hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
6484ee106e483eb3d2a0040bac9e17ef089756ab
codeql/ruby/ql/lib/change-notes/released/0.7.0.md
github-actions[bot] 6484ee106e Release preparation for version 2.14.0
2023-07-07 08:22:14 +00:00

674 B
Raw Blame History

0.7.0

Deprecated APIs

  • The Configuration taint flow configuration class from codeql.ruby.security.InsecureDownloadQuery has been deprecated. Use the Flow module instead.

Minor Analysis Improvements

  • More kinds of rack applications are now recognized.
  • Rack::Response instances are now recognized as potential responses from rack applications.
  • HTTP redirect responses from Rack applications are now recognized as a potential sink for open redirect alerts.
  • Additional sinks for rb/unsafe-deserialization have been added. This includes various methods from the yaml and plist gems, which deserialize YAML and Property List data, respectively.