hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-25 08:37:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix British spelling: recognised -> recognized

Browse Source
This commit is contained in:
copilot-swe-agent[bot]
2026-05-21 23:24:40 +00:00
committed by GitHub
parent 0ea1b8596e
commit de9deef52b
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
python/ql/lib/semmle/python/frameworks/PEP249.qll
View File

@@ -232,13 +232,13 @@ module PEP249 {
* A read of a connection-holding attribute within a method of a class whose
* `__init__` stores a PEP 249 connection in that attribute.
*
* This recognises patterns such as:
* This recognizes patterns such as:
* ```python
* class Wrapper:
* def __init__(self):
* self._conn = dbapi.connect(...)
* def get_connection(self):
* return self._conn # <-- recognised as a connection source
* return self._conn # <-- recognized as a connection source
* ```
* Because the `AttrRead` node for `self._conn` inside `get_connection` is
* also the `ExtractedReturnNode` for that statement, the existing TypeTracker
@@ -262,13 +262,13 @@ module PEP249 {
* An attribute access on a constructor-call result that directly reads the
* connection-holding attribute.
*
* This recognises patterns such as:
* This recognizes patterns such as:
* ```python
* class Wrapper:
* def __init__(self):
* self._conn = dbapi.connect(...)
*
* conn = Wrapper()._conn # <-- recognised as a connection source
* conn = Wrapper()._conn # <-- recognized as a connection source
* ```
*/
private class ConnectionConstructorAttributeRead extends InstanceSource, DataFlow::AttrRead {

2
python/ql/src/change-notes/2026-05-21-pep249-class-wrapper-connections.md
View File

@@ -1,4 +1,4 @@
---
category: minorAnalysis
---
* Improved detection of SQL injection and other PEP 249 database-related vulnerabilities when a database connection is stored in a class instance attribute and accessed through a getter method or direct attribute read. For example, patterns like `self._conn = dbapi.connect(...)` in `__init__` followed by `return self._conn` in a getter method, or `MyClass()._conn`, are now correctly recognised as PEP 249 connection sources.
* Improved detection of SQL injection and other PEP 249 database-related vulnerabilities when a database connection is stored in a class instance attribute and accessed through a getter method or direct attribute read. For example, patterns like `self._conn = dbapi.connect(...)` in `__init__` followed by `return self._conn` in a getter method, or `MyClass()._conn`, are now correctly recognized as PEP 249 connection sources.