hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 08:43:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
codeql/python/old-change-notes/2021-02-23-port-insecure-default-protocol.md
Dave Bartolomeo fa40d59332 Move older change notes to old-change-notes 
Now that change notes are per-package, new change notes should be created in the `change-notes` folder under the affected pack (e.g., `cpp/ql/src/change-notes` for C++ query change notes. I've moved all of the change note files that were added before we started publishing them in packs to an `old-change-notes` directory under each language, to reduce the temptation to add new change notes there.

I'm working on a document to describe how and when to create change notes for packs separately.
2021-12-14 12:35:04 -05:00

465 B
Raw Permalink Blame History

lgtm,codescanning

  • Updated the query that detects insecure SSL/TLS protocol creation from default values (py/insecure-default-protocol) to use the new API graphs. The query also no longer reports use of the default value for constructing ssl.SSLContext, since that can still be secure, either through manipulation of the options field or the minimum_version field. If the usage is not secure, this should be reported by the py/insecure-protocol query.