Ruby: add change notes for Arel.sql / SqlConstruction changes

nickrolfe · nickrolfe · commit 0337ccb93a2f · 2022-11-10T14:11:14.000Z
diff --git a/ruby/ql/lib/change-notes/2022-11-10-arel-sql.md b/ruby/ql/lib/change-notes/2022-11-10-arel-sql.md
@@ -0,0 +1,5 @@
+---
+category: minorAnalysis
+---
+* The `codeql.ruby.Concepts` library now has a `SqlConstruction` class, in addition to the existing `SqlExecution` class.
+* Calls to `Arel.sql` are now modeled as instances of the new `SqlConstruction` concept.
diff --git a/ruby/ql/src/change-notes/2022-11-10-arel-sql.md b/ruby/ql/src/change-notes/2022-11-10-arel-sql.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The `rb/sql-injection` query now considers consider SQL constructions, such as calls to `Arel.sql`, as sinks.

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +---
 +category: minorAnalysis
 +---
 +* The `rb/sql-injection` query now considers consider SQL constructions, such as calls to `Arel.sql`, as sinks.