codeql/2022-07-18-sqli-in-activerecord-relation-annotate.md at e43755b34fc3de0ecb3062998f369891e10624c1 - codeql - Gitea: Git with a cup of tea

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00

Files

thiggy1342 962155fd61 fix changenotes

2022-07-19 00:33:04 +00:00

189 B

Raw Blame History

category

category
minorAnalysis

Calls to ActiveRecord::Relation#annotate are now recognized asSqlExecutions so that it will be considered as a sink for queries like rb/sql-injection.