mirror of
https://github.com/github/codeql.git
synced 2026-04-29 02:35:15 +02:00
49bbfc3f4b
I also drop the previous approach of taint-tracking through various builder objects in favour of assuming that a URI set in a request-builder object is highly likely to end up requested in some way or another. This will cause the `java/non-https-url` query to pick the new sinks up too, and fixes a Spring case that had never worked but went unnoticed until now.