codeql/0.8.3.md at codeql-cli-2.20.2

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00

Files

github-actions[bot] 6ec9b95072 Release preparation for version 2.15.3

2023-11-16 13:07:16 +00:00

0.8.3

In SensitiveApi.qll, javaApiCallablePasswordParam, javaApiCallableUsernameParam, javaApiCallableCryptoKeyParam, and otherApiCallableCredentialParam predicates have been deprecated. They have been replaced with a new class CredentialsSinkNode and its child classes PasswordSink, UsernameSink, and CryptoKeySink. The predicates have been changed to using the new classes, so there may be minor changes in results relying on these predicates.

The types java.util.SequencedCollection, SequencedSet and SequencedMap, as well as the related Collections.unmodifiableSequenced* methods are now modelled. This means alerts may be raised relating to data flow through these types and methods.