hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 05:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Release preparation for version 2.9.2

Browse Source
This commit is contained in:
github-actions[bot]
2022-05-12 10:17:28 +00:00
parent e0c74d4390
commit ee9980b31c
74 changed files with 268 additions and 127 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
java/ql/src/change-notes/released/0.1.2.md Normal file
View File

@@ -0,0 +1,12 @@
## 0.1.2
### Query Metadata Changes
* Query `java/predictable-seed` now has a tag for CWE-337.
### Minor Analysis Improvements
* Query `java/insecure-cookie` now tolerates setting a cookie's secure flag to `request.isSecure()`. This means servlets that intentionally accept unencrypted connections will no longer raise an alert.
* The query `java/non-https-urls` has been simplified
and no longer requires its sinks to be `MethodAccess`es.
* The logic to detect `WebView`s with JavaScript (and optionally file access) enabled in the query `java/android/unsafe-android-webview-fetch` has been improved.