hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 12:45:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Release preparation for version 2.24.0

Browse Source
This commit is contained in:
github-actions[bot]
2026-01-19 14:49:14 +00:00
parent bedb80346a
commit 4142b9c4ce
218 changed files with 587 additions and 316 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
java/ql/lib/CHANGELOG.md
View File

@@ -1,3 +1,13 @@
## 7.8.4
### Minor Analysis Improvements
* When a code-scanning configuration specifies the `paths:` and/or `paths-ignore:` settings, these are now taken into account by the Java extractor's search for XML and properties files.
* Additional remote flow sources from the `org.springframework.web.socket` package have been modeled.
* A sanitizer has been added to `java/ssrf` to remove alerts when a regular expression check is used to verify that the value is safe.
* URI template variables of all Spring `RestTemplate` methods are now considered as request forgery sinks. Previously only the `getForObject` method was considered. This may lead to more alerts for the query `java/ssrf`.
* Added more dataflow models of `org.apache.commons.fileupload.FileItem`, `javax/jakarta.servlet.http.Part` and `org.apache.commons.fileupload.util.Streams`.
## 7.8.3
No user-facing changes.