hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
6484ee106e483eb3d2a0040bac9e17ef089756ab
codeql/python/ql/lib/change-notes/released/0.10.0.md
github-actions[bot] 6484ee106e Release preparation for version 2.14.0
2023-07-07 08:22:14 +00:00

1.3 KiB
Raw Blame History

0.10.0

New Features

  • It is now possible to specify flow summaries in the format "MyPkg;Member[list_map];Argument[1].ListElement;Argument[0].Parameter[0];value"

Minor Analysis Improvements

  • Deleted many models that used the old dataflow library, the new models can be found in the python/ql/lib/semmle/python/frameworks folder.
  • More precise modelling of several container functions (such as sorted, reversed) and methods (such as set.add, list.append).
  • Added modeling of taint flow through the template argument of flask.render_template_string and flask.stream_template_string.
  • Deleted many deprecated predicates and classes with uppercase API, HTTP, XSS, SQL, etc. in their names. Use the PascalCased versions instead.
  • Deleted the deprecated getName() predicate from the Container class, use getAbsolutePath() instead.
  • Deleted many deprecated module names that started with a lowercase letter, use the versions that start with an uppercase letter instead.
  • Deleted many deprecated predicates in PointsTo.qll.
  • Deleted many deprecated files from the semmle.python.security package.
  • Deleted the deprecated BottleRoutePointToExtension class from Extensions.qll.
  • Type tracking is now aware of flow summaries. This leads to a richer API graph, and may lead to more results in some queries.