hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
alexet/avoid-path-node-java
codeql/ruby/ql/lib/change-notes/released/0.3.1.md
github-actions[bot] d1aa0d7dd3 Release preparation for version 2.10.1
2022-07-14 08:56:03 +00:00

9 lines
592 B
Markdown
Raw Permalink Blame History

## 0.3.1
### Minor Analysis Improvements
* Fixed a bug causing every expression in the database to be considered a system-command execution sink when calls to any of the following methods exist:
* The `spawn`, `fspawn`, `popen4`, `pspawn`, `system`, `_pspawn` methods and the backtick operator from the `POSIX::spawn` gem.
* The `execute_command`, `rake`, `rails_command`, and `git` methods in `Rails::Generation::Actions`.
* Improved modeling of sensitive data sources, so common words like `certain` and `secretary` are no longer considered a certificate and a secret (respectively).
Reference in New Issue View Git Blame Copy Permalink