mirror of
https://github.com/github/codeql.git
synced 2025-12-17 17:23:36 +01:00
21 lines
1.2 KiB
Markdown
21 lines
1.2 KiB
Markdown
## 0.5.0
|
|
|
|
### Breaking Changes
|
|
|
|
The predicates in the `MustFlow::Configuration` class used by the `MustFlow` library (`semmle.code.cpp.ir.dataflow.MustFlow`) have changed to be defined directly in terms of the C++ IR instead of IR dataflow nodes.
|
|
|
|
### Deprecated APIs
|
|
|
|
* Deprecated `semmle.code.cpp.ir.dataflow.DefaultTaintTracking`. Use `semmle.code.cpp.ir.dataflow.TaintTracking`.
|
|
* Deprecated `semmle.code.cpp.security.TaintTrackingImpl`. Use `semmle.code.cpp.ir.dataflow.TaintTracking`.
|
|
* Deprecated `semmle.code.cpp.valuenumbering.GlobalValueNumberingImpl`. Use `semmle.code.cpp.valuenumbering.GlobalValueNumbering`, which exposes the same API.
|
|
|
|
### Minor Analysis Improvements
|
|
|
|
* The `ArgvSource` flow source now uses the second parameter of `main` as its source instead of the uses of this parameter.
|
|
* The `ArgvSource` flow source has been generalized to handle cases where the argument vector of `main` is not named `argv`.
|
|
* The `getaddrinfo` function is now recognized as a flow source.
|
|
* The `secure_getenv` and `_wgetenv` functions are now recognized as local flow sources.
|
|
* The `scanf` and `fscanf` functions and their variants are now recognized as flow sources.
|
|
* Deleted the deprecated `getName` and `getShortName` predicates from the `Folder` class.
|