mirror of
https://github.com/github/codeql.git
synced 2025-12-18 01:33:15 +01:00
13 lines
919 B
Markdown
13 lines
919 B
Markdown
## 4.0.0
|
|
|
|
### Breaking Changes
|
|
|
|
* Deleted the deprecated `describeBitSize` predicate from `IncorrectIntegerConversionLib.qll`
|
|
|
|
### Minor Analysis Improvements
|
|
|
|
* Models-as-data models using "Parameter", "Parameter[n]" or "Parameter[n1..n2]" as the output now work correctly.
|
|
* By implementing `ImplicitFieldReadNode` it is now possible to declare a dataflow node that reads any content (fields, array members, map keys and values). For example, this is appropriate for modelling a serialization method that flattens a potentially deep data structure into a string or byte array.
|
|
* The `Template.Execute[Template]` methods of the `text/template` package now correctly convey taint from any nested fields to their result. This may produce more results from any taint-tracking query when the `text/template` package is in use.
|
|
* Added the [rs cors](https://github.com/rs/cors) library to the CorsMisconfiguration.ql query
|