4.md
Normal file
10
ruby/ql/src/change-notes/released/0.0.4.md
Normal file
@@ -0,0 +1,10 @@
|
|||||||
|
## 0.0.4
|
||||||
|
|
||||||
|
### New Queries
|
||||||
|
|
||||||
|
* A new query (`rb/request-forgery`) has been added. The query finds HTTP requests made with user-controlled URLs.
|
||||||
|
* A new query (`rb/csrf-protection-disabled`) has been added. The query finds cases where cross-site forgery protection is explictly disabled.
|
||||||
|
|
||||||
|
### Query Metadata Changes
|
||||||
|
|
||||||
|
* The precision of "Hard-coded credentials" (`rb/hardcoded-credentials`) has been decreased from "high" to "medium". This query will no longer be run and displayed by default on Code Scanning and LGTM.
|
||||||
@@ -1,2 +1,2 @@
|
|||||||
---
|
---
|
||||||
lastReleaseVersion: 0.0.3
|
lastReleaseVersion: 0.0.4
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
name: codeql/ruby-queries
|
name: codeql/ruby-queries
|
||||||
version: 0.0.3
|
version: 0.0.4
|
||||||
groups: ruby
|
groups: ruby
|
||||||
suites: codeql-suites
|
suites: codeql-suites
|
||||||
defaultSuiteFile: codeql-suites/ruby-code-scanning.qls
|
defaultSuiteFile: codeql-suites/ruby-code-scanning.qls
|
||||||
|
|||||||
Reference in New Issue
Block a user