mirror of
https://github.com/github/codeql.git
synced 2025-12-18 01:33:15 +01:00
9 lines
558 B
Markdown
9 lines
558 B
Markdown
## 0.4.3
|
|
|
|
### Minor Analysis Improvements
|
|
|
|
* There was a bug in `TaintTracking::localTaint` and `TaintTracking::localTaintStep` such that they only tracked non-value-preserving flow steps. They have been fixed and now also include value-preserving steps.
|
|
* Instantiations using `Faraday::Connection.new` are now recognized as part of `FaradayHttpRequest`s, meaning they will be considered as sinks for queries such as `rb/request-forgery`.
|
|
* Taint flow is now tracked through extension methods on `Hash`, `String` and
|
|
`Object` provided by `ActiveSupport`.
|