hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Release preparation for version 2.12.0

Browse Source
This commit is contained in:
github-actions[bot]
2023-01-05 16:32:14 +00:00
parent f58ec799dd
commit b6a8193785
163 changed files with 521 additions and 377 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
python/ql/src/change-notes/released/0.6.0.md Normal file
View File

@@ -0,0 +1,7 @@
## 0.6.0
### Minor Analysis Improvements
* The `analysis/AlertSuppression.ql` query has moved to the root folder. Users that refer to this query by path should update their configurations. The query has been updated to support the new `# codeql[query-id]` supression comments. These comments can be used to suppress an alert and must be placed on a blank line before the alert. In addition the legacy `# lgtm` and `# lgtm[query-id]` comments can now also be place on the line before an alert.
* Bumped the minimum keysize we consider secure for elliptic curve cryptography from 224 to 256 bits, following current best practices. This might effect results from the _Use of weak cryptographic key_ (`py/weak-crypto-key`) query.
* Added modeling of `getpass.getpass` as a source of passwords, which will be an additional source for `py/clear-text-logging-sensitive-data`, `py/clear-text-storage-sensitive-data`, and `py/weak-sensitive-data-hashing`.