Merge pull request #1817 from taus-semmle/python-change-notes-1.22

Approved by felicity-semmle

change-notes/1.22/analysis-python.md

@@ -6,9 +6,29 @@
 ### Points-to
 Tracking of "unknown" values from modules that are absent from the database has been improved. Particularly when an "unknown" value is used as a decorator, the decorated function is tracked.
 
+### Loop unrolling
+The extractor now unrolls a single iteration of loops that are known to run at least once. This improves analysis in cases like the following
 
-### Impact on existing queries.
+```python
+if seq:
+    for x in seq:
+        y = x
+    y  # y is defined here
+```
 
+### Better API for function parameter annotations
+Instances of the `Parameter` and `ParameterDefinition` class now have a `getAnnotation` method that returns the corresponding parameter annotation, if one exists.
+
+### Improvements to the Value API
+- The Value API has been extended with classes representing functions, classes, tuples, and other types.
+
+- `Value::forInt(int x)` and `Value::forString(string s)` have been added to make it easier to refer to the `Value` entities for common constants.
+
+### Other improvements
+
+- Short flags for regexes (for example, `re.M` for multiline regexes) are now handled correctly.
+- Modules with multiple import roots no longer get multiple names.
+- A new `NegativeIntegerLiteral` class has been added as a subtype of `ImmutableLiteral`, so that `-1` is treated as an `ImmutableLiteral`. This means that queries looking for the use of constant integers will automatically handle negative numbers.
 
 ## New queries