зеркало из https://github.com/github/codeql.git
Release preparation for version 2.18.3
This commit is contained in:
github-actions[bot]
Родитель
2f3ebfb81f
Коммит
17cd9624fb
|
|
@ -1,3 +1,7 @@
|
|||
## 1.4.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.4.0
|
||||
|
||||
### New Features
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.4.1
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.4.0
|
||||
lastReleaseVersion: 1.4.1
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/cpp-all
|
||||
version: 1.4.1-dev
|
||||
version: 1.4.1
|
||||
groups: cpp
|
||||
dbscheme: semmlecode.cpp.dbscheme
|
||||
extractor: cpp
|
||||
|
|
|
|||
|
|
@ -1,3 +1,9 @@
|
|||
## 1.2.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `cpp/uncontrolled-allocation-size` ("Uncontrolled allocation size") query now considers arithmetic operations that might reduce the size of user input as a barrier. The query therefore produces fewer false positive results.
|
||||
|
||||
## 1.2.0
|
||||
|
||||
### Query Metadata Changes
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The `cpp/uncontrolled-allocation-size` ("Uncontrolled allocation size") query now considers arithmetic operations that might reduce the size of user input as a barrier. The query therefore produces fewer false positive results.
|
||||
## 1.2.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* The `cpp/uncontrolled-allocation-size` ("Uncontrolled allocation size") query now considers arithmetic operations that might reduce the size of user input as a barrier. The query therefore produces fewer false positive results.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.2.0
|
||||
lastReleaseVersion: 1.2.1
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/cpp-queries
|
||||
version: 1.2.1-dev
|
||||
version: 1.2.1
|
||||
groups:
|
||||
- cpp
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.7.23
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.22
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.7.23
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.7.22
|
||||
lastReleaseVersion: 1.7.23
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/csharp-solorigate-all
|
||||
version: 1.7.23-dev
|
||||
version: 1.7.23
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.7.23
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.7.22
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.7.23
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.7.22
|
||||
lastReleaseVersion: 1.7.23
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/csharp-solorigate-queries
|
||||
version: 1.7.23-dev
|
||||
version: 1.7.23
|
||||
groups:
|
||||
- csharp
|
||||
- solorigate
|
||||
|
|
|
|||
|
|
@ -1,3 +1,14 @@
|
|||
## 1.1.0
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* Added support for data flow through side-effects on static fields. For example, when a static field containing an array is updated.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added some new `local` source models. Most prominently `System.IO.Path.GetTempPath` and `System.Environment.GetFolderPath`. This might produce more alerts, if the `local` threat model is enabled.
|
||||
* The extractor has been changed to not skip source files that have already been seen. This has an impact on source files that are compiled multiple times in the build process. Source files with conditional compilation preprocessor directives (such as `#if`) are now extracted for each set of preprocessor symbols that are used during the build process.
|
||||
|
||||
## 1.0.5
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: majorAnalysis
|
||||
---
|
||||
* Added support for data flow through side-effects on static fields. For example, when a static field containing an array is updated.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* The extractor has been changed to not skip source files that have already been seen. This has an impact on source files that are compiled multiple times in the build process. Source files with conditional compilation preprocessor directives (such as `#if`) are now extracted for each set of preprocessor symbols that are used during the build process.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Added some new `local` source models. Most prominently `System.IO.Path.GetTempPath` and `System.Environment.GetFolderPath`. This might produce more alerts, if the `local` threat model is enabled.
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
## 1.1.0
|
||||
|
||||
### Major Analysis Improvements
|
||||
|
||||
* Added support for data flow through side-effects on static fields. For example, when a static field containing an array is updated.
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Added some new `local` source models. Most prominently `System.IO.Path.GetTempPath` and `System.Environment.GetFolderPath`. This might produce more alerts, if the `local` threat model is enabled.
|
||||
* The extractor has been changed to not skip source files that have already been seen. This has an impact on source files that are compiled multiple times in the build process. Source files with conditional compilation preprocessor directives (such as `#if`) are now extracted for each set of preprocessor symbols that are used during the build process.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.5
|
||||
lastReleaseVersion: 1.1.0
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/csharp-all
|
||||
version: 1.0.6-dev
|
||||
version: 1.1.0
|
||||
groups: csharp
|
||||
dbscheme: semmlecode.csharp.dbscheme
|
||||
extractor: csharp
|
||||
|
|
|
|||
|
|
@ -1,3 +1,10 @@
|
|||
## 1.0.6
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Attributes in the `System.Runtime.CompilerServices` namespace are ignored when checking if a declaration requires documentation comments.
|
||||
* C# build-mode `none` analyses now report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review.
|
||||
|
||||
## 1.0.5
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Attributes in the `System.Runtime.CompilerServices` namespace are ignored when checking if a declaration requires documentation comments.
|
||||
|
|
@ -1,4 +1,6 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* C# build-mode `none` analyses now report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review.
|
||||
## 1.0.6
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Attributes in the `System.Runtime.CompilerServices` namespace are ignored when checking if a declaration requires documentation comments.
|
||||
* C# build-mode `none` analyses now report a warning on the CodeQL status page when there are significant analysis problems-- defined as 5% of expressions lacking a type, or 5% of call targets being unknown. Other messages reported on the status page are downgraded from warnings to notes and so are less prominent, but are still available for review.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.5
|
||||
lastReleaseVersion: 1.0.6
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/csharp-queries
|
||||
version: 1.0.6-dev
|
||||
version: 1.0.6
|
||||
groups:
|
||||
- csharp
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.5
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.5
|
||||
lastReleaseVersion: 1.0.6
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql-go-consistency-queries
|
||||
version: 1.0.6-dev
|
||||
version: 1.0.6
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,17 @@
|
|||
## 1.1.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Local source models for reading and parsing environment variables have been added for the following libraries:
|
||||
- os
|
||||
- syscall
|
||||
- github.com/caarlos0/env
|
||||
- github.com/gobuffalo/envy
|
||||
- github.com/hashicorp/go-envparse
|
||||
- github.com/joho/godotenv
|
||||
- github.com/kelseyhightower/envconfig
|
||||
* Local source models have been added for the APIs which open files in the `io/fs`, `io/ioutil` and `os` packages in the Go standard library. You can optionally include threat models as appropriate when using the CodeQL CLI and in GitHub code scanning. For more information, see [Analyzing your code with CodeQL queries](https://docs.github.com/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries#including-model-packs-to-add-potential-sources-of-tainted-data>) and [Customizing your advanced setup for code scanning](https://docs.github.com/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models).
|
||||
|
||||
## 1.1.4
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,11 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Local source models for reading and parsing environment variables have been added for the following libraries:
|
||||
- os
|
||||
- syscall
|
||||
- github.com/caarlos0/env
|
||||
- github.com/gobuffalo/envy
|
||||
- github.com/hashicorp/go-envparse
|
||||
- github.com/joho/godotenv
|
||||
- github.com/kelseyhightower/envconfig
|
||||
|
|
@ -1,4 +1,13 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 1.1.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Local source models for reading and parsing environment variables have been added for the following libraries:
|
||||
- os
|
||||
- syscall
|
||||
- github.com/caarlos0/env
|
||||
- github.com/gobuffalo/envy
|
||||
- github.com/hashicorp/go-envparse
|
||||
- github.com/joho/godotenv
|
||||
- github.com/kelseyhightower/envconfig
|
||||
* Local source models have been added for the APIs which open files in the `io/fs`, `io/ioutil` and `os` packages in the Go standard library. You can optionally include threat models as appropriate when using the CodeQL CLI and in GitHub code scanning. For more information, see [Analyzing your code with CodeQL queries](https://docs.github.com/code-security/codeql-cli/getting-started-with-the-codeql-cli/analyzing-your-code-with-codeql-queries#including-model-packs-to-add-potential-sources-of-tainted-data>) and [Customizing your advanced setup for code scanning](https://docs.github.com/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#extending-codeql-coverage-with-threat-models).
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.1.4
|
||||
lastReleaseVersion: 1.1.5
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/go-all
|
||||
version: 1.1.5-dev
|
||||
version: 1.1.5
|
||||
groups: go
|
||||
dbscheme: go.dbscheme
|
||||
extractor: go
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.5
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.5
|
||||
lastReleaseVersion: 1.0.6
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/go-queries
|
||||
version: 1.0.6-dev
|
||||
version: 1.0.6
|
||||
groups:
|
||||
- go
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.5
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.5
|
||||
lastReleaseVersion: 1.0.6
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/java-automodel-queries
|
||||
version: 1.0.6-dev
|
||||
version: 1.0.6
|
||||
groups:
|
||||
- java
|
||||
- automodel
|
||||
|
|
|
|||
|
|
@ -1,3 +1,15 @@
|
|||
## 3.0.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Threat-model for `System.in` changed from `commandargs` to newly created `stdin` (both subgroups of `local`).
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed an issue where analysis in `build-mode: none` may very occasionally throw a `CoderMalfunctionError` while resolving dependencies provided by a build system (Maven or Gradle), which could cause some dependency resolution and consequently alerts to vary unpredictably from one run to another.
|
||||
* Fixed an issue where Java analysis in `build-mode: none` would fail to resolve dependencies using the `executable-war` Maven artifact type.
|
||||
* Fixed an issue where analysis in `build-mode: none` may fail to resolve dependencies of Gradle projects where the dependency uses a non-empty artifact classifier -- for example, `someproject-1.2.3-tests.jar`, which has the classifier `tests`.
|
||||
|
||||
## 3.0.0
|
||||
|
||||
### Breaking Changes
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: fix
|
||||
---
|
||||
* Fixed an issue where Java analysis in `build-mode: none` would fail to resolve dependencies using the `executable-war` Maven artifact type.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: fix
|
||||
---
|
||||
* Fixed an issue where analysis in `build-mode: none` may fail to resolve dependencies of Gradle projects where the dependency uses a non-empty artifact classifier -- for example, `someproject-1.2.3-tests.jar`, which has the classifier `tests`.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
* Threat-model for `System.in` changed from `commandargs` to newly created `stdin` (both subgroups of `local`).
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
category: fix
|
||||
---
|
||||
* Fixed an issue where analysis in `build-mode: none` may very occasionally throw a `CoderMalfunctionError` while resolving dependencies provided by a build system (Maven or Gradle), which could cause some dependency resolution and consequently alerts to vary unpredictably from one run to another.
|
||||
|
|
@ -0,0 +1,11 @@
|
|||
## 3.0.1
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Threat-model for `System.in` changed from `commandargs` to newly created `stdin` (both subgroups of `local`).
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Fixed an issue where analysis in `build-mode: none` may very occasionally throw a `CoderMalfunctionError` while resolving dependencies provided by a build system (Maven or Gradle), which could cause some dependency resolution and consequently alerts to vary unpredictably from one run to another.
|
||||
* Fixed an issue where Java analysis in `build-mode: none` would fail to resolve dependencies using the `executable-war` Maven artifact type.
|
||||
* Fixed an issue where analysis in `build-mode: none` may fail to resolve dependencies of Gradle projects where the dependency uses a non-empty artifact classifier -- for example, `someproject-1.2.3-tests.jar`, which has the classifier `tests`.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 3.0.0
|
||||
lastReleaseVersion: 3.0.1
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/java-all
|
||||
version: 3.0.1-dev
|
||||
version: 3.0.1
|
||||
groups: java
|
||||
dbscheme: config/semmlecode.dbscheme
|
||||
extractor: java
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.1.3
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.1.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.1.3
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.1.2
|
||||
lastReleaseVersion: 1.1.3
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/java-queries
|
||||
version: 1.1.3-dev
|
||||
version: 1.1.3
|
||||
groups:
|
||||
- java
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.1.3
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.1.2
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.1.3
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.1.2
|
||||
lastReleaseVersion: 1.1.3
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/javascript-all
|
||||
version: 1.1.3-dev
|
||||
version: 1.1.3
|
||||
groups: javascript
|
||||
dbscheme: semmlecode.javascript.dbscheme
|
||||
extractor: javascript
|
||||
|
|
|
|||
|
|
@ -1,3 +1,11 @@
|
|||
## 1.1.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Message events in the browser are now properly classified as client-side taint sources. Previously they were
|
||||
incorrectly classified as server-side taint sources, which resulted in some alerts being reported by
|
||||
the wrong query, such as server-side URL redirection instead of client-side URL redirection.
|
||||
|
||||
## 1.1.1
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
---
|
||||
category: minorAnalysis
|
||||
---
|
||||
## 1.1.2
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
||||
* Message events in the browser are now properly classified as client-side taint sources. Previously they were
|
||||
incorrectly classified as server-side taint sources, which resulted in some alerts being reported by
|
||||
the wrong query, such as server-side URL redirection instead of client-side URL redirection.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.1.1
|
||||
lastReleaseVersion: 1.1.2
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/javascript-queries
|
||||
version: 1.1.2-dev
|
||||
version: 1.1.2
|
||||
groups:
|
||||
- javascript
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.5
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.5
|
||||
lastReleaseVersion: 1.0.6
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
name: codeql/suite-helpers
|
||||
version: 1.0.6-dev
|
||||
version: 1.0.6
|
||||
groups: shared
|
||||
warnOnImplicitThis: true
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.5
|
||||
|
||||
### Minor Analysis Improvements
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.5
|
||||
lastReleaseVersion: 1.0.6
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/python-all
|
||||
version: 1.0.6-dev
|
||||
version: 1.0.6
|
||||
groups: python
|
||||
dbscheme: semmlecode.python.dbscheme
|
||||
extractor: python
|
||||
|
|
|
|||
|
|
@ -1,3 +1,9 @@
|
|||
## 1.2.0
|
||||
|
||||
### New Queries
|
||||
|
||||
* The `py/cookie-injection` query, originally contributed to the experimental query pack by @jorgectf, has been promoted to the main query pack. This query finds instances of cookies being set without the `Secure`, `HttpOnly`, or `SameSite` attributes set to secure values.
|
||||
|
||||
## 1.1.0
|
||||
|
||||
### New Queries
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
---
|
||||
category: newQuery
|
||||
---
|
||||
* The `py/cookie-injection` query, originally contributed to the experimental query pack by @jorgectf, has been promoted to the main query pack. This query finds instances of cookies being set without the `Secure`, `HttpOnly`, or `SameSite` attributes set to secure values.
|
||||
## 1.2.0
|
||||
|
||||
### New Queries
|
||||
|
||||
* The `py/cookie-injection` query, originally contributed to the experimental query pack by @jorgectf, has been promoted to the main query pack. This query finds instances of cookies being set without the `Secure`, `HttpOnly`, or `SameSite` attributes set to secure values.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.1.0
|
||||
lastReleaseVersion: 1.2.0
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/python-queries
|
||||
version: 1.1.1-dev
|
||||
version: 1.2.0
|
||||
groups:
|
||||
- python
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.5
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.5
|
||||
lastReleaseVersion: 1.0.6
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/ruby-all
|
||||
version: 1.0.6-dev
|
||||
version: 1.0.6
|
||||
groups: ruby
|
||||
extractor: ruby
|
||||
dbscheme: ruby.dbscheme
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.1.1
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.1.0
|
||||
|
||||
### New Queries
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.1.1
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.1.0
|
||||
lastReleaseVersion: 1.1.1
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/ruby-queries
|
||||
version: 1.1.1-dev
|
||||
version: 1.1.1
|
||||
groups:
|
||||
- ruby
|
||||
- queries
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.5
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.5
|
||||
lastReleaseVersion: 1.0.6
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/controlflow
|
||||
version: 1.0.6-dev
|
||||
version: 1.0.6
|
||||
groups: shared
|
||||
library: true
|
||||
dependencies:
|
||||
|
|
|
|||
|
|
@ -1,3 +1,9 @@
|
|||
## 1.1.0
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* The source/sink grouping feature of the data flow library has been removed. It was introduced primarily for debugging, but has not proven useful.
|
||||
|
||||
## 1.0.5
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
---
|
||||
category: deprecated
|
||||
---
|
||||
## 1.1.0
|
||||
|
||||
### Deprecated APIs
|
||||
|
||||
* The source/sink grouping feature of the data flow library has been removed. It was introduced primarily for debugging, but has not proven useful.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.5
|
||||
lastReleaseVersion: 1.1.0
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/dataflow
|
||||
version: 1.0.6-dev
|
||||
version: 1.1.0
|
||||
groups: shared
|
||||
library: true
|
||||
dependencies:
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.5
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.5
|
||||
lastReleaseVersion: 1.0.6
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
name: codeql/mad
|
||||
version: 1.0.6-dev
|
||||
version: 1.0.6
|
||||
groups: shared
|
||||
library: true
|
||||
dependencies:
|
||||
|
|
|
|||
|
|
@ -1,3 +1,7 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
||||
## 1.0.5
|
||||
|
||||
No user-facing changes.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
## 1.0.6
|
||||
|
||||
No user-facing changes.
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
---
|
||||
lastReleaseVersion: 1.0.5
|
||||
lastReleaseVersion: 1.0.6
|
||||
|
|
|
|||
Некоторые файлы не были показаны из-за слишком большого количества измененных файлов Показать больше
Загрузка…
Ссылка в новой задаче