codeql/cpp/ql/src/change-notes/released/0.1.0.md

0.1.0

Minor Analysis Improvements

• The cpp/cleartext-transmission query now recognizes additional sources, for sensitive private data such as e-mail addresses and credit card numbers.
• The cpp/unused-local-variable no longer ignores functions that include lambda expressions capturing trivially copyable objects.
• The cpp/command-line-injection query now takes into account calling contexts across string concatenations. This removes false positives due to mismatched calling contexts before and after string concatenations.
• A new query, "Potential exposure of sensitive system data to an unauthorized control sphere" (cpp/potential-system-data-exposure) has been added. This query is focused on exposure of information that is highly likely to be sensitive, whereas the similar query "Exposure of system data to an unauthorized control sphere" (cpp/system-data-exposure) is focused on exposure of information on a channel that is more likely to be intercepted by an attacker.