hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 20:26:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Release preparation for version 2.9.0

Browse Source
This commit is contained in:
github-actions[bot]
2022-04-21 14:49:00 +00:00
parent b6309c9db0
commit eeaf233c29
85 changed files with 275 additions and 160 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
ruby/ql/src/change-notes/released/0.1.0.md Normal file
View File

@@ -0,0 +1,9 @@
## 0.1.0
### New Queries
* Added a new query, `rb/insecure-dependency`. The query finds cases where Ruby gems may be downloaded over an insecure communication channel.
* Added a new query, `rb/weak-cryptographic-algorithm`. The query finds uses of cryptographic algorithms that are known to be weak, such as DES.
* Added a new query, `rb/http-tainted-format-string`. The query finds cases where data from remote user input is used in a string formatting method in a way that allows arbitrary format specifiers to be inserted.
* Added a new query, `rb/http-to-file-access`. The query finds cases where data from remote user input is written to a file.
* Added a new query, `rb/incomplete-url-substring-sanitization`. The query finds instances where a URL is incompletely sanitized due to insufficient checks.