codeql/0.3.0.md at main - codeql - Gitea: Git with a cup of tea

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00

Files

Mathias Vorreiter Pedersen 103c589c1d Update python/ql/lib/change-notes/released/0.3.0.md

2022-05-12 11:47:19 +01:00

649 B

Raw Permalink Blame History

0.3.0

Breaking Changes

The imports made available from import python are no longer exposed under DataFlow:: after doing import semmle.python.dataflow.new.DataFlow, for example using DataFlow::Add will now cause a compile error.

Minor Analysis Improvements

The modeling of request.files in Flask has been fixed, so we now properly handle assignments to local variables (such as files = request.files; files['key'].filename).
Added taint propagation for io.StringIO and io.BytesIO. This addition was originally submitted as part of an experimental query by @jorgectf.