Skip to content

Commit 26f624d

Browse files
authored
Merge pull request github#3285 from felicitymay/1.24/SD-61-Java-finalize-notes
1.24 release: finalize change notes for Java
2 parents dbff9b6 + 67e8a5c commit 26f624d

File tree

1 file changed

+8
-8
lines changed

1 file changed

+8
-8
lines changed

change-notes/1.24/analysis-java.md

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ The following changes in version 1.24 affect Java analysis in all applications.
44

55
## General improvements
66

7-
* Alert suppression can now be done with single-line block comments (`/* ... */`) as well as line comments (`// ...`).
7+
* You can now suppress alerts using either single-line block comments (`/* ... */`) or line comments (`// ...`).
88
* A `Customizations.qll` file has been added to allow customizations of the standard library that apply to all queries.
99

1010
## New queries
@@ -21,23 +21,23 @@ The following changes in version 1.24 affect Java analysis in all applications.
2121

2222
| **Query** | **Expected impact** | **Change** |
2323
|------------------------------|------------------------|-----------------------------------|
24-
| Dereferenced variable may be null (`java/dereferenced-value-may-be-null`) | Fewer false positives | Final fields with a non-null initializer are no longer reported. |
25-
| Expression always evaluates to the same value (`java/evaluation-to-constant`) | Fewer false positives | Expressions of the form `0 * x` are usually intended and no longer reported. Also left shift of ints by 32 bits and longs by 64 bits are no longer reported as they are not constant, these results are instead reported by the new query `java/lshift-larger-than-type-width`. |
26-
| Useless null check (`java/useless-null-check`) | More true positives | Useless checks on final fields with a non-null initializer are now reported. |
24+
| Dereferenced variable may be null (`java/dereferenced-value-may-be-null`) | Fewer false positive results | Final fields with a non-null initializer are no longer reported. |
25+
| Expression always evaluates to the same value (`java/evaluation-to-constant`) | Fewer false positive results | Expressions of the form `0 * x` are usually intended and no longer reported. Also left shift of ints by 32 bits and longs by 64 bits are no longer reported as they are not constant, these results are instead reported by the new query `java/lshift-larger-than-type-width`. |
26+
| Useless null check (`java/useless-null-check`) | More true positive results | Useless checks on final fields with a non-null initializer are now reported. |
2727

2828
## Changes to libraries
2929

3030
* The data-flow library has been improved, which affects and improves most security queries. The improvements are:
31-
- Track flow through methods that combine taint tracking with flow through fields.
32-
- Track flow through clone-like methods, that is, methods that read contents of a field from a
33-
parameter and stores the value in the field of a returned object.
31+
- Track flow through methods that combine taint tracking with flow through fields.
32+
- Track flow through clone-like methods, that is, methods that read contents of a field from a
33+
parameter and stores the value in the field of a returned object.
3434
* Identification of test classes has been improved. Previously, one of the
3535
match conditions would classify any class with a name containing the string
3636
"Test" as a test class, but now this matching has been replaced with one that
3737
looks for the occurrence of actual unit-test annotations. This affects the
3838
general file classification mechanism and thus suppression of alerts, and
3939
also any security queries using taint tracking, as test classes act as
4040
default barriers stopping taint flow.
41-
* Parentheses are now no longer modelled directly in the AST, that is, the
41+
* Parentheses are now no longer modeled directly in the AST, that is, the
4242
`ParExpr` class is empty. Instead, a parenthesized expression can be
4343
identified with the `Expr.isParenthesized()` member predicate.

0 commit comments

Comments
 (0)