hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-11 20:51:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
cd73dcfb048d573d4eee428f39f741d172c22b00
codeql/java/ql/lib/change-notes/released/8.0.0.md
Henry Mercer 38fcc61817 Fix formatting in Kotlin changelog
2026-02-02 12:10:15 +00:00

1.6 KiB
Raw Blame History

8.0.0

Breaking Changes

  • Support for Kotlin 1.6.x and 1.7.x series has been dropped

New Features

  • Kotlin versions up to 2.3.0 are now supported.

Minor Analysis Improvements

  • Added support for Struts 7.x package names in the Struts framework library. The library now recognizes both the legacy com.opensymphony.xwork2 package names (Struts 2.x-6.x) and the new org.apache.struts2 package names (Struts 7.x+), maintaining backward compatibility while enabling analysis of code using the latest Struts versions.
  • The query java/unreleased-lock no longer applies to lock types with names ending in "Pool", as these typically manage a collection of resources and the lock and unlock methods typically only lock one resource at a time. This may lead to a reduction in false positives.
  • The predicate SummarizedCallable.propagatesFlow has been extended with the columns Provenance p and boolean isExact, and as a consequence the predicates SummarizedCallable.hasProvenance and SummarizedCallable.hasExactModel have been removed.
  • When Maven-compatible private package registries are configured for an organisation for Default Setup, CodeQL will now configure Maven to also use these as plugin repositories. CodeQL previously already configured Maven to use them as regular package repositories. This should now allow Maven plugins to be obtained from private registries.

Bug Fixes

  • Kotlin: The Kotlin extractor now registers as the last IR generation extension, ensuring that code generated by other compiler plugins (such as kotlinx.serialization) is correctly captured.