codeql/0.2.4.md at main

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2026-02-12 13:11:20 +01:00

Files

Jon Janego 1c5a9053f9 Fix typo in call graph description in change notes

2026-01-27 09:17:40 -06:00

0.2.4

The Deref trait is now considered during method resolution. This means that method calls on receivers implementing the Deref trait will correctly resolve to methods defined on the target type. This may result in additional query results, especially for data flow queries.
Renamed the Adt class to TypeItem and moved common predicates from Struct, Enum, and Union to TypeItem.
Added models for the Axum web application framework.
Reading content of a value now carries taint if the value itself is tainted. For instance, if s is tainted then s.field is also tainted. This generally improves taint flow.
The call graph is now more precise for calls that target a trait function with a default implementation. This reduces the number of false positives for data flow queries.
Improved type inference for raw pointers (*const and *mut). This includes type inference for the raw borrow operators (&raw const and &raw mut) and dereferencing of raw pointers.