mirror of
https://github.com/github/codeql.git
synced 2025-12-17 17:23:36 +01:00
19 lines
1.3 KiB
Markdown
19 lines
1.3 KiB
Markdown
## 0.10.0
|
|
|
|
### New Features
|
|
|
|
* It is now possible to specify flow summaries in the format "MyPkg;Member[list_map];Argument[1].ListElement;Argument[0].Parameter[0];value"
|
|
|
|
### Minor Analysis Improvements
|
|
|
|
* Deleted many models that used the old dataflow library, the new models can be found in the `python/ql/lib/semmle/python/frameworks` folder.
|
|
* More precise modeling of several container functions (such as `sorted`, `reversed`) and methods (such as `set.add`, `list.append`).
|
|
* Added modeling of taint flow through the template argument of `flask.render_template_string` and `flask.stream_template_string`.
|
|
* Deleted many deprecated predicates and classes with uppercase `API`, `HTTP`, `XSS`, `SQL`, etc. in their names. Use the PascalCased versions instead.
|
|
* Deleted the deprecated `getName()` predicate from the `Container` class, use `getAbsolutePath()` instead.
|
|
* Deleted many deprecated module names that started with a lowercase letter, use the versions that start with an uppercase letter instead.
|
|
* Deleted many deprecated predicates in `PointsTo.qll`.
|
|
* Deleted many deprecated files from the `semmle.python.security` package.
|
|
* Deleted the deprecated `BottleRoutePointToExtension` class from `Extensions.qll`.
|
|
* Type tracking is now aware of flow summaries. This leads to a richer API graph, and may lead to more results in some queries.
|