codeql/2.8.0.md at 52acaec03d3f5a331bd91f9896892dcfd6fa9a80

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2026-06-28 08:07:04 +02:00

Files

github-actions[bot] 237c5639e2 Release preparation for version 2.26.0

2026-06-25 15:27:00 +00:00

2.8.0

Added UseMemoDirective and UseNoMemoDirective classes to model the React compiler directives "use memo" and "use no memo".

Added more prompt-injection sinks for the OpenAI, Anthropic, and Google GenAI SDKs: OpenAI videos.create/edit/extend/remix (Sora) prompts and beta.realtime.sessions.create instructions, Anthropic legacy completions.create prompts, and Google GenAI caches.create cached contents and system instructions.
The OpenAI legacy completions.create prompt is now treated as a user-prompt-injection sink instead of a system-prompt-injection sink, since the legacy /v1/completions endpoint takes a single free-form prompt with no role separation.