hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
dd31be43e07d901bafb543c8f65be8e9b5abb364
codeql/ruby/ql/lib/change-notes/released/0.4.0.md
github-actions[bot] f5cf8cffa3 Release preparation for version 2.11.0
2022-09-22 20:14:12 +00:00

1.1 KiB
Raw Blame History

0.4.0

Breaking Changes

  • import ruby no longer brings the standard Ruby AST library into scope; it instead brings a module Ast into scope, which must be imported. Alternatively, it is also possible to import codeql.ruby.AST.
  • Changed the HTTP::Client::Request concept from using MethodCall as base class, to using DataFlow::Node as base class. Any class that extends HTTP::Client::Request::Range must be changed, but if you only use the member predicates of HTTP::Client::Request, no changes are required.

Deprecated APIs

  • Some classes/modules with upper-case acronyms in their name have been renamed to follow our style-guide. The old name still exists as a deprecated alias.

Minor Analysis Improvements

  • Uses of ActionView::FileSystemResolver are now recognized as filesystem accesses.
  • Accesses of ActiveResource models are now recognized as HTTP requests.

Bug Fixes

  • Fixed an issue in the taint tracking analysis where implicit reads were not allowed by default in sinks or additional taint steps that used flow states.