codeql/python/change-notes/2021-11-26-tempfile-file-access.md

lgtm,codescanning

• Added modeling of the tempfile module for creating temporary files and directories, such as the functions tempfile.NamedTemporaryFile and tempfile.TemporaryDirectory. The suffix, prefix, and dir arguments are all vulnerable to path-injection, and these are new sinks for the Uncontrolled data used in path expression (py/path-injection) query.