mirror of
https://github.com/github/codeql.git
synced 2025-12-17 17:23:36 +01:00
8 lines
563 B
Markdown
8 lines
563 B
Markdown
## 0.5.4
|
|
|
|
### Minor Analysis Improvements
|
|
|
|
* Added new sinks for `java/hardcoded-credential-api-call` to identify the use of hardcoded secrets in the creation and verification of JWT tokens using `com.auth0.jwt`. These sinks are from [an experimental query submitted by @luchua](https://github.com/github/codeql/pull/9036).
|
|
* The Java extractor now supports builds against JDK 20.
|
|
* The query `java/hardcoded-credential-api-call` now recognizes methods that accept user and password from the SQLServerDataSource class of the Microsoft JDBC Driver for SQL Server.
|