codeql/actions/ql/lib/change-notes/released/0.4.2.md at c9e5dbda782fea39790bd736bebaa8a15d59226d · github/codeql · GitHub

6 lines (4 loc) · 294 Bytes

0.4.2

Bug Fixes

Fixed data for vulnerable versions of actions/download-artifact and rlespinasse/github-slug-action (following GHSA-cxww-7g56-2vh6 and GHSA-6q4m-7476-932w).
Improved untrustedGhCommandDataModel regex for gh pr view and Bash taint analysis in GitHub Actions.