hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 11:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update python/change-notes/2021-02-23-port-insecure-default-protocol.md

Browse Source 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
This commit is contained in:
yoff
2021-02-26 18:38:35 +01:00
committed by GitHub
parent 7f7320ae4c
commit 9a9bda17ed
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/change-notes/2021-02-23-port-insecure-default-protocol.md
View File

@@ -1,2 +1,2 @@
lgtm,codescanning
* Changed the query that detects insecure protocol creation from default values (`py/insecure-default-protocol`) to use the new API graphs. Modern versions of Python include fluent APIs that change default values after construction, so the query now reports results only in versions of Python where fluent APIs are not available.
* Changed the query that detects insecure SSL/TLS protocol creation from default values (`py/insecure-default-protocol`) to use the new API graphs. Python 3.4 introduced new ways to specify protocol version (through modifying the `options` field), which means that using the default value _can_ be secure (and if the usage is not secure, this should be reported by the `py/insecure-protocol` query). This query now only reports results only in versions of Python prior to 3.4.