codeql/python/ql/lib/change-notes/released/0.9.0.md

0.9.0

Deprecated APIs

• The recently introduced new data flow and taint tracking APIs have had a number of module and predicate renamings. The old APIs remain in place for now.

Minor Analysis Improvements

• Added modeling of SQL execution in the packages sqlite3.dbapi2, cassandra-driver, aiosqlite, and the functions sqlite3.Connection.executescript/sqlite3.Cursor.executescript and asyncpg.connection.connect().
• Fixed module resolution so we allow imports of definitions that have had an attribute assigned to it, such as class Foo; Foo.bar = 42.

Bug Fixes

• Fixed some accidental predicate visibility in the backwards-compatible wrapper for data flow configurations. In particular, DataFlow::hasFlowPath, DataFlow::hasFlow, DataFlow::hasFlowTo, and DataFlow::hasFlowToExpr were accidentally exposed in a single version.