Merge branch 'main' into post-release-prep/codeql-cli-2.8.0

2026-01-10 05:00:29 +01:00 · 2022-02-09 09:40:33 +01:00
parent b4ab86c020 3206384884
commit 9440a45015
767 changed files with 220815 additions and 38005 deletions
--- a/cpp/ql/src/change-notes/2022-01-22-cleartext-transmission.md
+++ b/cpp/ql/src/change-notes/2022-01-22-cleartext-transmission.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The "Cleartext transmission of sensitive information" (`cpp/cleartext-transmission`) query now finds more results, where a password is stored in a struct field or class member variable.
--- a/cpp/ql/src/change-notes/2022-01-25-cleartext-storage-buffer.md
+++ b/cpp/ql/src/change-notes/2022-01-25-cleartext-storage-buffer.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The `cpp/cleartext-storage-buffer` query has been updated to use the `semmle.code.cpp.dataflow.TaintTracking` library.
--- a/cpp/ql/src/change-notes/2022-01-28-cleartext-storage-file.md
+++ b/cpp/ql/src/change-notes/2022-01-28-cleartext-storage-file.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The `cpp/cleartext-storage-file` query has been improved, removing false positives where data is written to a standard output stream.
--- a/cpp/ql/src/change-notes/2022-02-22-cleartext-transmission.md
+++ b/cpp/ql/src/change-notes/2022-02-22-cleartext-transmission.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The "Cleartext transmission of sensitive information" (`cpp/cleartext-transmission`) query has been further improved to reduce false positive results, and upgraded from `medium` to `high` precision.