hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-28 21:03:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
fa27eaabef993e77bcc4849ebef599d97c86a90a
codeql/java/ql/lib/change-notes/released/8.1.0.md
github-actions[bot] ef04f927fb Release preparation for version 2.24.2
2026-02-16 13:29:25 +00:00

1.2 KiB
Raw Blame History

8.1.0

Deprecated APIs

  • The UnreachableBlocks.qll library has been deprecated.
  • Renamed the following predicates to increase uniformity across languages. The getBody predicate already existed on LoopStmt, but is now properly inherited.
    • UnaryExpr.getExpr to getOperand.
    • ConditionalExpr.getTrueExpr to getThen.
    • ConditionalExpr.getFalseExpr to getElse.
    • ReturnStmt.getResult to getExpr.
    • WhileStmt.getStmt to getBody.
    • DoStmt.getStmt to getBody.
    • ForStmt.getStmt to getBody.
    • EnhancedForStmt.getStmt to getBody.

Minor Analysis Improvements

  • Using a regular expression to check that a string doesn't contain any line breaks is already a sanitizer for java/log-injection. Additional ways of doing the regular expression check are now recognised, including annotation with @javax.validation.constraints.Pattern.
  • More ways of checking that a string matches a regular expression are now considered as sanitizers for various queries, including java/ssrf and java/path-injection. In particular, being annotated with @javax.validation.constraints.Pattern is now recognised as a sanitizer for those queries.
  • Kotlin versions up to 2.3.10 are now supported.