From c3ef1ddd64a2616fba1624132de647c65a00169b Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Tue, 2 Jun 2026 16:14:15 +0100
Subject: [PATCH] Add MaD models for lxml and xml etree.fromstringlist

---
 python/ql/lib/semmle/python/frameworks/lxml.model.yml | 6 ++++++
 python/ql/lib/semmle/python/frameworks/xml.model.yml  | 6 ++++++
 2 files changed, 12 insertions(+)
 create mode 100644 python/ql/lib/semmle/python/frameworks/lxml.model.yml
 create mode 100644 python/ql/lib/semmle/python/frameworks/xml.model.yml

diff --git a/python/ql/lib/semmle/python/frameworks/lxml.model.yml b/python/ql/lib/semmle/python/frameworks/lxml.model.yml
new file mode 100644
index 00000000000..77e69758ae8
--- /dev/null
+++ b/python/ql/lib/semmle/python/frameworks/lxml.model.yml
@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: codeql/python-all
+      extensible: summaryModel
+    data:
+      - ['lxml', 'Member[etree].Member[fromstringlist]', 'Argument[0,strings:].ListElement', 'ReturnValue', 'taint']
diff --git a/python/ql/lib/semmle/python/frameworks/xml.model.yml b/python/ql/lib/semmle/python/frameworks/xml.model.yml
new file mode 100644
index 00000000000..96ea8480f93
--- /dev/null
+++ b/python/ql/lib/semmle/python/frameworks/xml.model.yml
@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: codeql/python-all
+      extensible: summaryModel
+    data:
+      - ['xml', 'Member[etree].Member[fromstringlist]', 'Argument[0,strings:].ListElement', 'ReturnValue', 'taint']