hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Release preparation for version 2.11.2

Browse Source
This commit is contained in:
github-actions[bot]
2022-10-20 11:05:19 +00:00
parent e868cdf91b
commit 9a0848bbc4
103 changed files with 287 additions and 160 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
python/ql/src/change-notes/released/0.5.2.md Normal file
View File

@@ -0,0 +1,12 @@
## 0.5.2
### Minor Analysis Improvements
* Added model of `cx_Oracle`, `oracledb`, `phonenixdb` and `pyodbc` PyPI packages as a SQL interface following PEP249, resulting in additional sinks for `py/sql-injection`.
* Added model of `executemany` calls on PEP-249 compliant database APIs, resulting in additional sinks for `py/sql-injection`.
* Added model of `pymssql` PyPI package as a SQL interface following PEP249, resulting in additional sinks for `py/sql-injection`.
* The alert message of many queries have been changed to better follow the style guide and make the message consistent with other languages.
### Bug Fixes
* Fixed how `flask.request` is modeled as a RemoteFlowSource, such that we show fewer duplicated alert messages for Code Scanning alerts. The import, such as `from flask import request`, will now be shown as the first step in a path explanation.