mirror of
https://github.com/github/codeql.git
synced 2025-12-17 09:13:20 +01:00
21 lines
1011 B
Markdown
21 lines
1011 B
Markdown
## 2.0.0
|
|
|
|
### Breaking Changes
|
|
|
|
* The Java extractor no longer supports the `SEMMLE_DIST` legacy environment variable.
|
|
|
|
### Deprecated APIs
|
|
|
|
* The predicate `isAndroid` from the module `semmle.code.java.security.AndroidCertificatePinningQuery` has been deprecated. Use `semmle.code.java.frameworks.android.Android::inAndroidApplication(File)` instead.
|
|
|
|
### New Features
|
|
|
|
* Kotlin support is now out of beta, and generally available
|
|
* Kotlin versions up to 2.0.2*x* are now supported.
|
|
|
|
### Minor Analysis Improvements
|
|
|
|
* Added a path-injection sink for `hudson.FilePath.exists()`.
|
|
* Added summary models for `org.apache.commons.io.IOUtils.toByteArray`.
|
|
* Java build-mode `none` analyses now only report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review.
|