codeql/0.1.1.md at 66eaeebd1e690f2cbff2166f464d5ccb825acf87

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2026-06-25 14:47:04 +02:00

Files

github-actions[bot] 8e4cf190e9 Release preparation for version 2.9.1

2022-04-28 11:59:05 +00:00

0.1.1

Added a new query, rb/insecure-download. The query finds cases where executables and other sensitive files are downloaded over an insecure connection, which may allow for man-in-the-middle attacks.
Added a new query, rb/regex/missing-regexp-anchor, which finds regular expressions which are improperly anchored. Validations using such expressions are at risk of being bypassed.
Added a new query, rb/incomplete-sanitization. The query finds string transformations that do not replace or escape all occurrences of a meta-character.