codeql/0.6.0.md at ea4c2e432100cb15e4ad5448d02c36153a6f9f95

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2025-12-21 11:16:30 +01:00

Files

Jeroen Ketema af2c321380 Update python/ql/src/change-notes/released/0.6.0.md

2023-01-05 18:01:28 +01:00

0.6.0

The analysis/AlertSuppression.ql query has moved to the root folder. Users that refer to this query by path should update their configurations. The query has been updated to support the new # codeql[query-id] supression comments. These comments can be used to suppress an alert and must be placed on a blank line before the alert. In addition the legacy # lgtm and # lgtm[query-id] comments can now also be placed on the line before an alert.
Bumped the minimum keysize we consider secure for elliptic curve cryptography from 224 to 256 bits, following current best practices. This might effect results from the Use of weak cryptographic key (py/weak-crypto-key) query.
Added modeling of getpass.getpass as a source of passwords, which will be an additional source for py/clear-text-logging-sensitive-data, py/clear-text-storage-sensitive-data, and py/weak-sensitive-data-hashing.