hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 08:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Release preparation for version 2.14.0

Browse Source
This commit is contained in:
github-actions[bot]
2023-07-07 08:22:14 +00:00
parent 139585fe5c
commit 6484ee106e
138 changed files with 443 additions and 216 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
java/ql/src/CHANGELOG.md
View File

@@ -1,3 +1,14 @@
## 0.7.0
### Minor Analysis Improvements
* New models have been added for `org.apache.commons.lang`.
* The query `java/unsafe-deserialization` has been updated to take into account `SerialKiller`, a library used to prevent deserialization of arbitrary classes.
### Bug Fixes
* The query "Arbitrary file write during archive extraction ("Zip Slip")" (`java/zipslip`) has been renamed to "Arbitrary file access during archive extraction ("Zip Slip")."
## 0.6.4
No user-facing changes.

4
java/ql/src/change-notes/2023-06-02-unsafe-deserialization-serialkiller.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* The query `java/unsafe-deserialization` has been updated to take into account `SerialKiller`, a library used to prevent deserialization of arbitrary classes.

4
java/ql/src/change-notes/2023-06-16-zipslip-rename.md
View File

@@ -1,4 +0,0 @@
---
category: fix
---
* The query "Arbitrary file write during archive extraction ("Zip Slip")" (`java/zipslip`) has been renamed to "Arbitrary file access during archive extraction ("Zip Slip")."

4
java/ql/src/change-notes/2023-06-23-apache-commons-lang.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* New models have been added for `org.apache.commons.lang`.

10
java/ql/src/change-notes/released/0.7.0.md Normal file
View File

@@ -0,0 +1,10 @@
## 0.7.0
### Minor Analysis Improvements
* New models have been added for `org.apache.commons.lang`.
* The query `java/unsafe-deserialization` has been updated to take into account `SerialKiller`, a library used to prevent deserialization of arbitrary classes.
### Bug Fixes
* The query "Arbitrary file write during archive extraction ("Zip Slip")" (`java/zipslip`) has been renamed to "Arbitrary file access during archive extraction ("Zip Slip")."

2
java/ql/src/codeql-pack.release.yml
View File

@@ -1,2 +1,2 @@
---
lastReleaseVersion: 0.6.4
lastReleaseVersion: 0.7.0

2
java/ql/src/qlpack.yml
View File

@@ -1,5 +1,5 @@
name: codeql/java-queries
version: 0.7.0-dev
version: 0.7.0
groups:
- java
- queries