-
Notifications
You must be signed in to change notification settings - Fork 2
/
Changes
80 lines (66 loc) · 3.17 KB
/
Changes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
Revision history for Perl-Critic-Policy-ValuesAndExpressions-PreventSQLInjection
{{$NEXT}}
2.000001 2021-03-05 15:39:11Z
- Bump minimum PPI version to 1.222 (GH#1) (Olaf Alders)
2.000000 2021-03-04 22:59:36Z
- Added test for heredoc terminators
https://github.com/guillaumeaubert/Perl-Critic-Policy-ValuesAndExpressions-PreventSQLInjection/pull/17
(Victor Efimov)
- Reset `_sqlsafe` when scanning multiple documents; added tests
https://github.com/guillaumeaubert/Perl-Critic-Policy-ValuesAndExpressions-PreventSQLInjection/pull/22
(Charlie Garrison)
- New test cases related to anonymous functions
https://github.com/guillaumeaubert/Perl-Critic-Policy-ValuesAndExpressions-PreventSQLInjection/pull/18
(Victor Efimov)
- Add safe_context configuration option
https://github.com/guillaumeaubert/Perl-Critic-Policy-ValuesAndExpressions-PreventSQLInjection/pull/23
(Nelson Ferraz)
- Added a new "prefer_upper_case_keywords" configuration option (Olaf Alders)
- Added detection for ALTER, CREATE and DROP statements.
v1.4.0 2017-03-22
- Relicensed under Perl 5 terms.
- Cleaned up dependencies.
v1.3.1 2014-04-20
- Fixed "package version matches dist version" for CPANTS.
- Fixed license declared in meta files.
- Refactored to use String::InterpolatedVariables.
v1.3.0 2014-03-26
- (GH-12) Fixed handling of ternary operators.
- (GH-13) Added detection of function / class method calls, added
support for marking functions / class methods as safe from SQL
injection risks.
- (GH-13) Allowed configuring the list of safe functions, class
methods, and object methods via .perlcriticrc.
- (GH-14) Fixed handling of quoted heredoc blocks (thanks Victor Efimov
for finding the issue).
- (GH-16) Fixed double-quoted string test.
- Added many tests, thanks to Victor Efimov.
- Updated list of current limitations of the module.
- Clarified documentation.
v1.2.0 2013-12-30
- Added support for commas (in addition to spaces) in safe variable
lists (GH-9).
- Fixed detection of array indexes in variables.
- Fixed parsing of spaces in quoted hash keys.
- Tightened detection of quoting methods.
v1.1.5 2013-12-05
- Added detection of quote() and quote_identifier(), to prevent the
detection of false-positives (GH-8).
v1.1.4 2013-12-03
- Fixed whitelisting of concatenated variables (GH-7).
v1.1.3 2013-11-20
- Decreased false-positive by looking for SQL keywords at the beginning
of the strings (GH-6).
v1.1.2 2013-11-19
- Fixed detection of the end of SQL statements in array elements
(GH-5).
v1.1.1 2013-11-09
- Support for Perl v5.8.
v1.1.0 2013-11-08
- Added detection of SQL injection flaws introduced via
heredoc blocks (GH-1) and concatenation (GH-2).
v1.0.1 2013-10-15
- Added missing dependency.
- Ignored warnings in dependencies when testing.
v1.0.0 2013-10-14
- Public release.