hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
e4be303a2359917aadf855ead7f38f67a7a86654
codeql/ruby/ql/lib/change-notes/released/0.6.3.md
github-actions[bot] e4be303a23 Release preparation for version 2.13.4
2023-06-08 19:57:37 +00:00

1.0 KiB
Raw Blame History

0.6.3

Minor Analysis Improvements

  • Deleted many deprecated predicates and classes with uppercase URL, XSS, etc. in their names. Use the PascalCased versions instead.
  • Deleted the deprecated getValueText predicate from the Expr, StringComponent, and ExprCfgNode classes. Use getConstantValue instead.
  • Deleted the deprecated VariableReferencePattern class, use ReferencePattern instead.
  • Deleted all deprecated aliases in StandardLibrary.qll, use codeql.ruby.frameworks.Core and codeql.ruby.frameworks.Stdlib instead.
  • Support for the sequel gem has been added. Method calls that execute queries against a database that may be vulnerable to injection attacks will now be recognized.
  • Support for the mysql2 gem has been added. Method calls that execute queries against an MySQL database that may be vulnerable to injection attacks will now be recognized.
  • Support for the pg gem has been added. Method calls that execute queries against a PostgreSQL database that may be vulnerable to injection attacks will now be recognized.