codeql/change-notes/1.20/analysis-python.md

# Improvements to Python analysis


 ## General improvements

 > Changes that affect alerts in many files or from many queries
> For example, changes to file classification
 ## New queries

 | **Query**                   | **Tags**  | **Purpose**                                                        |
|-----------------------------|-----------|--------------------------------------------------------------------|
| Default version of SSL/TLS may be insecure (`py/insecure-default-protocol`) | security, external/cwe/cwe-327 | Finds instances where an insecure default protocol may be used. Results are shown on LGTM by default. |
| Use of insecure SSL/TLS version (`py/insecure-protocol`) | security, external/cwe/cwe-327 | Finds instances where a known insecure protocol has been specified. Results are shown on LGTM by default. |

 ## Changes to existing queries

 | **Query**                  | **Expected impact**    | **Change**                                                       |
|----------------------------|------------------------|------------------------------------------------------------------|
| Unused import (`py/unused-import`) | Fewer false positive results | Results where the imported module is used in a doctest string are no longer reported |

 ## Changes to code extraction

 * *Series of bullet points*

 ## Changes to QL libraries

 * *Series of bullet points*
Add change note for 1.20 2019-01-07 17:35:19 +03:00			`# Improvements to Python analysis`


			`## General improvements`

			`> Changes that affect alerts in many files or from many queries`
			`> For example, changes to file classification`
			`## New queries`

			`\| Query \| Tags \| Purpose \|`
			`\|-----------------------------\|-----------\|--------------------------------------------------------------------\|`
Add descriptions and remove leftovers from old change note. 2019-01-09 18:23:02 +03:00			\| Default version of SSL/TLS may be insecure (`py/insecure-default-protocol`) \| security, external/cwe/cwe-327 \| Finds instances where an insecure default protocol may be used. Results are shown on LGTM by default. \|
			\| Use of insecure SSL/TLS version (`py/insecure-protocol`) \| security, external/cwe/cwe-327 \| Finds instances where a known insecure protocol has been specified. Results are shown on LGTM by default. \|
Add change note for 1.20 2019-01-07 17:35:19 +03:00
			`## Changes to existing queries`

			`\| Query \| Expected impact \| Change \|`
			`\|----------------------------\|------------------------\|------------------------------------------------------------------\|`
Python: Fix 'unused import' to no longer give alerts for imported modules used in doctests. 2019-01-18 14:08:53 +03:00			\| Unused import (`py/unused-import`) \| Fewer false positive results \| Results where the imported module is used in a doctest string are no longer reported \|
Add change note for 1.20 2019-01-07 17:35:19 +03:00
			`## Changes to code extraction`

			`* Series of bullet points`

			`## Changes to QL libraries`

			`* Series of bullet points`