mirror of
https://github.com/github/codeql.git
synced 2026-04-30 11:15:13 +02:00
Release preparation for version 2.11.0
This commit is contained in:
github-actions[bot]
@@ -1,3 +1,17 @@
|
||||
## 0.4.0
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Improved how the JavaScript parser handles ambiguities between plain JavaScript and dialects such as Flow and E4X that use the same file extension. The parser now prefers plain JavaScript if possible, falling back to dialects only if the source code can not be parsed as plain JavaScript. Previously, there were rare cases where parsing would fail because the parser would erroneously attempt to parse dialect-specific syntax in a regular JavaScript file.
|
||||
- The `js/regexp/always-matches` query will no longer report an empty regular expression as always
|
||||
matching, as this is often the intended behavior.
|
||||
* The alert message of many queries have been changed to make the message consistent with other languages.
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
- Fixed a bug in the `js/type-confusion-through-parameter-tampering` query that would cause it to ignore
|
||||
sanitizers in branching conditions. The query should now report fewer false positives.
|
||||
|
||||
## 0.3.4
|
||||
|
||||
## 0.3.3
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The alert message of many queries have been changed to make the message consistent with other languages.
|
||||
@@ -1,6 +0,0 @@
|
||||
---
|
||||
category: fix
|
||||
---
|
||||
|
||||
- Fixed a bug in the `js/type-confusion-through-parameter-tampering` query that would cause it to ignore
|
||||
sanitizers in branching conditions. The query should now report fewer false positives.
|
||||
@@ -1,6 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
|
||||
- The `js/regexp/always-matches` query will no longer report an empty regular expression as always
|
||||
matching, as this is often the intended behavior.
|
||||
@@ -1,4 +0,0 @@
|
||||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Improved how the JavaScript parser handles ambiguities between plain JavaScript and dialects such as Flow and E4X that use the same file extension. The parser now prefers plain JavaScript if possible, falling back to dialects only if the source code can not be parsed as plain JavaScript. Previously, there were rare cases where parsing would fail because the parser would erroneously attempt to parse dialect-specific syntax in a regular JavaScript file.
|
||||
13
javascript/ql/src/change-notes/released/0.4.0.md
Normal file
13
javascript/ql/src/change-notes/released/0.4.0.md
Normal file
@@ -0,0 +1,13 @@
|
||||
## 0.4.0
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Improved how the JavaScript parser handles ambiguities between plain JavaScript and dialects such as Flow and E4X that use the same file extension. The parser now prefers plain JavaScript if possible, falling back to dialects only if the source code can not be parsed as plain JavaScript. Previously, there were rare cases where parsing would fail because the parser would erroneously attempt to parse dialect-specific syntax in a regular JavaScript file.
|
||||
- The `js/regexp/always-matches` query will no longer report an empty regular expression as always
|
||||
matching, as this is often the intended behavior.
|
||||
* The alert message of many queries have been changed to make the message consistent with other languages.
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
- Fixed a bug in the `js/type-confusion-through-parameter-tampering` query that would cause it to ignore
|
||||
sanitizers in branching conditions. The query should now report fewer false positives.
|
||||
@@ -1,2 +1,2 @@
|
||||
---
|
||||
lastReleaseVersion: 0.3.4
|
||||
lastReleaseVersion: 0.4.0
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
name: codeql/javascript-queries
|
||||
version: 0.4.0-dev
|
||||
version: 0.4.0
|
||||
groups:
|
||||
- javascript
|
||||
- queries
|
||||
|
||||
Reference in New Issue
Block a user