hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Release preparation for version 2.21.0

Browse Source
This commit is contained in:
github-actions[bot]
2025-03-31 17:35:15 +00:00
parent c89c403e0e
commit 84f6564cc0
203 changed files with 562 additions and 309 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
javascript/ql/lib/change-notes/2025-02-17-typescript-5-8.md
View File

@@ -1,4 +0,0 @@
---
category: majorAnalysis
---
* Added support for TypeScript 5.8.

4
javascript/ql/lib/change-notes/2025-02-25-react-relay.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Added support for the `react-relay` library.

7
javascript/ql/lib/change-notes/2025-03-03-regex-v.md
View File

@@ -1,7 +0,0 @@
---
category: feature
---
* Extraction now supports regular expressions with the `v` flag, using the new operators:
- Intersection `&&`
- Subtraction `--`
- `\q` quoted string

4
javascript/ql/lib/change-notes/2025-03-10-js-refactor-markdown-table.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Improved the modeling of the `markdown-table` package to ensure it handles nested arrays properly.

5
javascript/ql/lib/change-notes/2025-03-11-tanstack-angular.md
View File

@@ -1,5 +0,0 @@
---
category: minorAnalysis
---
* Added support for the `@tanstack/angular-query-experimental` package.
* Improved support for the `@angular/common/http` package, detecting outgoing HTTP requests in more cases.

4
javascript/ql/lib/change-notes/2025-03-13-tanstack-vue.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Added support for the `@tanstack/vue-query` package.

4
javascript/ql/lib/change-notes/2025-03-13-unescape.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Added taint-steps for `unescape()`.

4
javascript/ql/lib/change-notes/2025-03-14-escape.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Added additional flow step for `unescape()` and `escape()`.

4
javascript/ql/lib/change-notes/2025-03-17-underscore-string.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Added support for the `underscore.string` package.

4
javascript/ql/lib/change-notes/2025-03-20-apollo-server.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Added support for the `ApolloServer` class from `@apollo/server` and similar packages. In particular, the incoming data in a GraphQL resolver is now seen as a source of untrusted user input.

4
javascript/ql/lib/change-notes/2025-03-20-superagent.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Improved support for `superagent` to handle the case where the package is directly called as a function, or via the `.del()` or `.agent()` method.

4
javascript/ql/lib/change-notes/2025-03-24-axios-additional-methods.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Enhanced `axios` support with new methods (`postForm`, `putForm`, `patchForm`, `getUri`, `create`) and added support for `interceptors.request` and `interceptors.response`.

4
javascript/ql/lib/change-notes/2025-03-24-got-package.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Improved support for `got` package with `Options`, `paginate()` and `extend()`

4
javascript/ql/lib/change-notes/2025-03-26-Hapi.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Added support for the newer version of `Hapi` with the `@hapi/hapi` import and `server` function.

4
javascript/ql/lib/change-notes/2025-03-26-async-fileRead.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Improved modeling of the `node:fs` module: `await`-ed calls to `read` and `readFile` are now supported.

4
javascript/ql/lib/change-notes/2025-03-26-hana-db-client.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Added support for the `@sap/hana-client`, `@sap/hdbext` and `hdb` packages.

4
javascript/ql/lib/change-notes/2025-03-28-fs-extra.md
View File

@@ -1,4 +0,0 @@
---
category: minorAnalysis
---
* Added support for additional `fs-extra` methods as sinks in path-injection queries.

31
javascript/ql/lib/change-notes/released/2.6.0.md Normal file
View File

@@ -0,0 +1,31 @@
## 2.6.0
### New Features
* Extraction now supports regular expressions with the `v` flag, using the new operators:
- Intersection `&&`
- Subtraction `--`
- `\q` quoted string
### Major Analysis Improvements
* Added support for TypeScript 5.8.
### Minor Analysis Improvements
* Added support for additional `fs-extra` methods as sinks in path-injection queries.
* Added support for the newer version of `Hapi` with the `@hapi/hapi` import and `server` function.
* Improved modeling of the `node:fs` module: `await`-ed calls to `read` and `readFile` are now supported.
* Added support for the `@sap/hana-client`, `@sap/hdbext` and `hdb` packages.
* Enhanced `axios` support with new methods (`postForm`, `putForm`, `patchForm`, `getUri`, `create`) and added support for `interceptors.request` and `interceptors.response`.
* Improved support for `got` package with `Options`, `paginate()` and `extend()`
* Added support for the `ApolloServer` class from `@apollo/server` and similar packages. In particular, the incoming data in a GraphQL resolver is now seen as a source of untrusted user input.
* Improved support for `superagent` to handle the case where the package is directly called as a function, or via the `.del()` or `.agent()` method.
* Added support for the `underscore.string` package.
* Added additional flow step for `unescape()` and `escape()`.
* Added support for the `@tanstack/vue-query` package.
* Added taint-steps for `unescape()`.
* Added support for the `@tanstack/angular-query-experimental` package.
* Improved support for the `@angular/common/http` package, detecting outgoing HTTP requests in more cases.
* Improved the modeling of the `markdown-table` package to ensure it handles nested arrays properly.
* Added support for the `react-relay` library.