mirror of
https://github.com/github/codeql.git
synced 2025-12-22 11:46:32 +01:00
Release preparation for version 2.13.4
This commit is contained in:
github-actions[bot]
@@ -1,3 +1,23 @@
|
||||
## 0.6.3
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* Added support for TypeScript 5.1.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Deleted many deprecated predicates and classes with uppercase `XML`, `JSON`, `URL`, `API`, etc. in their names. Use the PascalCased versions instead.
|
||||
* Deleted the deprecated `localTaintStep` predicate from `DataFlow.qll`.
|
||||
* Deleted the deprecated `stringStep`, and `localTaintStep` predicates from `TaintTracking.qll`.
|
||||
* Deleted many modules that started with a lowercase letter. Use the versions that start with an uppercase letter instead.
|
||||
* Deleted the deprecated `HtmlInjectionConfiguration` and `JQueryHtmlOrSelectorInjectionConfiguration` classes from `DomBasedXssQuery.qll`, use `Configuration` instead.
|
||||
* Deleted the deprecated `DefiningIdentifier` class and the `Definitions.qll` file it was in. Use `SsaDefinition` instead.
|
||||
* Deleted the deprecated `definitionReaches`, `localDefinitionReaches`, `getAPseudoDefinitionInput`, `nextDefAfter`, and `localDefinitionOverwrites` predicates from `DefUse.qll`.
|
||||
* Updated the following JavaScript sink kind names. Any custom data extensions that use these sink kinds will need to be updated accordingly in order to continue working.
|
||||
* `command-line-injection` to `command-injection`
|
||||
* `credentials[kind]` to `credentials-kind`
|
||||
- Added a support of sub modules in `node_modules`.
|
||||
|
||||
## 0.6.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: majorAnalysis
|
||||
---
|
||||
* Added support for TypeScript 5.1.
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
|
||||
- Added a support of sub modules in `node_modules`.
|
||||
@@ -1,6 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Updated the following JavaScript sink kind names. Any custom data extensions that use these sink kinds will need to be updated accordingly in order to continue working.
|
||||
* `command-line-injection` to `command-injection`
|
||||
* `credentials[kind]` to `credentials-kind`
|
||||
@@ -1,10 +1,19 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 0.6.3
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* Added support for TypeScript 5.1.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Deleted many deprecated predicates and classes with uppercase `XML`, `JSON`, `URL`, `API`, etc. in their names. Use the PascalCased versions instead.
|
||||
* Deleted the deprecated `localTaintStep` predicate from `DataFlow.qll`.
|
||||
* Deleted the deprecated `stringStep`, and `localTaintStep` predicates from `TaintTracking.qll`.
|
||||
* Deleted many modules that started with a lowercase letter. Use the versions that start with an uppercase letter instead.
|
||||
* Deleted the deprecated `HtmlInjectionConfiguration` and `JQueryHtmlOrSelectorInjectionConfiguration` classes from `DomBasedXssQuery.qll`, use `Configuration` instead.
|
||||
* Deleted the deprecated `DefiningIdentifier` class and the `Definitions.qll` file it was in. Use `SsaDefinition` instead.
|
||||
* Deleted the deprecated `definitionReaches`, `localDefinitionReaches`, `getAPseudoDefinitionInput`, `nextDefAfter`, and `localDefinitionOverwrites` predicates from `DefUse.qll`.
|
||||
* Deleted the deprecated `definitionReaches`, `localDefinitionReaches`, `getAPseudoDefinitionInput`, `nextDefAfter`, and `localDefinitionOverwrites` predicates from `DefUse.qll`.
|
||||
* Updated the following JavaScript sink kind names. Any custom data extensions that use these sink kinds will need to be updated accordingly in order to continue working.
|
||||
* `command-line-injection` to `command-injection`
|
||||
* `credentials[kind]` to `credentials-kind`
|
||||
- Added a support of sub modules in `node_modules`.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.6.2
|
||||
lastReleaseVersion: 0.6.3
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-all
|
||||
version: 0.6.3-dev
|
||||
version: 0.6.3
|
||||
groups: javascript
|
||||
dbscheme: semmlecode.javascript.dbscheme
|
||||
extractor: javascript
|
||||
|
||||
@@ -1,3 +1,11 @@
|
||||
## 0.6.3
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Fixed an issue where calls to a method named `search` would lead to false positive alerts related to regular expressions.
|
||||
This happened when the call was incorrectly seen as a call to `String.prototype.search`, since this function converts its first argument
|
||||
to a regular expression. The analysis is now more restrictive about when to treat `search` calls as regular expression sinks.
|
||||
|
||||
## 0.6.2
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 0.6.3
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Fixed an issue where calls to a method named `search` would lead to false positive alerts related to regular expressions.
|
||||
This happened when the call was incorrectly seen as a call to `String.prototype.search`, since this function converts its first argument
|
||||
to a regular expression. The analysis is now more restrictive about when to treat `search` calls as regular expression sinks.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.6.2
|
||||
lastReleaseVersion: 0.6.3
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-queries
|
||||
version: 0.6.3-dev
|
||||
version: 0.6.3
|
||||
groups:
|
||||
- javascript
|
||||
- queries
|
||||
|
||||
Reference in New Issue
Block a user