FilesExpand file tree

 codeql-cli-2.25.2

/

1.1.10.md

Copy path

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

7 lines (5 loc) · 764 Bytes

 codeql-cli-2.25.2

/

1.1.10.md

Top

File metadata and controls

• Preview
• Code
• Blame

7 lines (5 loc) · 764 Bytes

Raw

Copy raw file

Download raw file

Outline

Edit and raw actions

1.1.10

Minor Analysis Improvements

• Added SHA-384 to the list of secure hashing algorithms. As a result the java/potentially-weak-cryptographic-algorithm query should no longer flag up uses of SHA-384.
• Added SHA3 to the list of secure hashing algorithms. As a result the java/potentially-weak-cryptographic-algorithm query should no longer flag up uses of SHA3.
• The java/weak-cryptographic-algorithm query has been updated to no longer report uses of hash functions such as MD5 and SHA1 even if they are known to be weak. These hash algorithms are used very often in non-sensitive contexts, making the query too imprecise in practice. The java/potentially-weak-cryptographic-algorithm query has been updated to report these uses instead.