0.5.5

New Features

• Added support for merging two PathGraphs via disjoint union to allow results from multiple data flow computations in a single path-problem query.

Major Analysis Improvements

• The main data flow and taint tracking APIs have been changed. The old APIs remain in place for now and translate to the new through a backwards-compatible wrapper. If multiple configurations are in scope simultaneously, then this may affect results slightly. The new API is quite similar to the old, but makes use of a configuration module instead of a configuration class.

Minor Analysis Improvements

• Data flow through initialize methods is now taken into account also when the receiver of a new call is an (implicit or explicit) self.
• The Active Record query methods reorder and count_by_sql are now recognized as SQL executions.
• Calls to ActiveRecord::Connection#execute, including those via subclasses, are now recognized as SQL executions.
• Data flow through ActionController::Parameters#require is now tracked properly.
• The severity of parse errors was reduced to warning (previously error).
• Deleted the deprecated getQualifiedName predicate from the ConstantWriteAccess class.
• Deleted the deprecated getWhenBranch and getAWhenBranch predicates from the CaseExpr class.
• Deleted the deprecated Self, PatternParameter, Pattern, VariablePattern, TuplePattern, and TuplePatternParameter classes.