hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
dd31be43e07d901bafb543c8f65be8e9b5abb364
codeql/ruby/ql/lib/change-notes/released/0.3.1.md
github-actions[bot] d1aa0d7dd3 Release preparation for version 2.10.1
2022-07-14 08:56:03 +00:00

592 B
Raw Blame History

0.3.1

Minor Analysis Improvements

  • Fixed a bug causing every expression in the database to be considered a system-command execution sink when calls to any of the following methods exist:
    • The spawn, fspawn, popen4, pspawn, system, _pspawn methods and the backtick operator from the POSIX::spawn gem.
    • The execute_command, rake, rails_command, and git methods in Rails::Generation::Actions.
  • Improved modeling of sensitive data sources, so common words like certain and secretary are no longer considered a certificate and a secret (respectively).