hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-19 05:54:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add change note

Browse Source
This commit is contained in:
Chris Smowton
2022-10-28 15:47:04 +01:00
parent 5c66d87ed6
commit 6d321e0151
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
go/ql/src/change-notes/2022-10-28-protobuf-cleartext-logging.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Query `go/clear-text-logging` now excludes `GetX` methods of protobuf `Message` structs, except where taint is specifically known to belong to the right field. This is to avoid FPs where taint is written to one field and then spuriously read from another.