hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
a851ef61bbdae891ca10b72fc1b9f6465753493a
codeql/python/ql/lib/CHANGELOG.md
github-actions[bot] a851ef61bb Release preparation for version 2.7.5
2021-12-11 13:20:22 +00:00

916 B
Raw Blame History

0.0.5

0.0.4

Major Analysis Improvements

  • Added modeling of os.stat, os.lstat, os.statvfs, os.fstat, and os.fstatvfs, which are new sinks for the Uncontrolled data used in path expression (py/path-injection) query.
  • Added modeling of the posixpath, ntpath, and genericpath modules for path operations (although these are not supposed to be used), resulting in new sinks for the Uncontrolled data used in path expression (py/path-injection) query.
  • Added modeling of wsgiref.simple_server applications, leading to new remote flow sources.
  • Added modeling of aiopg for sinks executing SQL.
  • Added modeling of HTTP requests and responses when using flask_admin (Flask-Admin PyPI package), which leads to additional remote flow sources.
  • Added modeling of the PyPI package toml, which provides encoding/decoding of TOML documents, leading to new taint-tracking steps.