codeql/2.0.0.md at codeql-cli-2.22.2 - codeql - Gitea: Git with a cup of tea

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Files

Chuan-kai Lin a5fe3f4d9c Minor changelog improvements

2024-07-22 14:34:56 -07:00

1011 B

Raw Permalink Blame History

2.0.0

Breaking Changes

The Java extractor no longer supports the SEMMLE_DIST legacy environment variable.

Deprecated APIs

The predicate isAndroid from the module semmle.code.java.security.AndroidCertificatePinningQuery has been deprecated. Use semmle.code.java.frameworks.android.Android::inAndroidApplication(File) instead.

New Features

Kotlin support is now out of beta, and generally available
Kotlin versions up to 2.0.2x are now supported.

Minor Analysis Improvements

Added a path-injection sink for hudson.FilePath.exists().
Added summary models for org.apache.commons.io.IOUtils.toByteArray.
Java build-mode none analyses now only report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review.