hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 15:49:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
8a318ce4e741ebb90b3bec8ca493605a5282bdcf
codeql/change-notes/1.23/analysis-csharp.md
Anders Schack-Mulligen 455bb6cd15 Java/C++/C#: Add change notes.
2019-08-30 14:35:21 +02:00

1.3 KiB
Raw Blame History

Improvements to C# analysis

The following changes in version 1.23 affect C# analysis in all applications.

Changes to existing queries

Query Expected impact Change

Removal of old queries

Changes to code extraction

  • nameof expressions are now extracted correctly when the name is a namespace.

Changes to QL libraries

  • The new class NamespaceAccess models accesses to namespaces, for example in nameof expressions.
  • The data-flow library now makes it easier to specify barriers/sanitizers arising from guards by overriding the predicate isBarrierGuard/isSanitizerGuard on data-flow and taint-tracking configurations respectively.
  • The data-flow library has been extended with a new feature to aid debugging. Instead of specifying isSink(Node n) { any() } on a configuration to explore the possible flow from a source, it is recommended to use the new Configuration::hasPartialFlow predicate, as this gives a more complete picture of the partial flow paths from a given source. The feature is disabled by default and can be enabled for individual configurations by overriding int explorationLimit().

Changes to autobuilder