mirror of
https://github.com/github/codeql.git
synced 2025-12-17 17:23:36 +01:00
22 lines
949 B
Markdown
22 lines
949 B
Markdown
## 0.1.0
|
|
|
|
### Breaking Changes
|
|
|
|
* The recently added flow-state versions of `isBarrierIn`, `isBarrierOut`, `isSanitizerIn`, and `isSanitizerOut` in the data flow and taint tracking libraries have been removed.
|
|
|
|
### Deprecated APIs
|
|
|
|
* Queries importing a data-flow configuration from `semmle.python.security.dataflow`
|
|
should ensure that the imported file ends with `Query`, and only import its top-level
|
|
module. For example, a query that used `CommandInjection::Configuration` from
|
|
`semmle.python.security.dataflow.CommandInjection` should from now use `Configuration`
|
|
from `semmle.python.security.dataflow.CommandInjectionQuery` instead.
|
|
|
|
### Major Analysis Improvements
|
|
|
|
* Added data-flow for Django ORM models that are saved in a database (no `models.ForeignKey` support).
|
|
|
|
### Minor Analysis Improvements
|
|
|
|
* Improved modeling of Flask `Response` objects, so passing a response body with the keyword argument `response` is now recognized.
|