Merge branch 'main' into atorralba/promote-unsafe-android-webview-fetch

2026-04-27 09:45:15 +02:00 · 2021-07-20 17:30:56 +02:00
parent 1014400a08 5a489a386a
commit 99e66cffa2
2246 changed files with 205894 additions and 30303 deletions
--- a/java/change-notes/2021-04-02-add-spring-validation-errors.md
+++ b/java/change-notes/2021-04-02-add-spring-validation-errors.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Added additional taint steps modeling the Spring `validation.Errors` class (`org.springframework.validation.Errors`).
--- a/java/change-notes/2021-05-11-apache-tuples.md
+++ b/java/change-notes/2021-05-11-apache-tuples.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Added models for the Apache Commons Lang tuple types (Pair, Triple and their immutable and mutable implementations). This may lead to more results from any query using data-flow analysis where a relevant path uses one of these container types.
--- a/java/change-notes/2021-05-31-add-spring-stringutils.md
+++ b/java/change-notes/2021-05-31-add-spring-stringutils.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Added additional taint steps modeling the Spring `util` package (`org.springframework.util`).
--- a/java/change-notes/2021-06-08-spring-http.md
+++ b/java/change-notes/2021-06-08-spring-http.md
@@ -0,0 +1,3 @@
+lgtm,codescanning
+* Additional flow steps in the `org.springframework.http` package of the Spring framework have been modelled. 
+  This may result in additional results for security queries on projects using this framework.
--- a/java/change-notes/2021-06-08-spring-propertyvalues.md
+++ b/java/change-notes/2021-06-08-spring-propertyvalues.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Added additional taint steps modeling the Spring classes `PropertyValue`, `PropertyValues` and `MutablePropertyValues`. (`org.springframework.beans.*`).
--- a/java/change-notes/2021-06-18-apache-mutable.md
+++ b/java/change-notes/2021-06-18-apache-mutable.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Added models for the Apache Commons Lang Mutable types. This may lead to more results from any query using data-flow analysis where a relevant path uses one of these container types.
--- a/java/change-notes/2021-06-22-util-optional.md
+++ b/java/change-notes/2021-06-22-util-optional.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Models for java.util.Optional added. This may lead to more results whenever a data-flow path involves this type.
--- a/java/change-notes/2021-06-23-generic-type-names.md
+++ b/java/change-notes/2021-06-23-generic-type-names.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Static inner classes and static methods' enclosing and declaring types are now unbound rather than raw types. This means that, for example, Map.Entry's name is now `Map$Entry` not `Map<>$Entry` as before. This may impact custom queries that explicitly named these types.
--- a/java/change-notes/2021-06-24-dataflow-implicit-reads.md
+++ b/java/change-notes/2021-06-24-dataflow-implicit-reads.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* The DataFlow libraries have been augmented with support for `Configuration`-specific in-place read steps at, for example, sinks and custom taint steps. This means that it is now possible to specify sinks that accept flow with non-empty access paths.
--- a/java/change-notes/2021-06-25-apache-collections-maputils-keyvalue.md
+++ b/java/change-notes/2021-06-25-apache-collections-maputils-keyvalue.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Added models for  the package `keyvalue` and the classes `KeyValue` and `MapUtils` from Apache Commons Collections. This may lead to more results from any query using data-flow analysis where a relevant path uses one of these container types.
--- a/java/change-notes/2021-06-29-javax-json-models.md
+++ b/java/change-notes/2021-06-29-javax-json-models.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Added models of `javax.json` classes and methods. This may lead to more results where tracking tainted dataflow across JSON encoding or decoding is needed to diagnose a security or other issue.
--- a/java/change-notes/2021-07-01-spring-collections.md
+++ b/java/change-notes/2021-07-01-spring-collections.md
@@ -0,0 +1,4 @@
+lgtm,codescanning
+* Additional flow steps in the `org.springframework.ui`, and `org.springframework.cache` packages of
+  the Spring framework have been modelled.  This may result in additional results for security
+  queries on projects using this framework.
--- a/java/change-notes/2021-07-01-spring-webmultipart.md
+++ b/java/change-notes/2021-07-01-spring-webmultipart.md
@@ -0,0 +1,4 @@
+lgtm,codescanning
+* Additional flow steps in the `org.springframework.web.multipart` package of the Spring framework
+  have been modelled.  This may result in additional results for security queries on projects using
+  this framework.
--- a/java/change-notes/2021-07-01-url-classloader-reactive-webclient.md
+++ b/java/change-notes/2021-07-01-url-classloader-reactive-webclient.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Added support for two new APIs susceptible to server-side request forgery (SSRF): using a `URLClassLoader`, and using Spring Web Reactive's `WebClient`.
--- a/java/change-notes/2021-07-02-split-queries.md
+++ b/java/change-notes/2021-07-02-split-queries.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* Library `semmle.code.java.security.Random` is split into `RandomQuery`, for use by randomness-related queries, and `RandomValueSource`, for use by libraries wishing to augment the built-in set of random value sources. Any code importing `Random` will need changing to import one or other of these.
--- a/java/change-notes/2021-07-14-spring-jdbc.md
+++ b/java/change-notes/2021-07-14-spring-jdbc.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* SQL-injection vulnerabilities relating to the `org.springframework.jdbc.object` are now recognised.