hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
573e53e454a809dba8929d8cb27fea1423e38598
codeql/go/ql/lib/change-notes/released/4.0.0.md
github-actions[bot] 573e53e454 Release preparation for version 2.20.4
2025-02-03 15:19:35 +00:00

919 B
Raw Blame History

4.0.0

Breaking Changes

  • Deleted the deprecated describeBitSize predicate from IncorrectIntegerConversionLib.qll

Minor Analysis Improvements

  • Models-as-data models using "Parameter", "Parameter[n]" or "Parameter[n1..n2]" as the output now work correctly.
  • By implementing ImplicitFieldReadNode it is now possible to declare a dataflow node that reads any content (fields, array members, map keys and values). For example, this is appropriate for modelling a serialization method that flattens a potentially deep data structure into a string or byte array.
  • The Template.Execute[Template] methods of the text/template package now correctly convey taint from any nested fields to their result. This may produce more results from any taint-tracking query when the text/template package is in use.
  • Added the rs cors library to the CorsMisconfiguration.ql query