codeql/python/old-change-notes/2021-03-22-django-queryset-chains.md

lgtm,codescanning

• Improved modeling of django to recognize QuerySet chains such as User.objects.using("db-name").exclude(username="admin").extra("some sql"). This can lead to new results for py/sql-injection.