mirror of
https://github.com/github/codeql.git
synced 2025-12-20 18:56:32 +01:00
11 lines
972 B
Markdown
11 lines
972 B
Markdown
## 1.1.2
|
|
|
|
### Minor Analysis Improvements
|
|
|
|
* DataFlow queries which previously used `RemoteFlowSource` to define their sources have been modified to instead use `ThreatModelFlowSource`. This means these queries will now respect threat model configurations. The default threat model configuration is equivalent to `RemoteFlowSource`, so there should be no change in results for users using the default.
|
|
* Added the `ThreatModelFlowSource` class to `FlowSources.qll`. The `ThreatModelFlowSource` class can be used to include sources which match the current *threat model* configuration. This is the first step in supporting threat modeling for Go.
|
|
|
|
### Bug Fixes
|
|
|
|
* Fixed dataflow via global variables other than via a direct write: for example, via a side-effect on a global, such as `io.copy(SomeGlobal, ...)` or via assignment to a field or array or slice cell of a global. This means that any data-flow query may return more results where global variables are involved.
|