Merge pull request #20532 from github/coadaflorin/changelog-fixes

Update changelog for CodeQL CLI 2.23.1
2025-12-16 16:53:25 +01:00 · 2025-09-26 14:21:21 +01:00
parent f4388c80d0 5a0bae27ac
commit ba07daa50a
1 changed files with 2 additions and 2 deletions
--- a/docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.23.1.rst
+++ b/docs/codeql/codeql-overview/codeql-changelog/codeql-cli-2.23.1.rst
@@ -88,7 +88,7 @@ JavaScript/TypeScript
 *   Data flow is now tracked through the :code:`Promise.try` and :code:`Array.prototype.with` functions.
 *   Query :code:`js/index-out-of-bounds` no longer produces a false-positive when a strictly-less-than check overrides a previous less-than-or-equal test.
 *   The query :code:`js/remote-property-injection` now detects property injection vulnerabilities through object enumeration patterns such as :code:`Object.keys()`.
-*   The query "Permissive CORS configuration" (:code:`js/cors-permissive-configuration`) has been promoted from experimental and is now part of the default security suite.
+*   The query "Permissive CORS configuration" (:code:`js/cors-permissive-configuration`) has been promoted from experimental and is now part of the default security suite. Thank you to @maikypedia who `submitted the original experimental query <https://github.com/github/codeql/pull/14342>`__!

 Python
 """"""
@@ -126,7 +126,7 @@ Golang
 """"""

 *   The second argument of the :code:`CreateTemp` function, from the :code:`os` package, is no longer a path-injection sink due to proper sanitization by Go.
-*   The query "Uncontrolled data used in path expression" (:code:`go/path-injection`) now detects sanitizing a path by adding :code:`os.PathSeparator` or :code:``\`` to the beginning.
+*   The query "Uncontrolled data used in path expression" (:code:`go/path-injection`) now detects sanitizing a path by adding :code:`os.PathSeparator` or ``\`` to the beginning.

 Java/Kotlin
 """""""""""