lgtm,codescanning
* A new query (`rb/path-injection`) has been added. The query finds file operations using paths that derive from user input without being sanitized.