## 0.4.3

### New Queries

* Added a new query, `js/second-order-command-line-injection`, to detect shell
  commands that may execute arbitrary code when the user has control over 
  the arguments to a command-line program.
  This currently flags up unsafe invocations of git and hg.

### Minor Analysis Improvements

* Added sources for user defined path and query parameters in `Next.js`.
* The alert message of many queries have been changed to better follow the style guide and make the message consistent with other languages.