- False positives in "Log entries created from user input" (
go/log-injection) and "Clear-text logging of sensitive information" (go/clear-text-logging) which involved the verb%Tin a format specifier have been fixed. As a result, some users may also see more alerts from the "Use of constantstatevalue in OAuth 2.0 URL" (go/constant-oauth2-state) query.