mirror of
https://github.com/github/codeql.git
synced 2025-12-17 09:13:20 +01:00
21 lines
1.7 KiB
Markdown
21 lines
1.7 KiB
Markdown
## 0.6.3
|
|
|
|
### Major Analysis Improvements
|
|
|
|
* The extractor has been changed to run after the traced compiler call. This allows inspecting compiler generated files, such as the output of source generators. With this change, `.cshtml` files and their generated `.cshtml.g.cs` counterparts are extracted on dotnet 6 and above.
|
|
|
|
### Minor Analysis Improvements
|
|
|
|
* C#: Analysis of the `dotnet test` command supplied with a `dll` or `exe` file as argument no longer fails due to the addition of an erroneous `-p:SharedCompilation=false` argument.
|
|
* Deleted the deprecated `WebConfigXML`, `ConfigurationXMLElement`, `LocationXMLElement`, `SystemWebXMLElement`, `SystemWebServerXMLElement`, `CustomErrorsXMLElement`, and `HttpRuntimeXMLElement` classes from `WebConfig.qll`. The non-deprecated names with PascalCased Xml suffixes should be used instead.
|
|
* Deleted the deprecated `Record` class from both `Types.qll` and `Type.qll`.
|
|
* Deleted the deprecated `StructuralComparisonConfiguration` class from `StructuralComparison.qll`, use `sameGvn` instead.
|
|
* Deleted the deprecated `isParameterOf` predicate from the `ParameterNode` class.
|
|
* Deleted the deprecated `SafeExternalAPICallable`, `ExternalAPIDataNode`, `UntrustedDataToExternalAPIConfig`, `UntrustedExternalAPIDataNode`, and `ExternalAPIUsedWithUntrustedData` classes from `ExternalAPIsQuery.qll`. The non-deprecated names with PascalCased Api suffixes should be used instead.
|
|
* Updated the following C# sink kind names. Any custom data extensions that use these sink kinds will need to be updated accordingly in order to continue working.
|
|
* `code` to `code-injection`
|
|
* `sql` to `sql-injection`
|
|
* `html` to `html-injection`
|
|
* `xss` to `js-injection`
|
|
* `remote` to `file-content-store`
|