- Added a new query,
rust/log-injection, for detecting cases where log entries could be forged by a malicious user.
- The "Low Rust analysis quality" query (
rust/diagnostic/database-quality) has been tuned so that it won't trigger on databases that have extracted normally. This will remove spurious messages of "Low Rust analysis quality" on the CodeQL status page. - Fixed an inconsistency across languages where most have a
Customizations.qllfile for adding customizations, but not all did.