lgtm,codescanning
* A new query (`rb/request-forgery`) has been added. The query finds HTTP requests made with user-controlled URLs.