hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Allow import of refined variable

Browse Source 
However, as illustrated by the `CWE-327-InsecureProtocol` test, this fix
is NOT good enough, since now even the `secure_context` is considered to
be insecure (for both versions). Ouch.

Will fix this in a later commit, since it was only discoverd late on.
This commit is contained in:
Rasmus Wriedt Larsen
2023-02-17 15:52:53 +01:00
parent fb425b73fc
commit 00eec6986c
4 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/lib/change-notes/2023-02-17-import-refined-variable.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Fixed module resolution so we allow imports of definitions that have had an attribute assigned to it, such as `class Foo; Foo.bar = 42`.