hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
alexet/avoid-path-node-java
codeql/java/ql/lib/change-notes/released/0.5.4.md
github-actions[bot] 462da63970 Release preparation for version 2.12.4
2023-03-03 14:11:51 +00:00

563 B
Raw Permalink Blame History

0.5.4

Minor Analysis Improvements

  • Added new sinks for java/hardcoded-credential-api-call to identify the use of hardcoded secrets in the creation and verification of JWT tokens using com.auth0.jwt. These sinks are from an experimental query submitted by @luchua.
  • The Java extractor now supports builds against JDK 20.
  • The query java/hardcoded-credential-api-call now recognizes methods that accept user and password from the SQLServerDataSource class of the Microsoft JDBC Driver for SQL Server.