hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
573e53e454a809dba8929d8cb27fea1423e38598
codeql/java/ql/lib/change-notes/released/7.0.0.md
github-actions[bot] 573e53e454 Release preparation for version 2.20.4
2025-02-03 15:19:35 +00:00

1.1 KiB
Raw Blame History

7.0.0

Breaking Changes

  • Deleted the deprecated isLValue and isRValue predicates from the VarAccess class, use isVarWrite and isVarRead respectively instead.
  • Deleted the deprecated getRhs predicate from the VarWrite class, use getASource instead.
  • Deleted the deprecated LValue and RValue classes, use VarWrite and VarRead respectively instead.
  • Deleted a lot of deprecated classes ending in "*Access", use the corresponding "*Call" classes instead.
  • Deleted a lot of deprecated predicates ending in "*Access", use the corresponding "*Call" predicates instead.
  • Deleted the deprecated EnvInput and DatabaseInput classes from FlowSources.qll, use the threat models feature instead.
  • Deleted some deprecated API predicates from SensitiveApi.qll, use the Sink classes from that file instead.

Minor Analysis Improvements

  • We now allow classes which don't have any JAX-RS annotations to inherit JAX-RS annotations from superclasses or interfaces. This is not allowed in the JAX-RS specification, but some implementations, like Apache CXF, allow it. This may lead to more alerts being found.