From e2874ac252a8e74fc9531986a3c03cdbcaf1833e Mon Sep 17 00:00:00 2001
From: Owen Mansel-Chan <owen-mc@github.com>
Date: Fri, 8 May 2026 14:05:55 +0100
Subject: [PATCH] Python: Clarify that deserialization following a schema is
 safe

---
 .../ql/src/Security/CWE-502/UnsafeDeserialization.qhelp   | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp b/python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
index 2c5afee586b..1c1535857fc 100644
--- a/python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
+++ b/python/ql/src/Security/CWE-502/UnsafeDeserialization.qhelp
@@ -16,6 +16,14 @@ may have unforeseen effects, such as the execution of arbitrary code.
 There are many different serialization frameworks.  This query currently
 supports Pickle, Marshal and Yaml.
 </p>
+<p>
+Note that a deserialization method is only dangerous if it can instantiate
+arbitrary classes. Serialization frameworks that use a schema to instantiate
+only expected, predefined types are generally not tracked by this query. Such
+frameworks are generally safe with respect to arbitrary-class-instantiation and
+gadget-chain attacks when the schema is trusted and does not permit
+user-controlled type resolution.
+</p>
 </overview>
 
 <recommendation>