hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 05:05:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Made changes requested by reviewers - bounded() for range checking, style and better comments

Browse Source
This commit is contained in:
aegilops
2025-11-20 11:46:42 +00:00
parent 528c451007
commit 62ee6d3a33
3 changed files with 35 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/change-notes/2025-11-17-sensitive-logging-new-sanitizers.md
View File

@@ -1,4 +1,4 @@
---
category: minorAnalysis
---
* Calls to `substring` (for Java), `take` (for Kotlin) and similar functions, when called with a fixed length less than or equal to 7, are now treated as sanitizers for the `java/sensitive-log` query.
* Operations that extract only a fixed-length prefix or suffix of a string (for example, `substring` in Java or `take` in Kotlin), when limited to a length of at most 7 characters, are now treated as sanitizers for the `java/sensitive-log` query.