codeql/python/change-notes
yoff 8e11c2c476
Merge pull request #7259 from RasmusWL/even-more-path-injection-sinks
Python: Add more path-injection sinks from `os` and `tempfile` modules
2021-12-09 14:46:41 +01:00
..
2020-11-25-better-open-models.md
2020-12-03-model-realpath-abspath.md Python: Model abspath and realpath (for Path Injection) 2020-12-03 13:41:54 +01:00
2020-12-04-django-class-based-view-handlers.md Python: Add modeling of django class based view handlers 2020-12-04 14:03:59 +01:00
2020-12-08-stdlib-http-source-modeling.md Python: Add change-note 2020-12-08 14:04:46 +01:00
2020-12-09-add-sqlite3-model.md Python: Model sqlite3 as SQL interface 2020-12-09 11:36:18 +01:00
2020-12-14-add-PyMySQL-model.md Python: Add modeling of PyMySQL 2020-12-14 10:56:47 +01:00
2020-12-21-django-with-unknown-route.md Python: Model django request handlers without known route 2020-12-21 18:02:22 +01:00
2020-12-22-tornado-source-modeling.md Python: Add change-note for tornado source modeling 2021-01-14 13:37:27 +01:00
2021-01-12-flask-class-based-view-handlers.md Python: Add change-note for Flask class based view handlers 2021-01-19 15:09:04 +01:00
2021-01-19-port-url-redirect-query.md Python: Simple port of URL redirect query 2021-01-20 11:35:44 +01:00
2021-02-02-port-weak-crypto-key-query.md Python: Apply suggestions from code review 2021-02-23 15:24:52 +01:00
2021-02-03-flask-add-blueprint-modeling.md Python: Model flask blueprints 2021-02-16 15:26:51 +01:00
2021-02-04-api-graphs.md Python: Add change note 2021-02-04 18:43:44 +01:00
2021-02-10-django-improvements.md Python: Fix date for change-note 2021-02-12 10:26:31 +01:00
2021-02-10-yaml-more-loading-functions.md Python: Apply suggestions from code review 2021-02-23 15:19:29 +01:00
2021-02-12-django-get_redirect_url.md Python: Model get_redirect_url in django 2021-02-15 10:55:52 +01:00
2021-02-18-type-backtrackers.md Python: Add change note 2021-02-18 15:59:34 +01:00
2021-02-23-port-bind-to-all-interfaces.md Python: Port bind-to-all-interfaces to type-tracking 2021-02-23 16:01:24 +01:00
2021-02-23-port-insecure-default-protocol.md Update python/change-notes/2021-02-23-port-insecure-default-protocol.md 2021-03-09 13:19:48 +01:00
2021-02-24-port-flask-debug.md Python: Port py/flask-debug 2021-02-24 11:37:25 +01:00
2021-02-25-port-stactrace-exposure-query.md Update python/change-notes/2021-02-25-port-stactrace-exposure-query.md 2021-03-02 22:23:29 +01:00
2021-03-01-fluent-interface-data-flow.md Add change notes 2021-03-01 16:59:20 +00:00
2021-03-11-api-graph-builtins.md Python: Support builtins in API graphs 2021-03-11 23:03:18 +01:00
2021-03-12-small-api-enhancements.md Python: Remove `getALocalTaintSource` 2021-03-24 01:22:21 +01:00
2021-03-15-port-insecure-protocol.md Python: Add changenote 2021-03-15 17:35:30 +01:00
2021-03-18-yaml-handle-C-based-loaders.md Python: Model C-based loaders for PyYAML 2021-03-18 11:55:01 +01:00
2021-03-22-django-queryset-chains.md Python: Model QuerySet chains in django 2021-03-22 14:38:54 +01:00
2021-03-22-getacall-callcfgnode.md Python: Make `API::Node::getACall` return a `CallCfgNode` 2021-03-22 16:37:24 +01:00
2021-03-23-django-forms-fields-classes.md Python: Model django forms/fields 2021-03-23 13:57:38 +01:00
2021-03-25-remove-legacy.md Python: Add change note 2021-03-25 15:34:09 +01:00
2021-04-09-split-weak-crypto-query.md Python: Add change-note for new weak crypto queries 2021-04-22 15:23:42 +02:00
2021-04-13-pep249-api-graphs.md Python: Use American English in change note 2021-04-13 15:05:44 +02:00
2021-04-13-werkzeug-api-graphs.md Python: Add change note 2021-04-13 16:04:07 +00:00
2021-04-15-pathlib-Paths.md Python: add changenote 2021-04-15 10:14:35 +02:00
2021-04-20-stepsummary-localsourcenode.md Python: Move `track`/`backtrack` to `LocalSourceNode` 2021-04-20 14:39:56 +00:00
2021-04-21-django-v3.2.md Python: Add change-note for Django 3.2 support 2021-04-21 13:58:34 +02:00
2021-05-10-idna-add-modeling.md Python: Add modeling of idna PyPI package 2021-05-10 11:47:11 +02:00
2021-05-10-simplejson-add-modeling.md Python: Add modeling of simplejson PyPI package 2021-05-10 15:10:27 +02:00
2021-05-10-ujson-add-modeling.md Python: Add modeling of ujson PyPI package 2021-05-10 15:10:31 +02:00
2021-05-21-api-graph-await.md Python: Add `getAwaited` to API::Node 2021-05-21 17:11:20 +02:00
2021-05-25-add-ClickHouse-sql-libs.md Python: Promote ClickHouse SQL models 2021-05-25 16:27:23 +02:00
2021-06-03-aiohttp-webserver-modeling.md Python: Fix wording of change-note 2021-06-08 16:19:25 +02:00
2021-06-04-sensitive-data-modeling-expanded.md Python: Add change-note 2021-06-04 15:27:36 +02:00
2021-06-08-twisted-add-modeling.md Python: Add change-note for twisted 2021-06-08 16:20:29 +02:00
2021-06-09-add-jmespath-modeling.md Python: Add modeling of jmespath 2021-06-09 12:14:35 +02:00
2021-06-09-rsa-add-modeling.md Python: Model `rsa` 2021-06-11 11:23:06 +02:00
2021-06-15-add-method-call-conveniences.md Python: Add change note 2021-06-15 15:13:03 +00:00
2021-06-16-MarkupSafe-add-modeling.md Python: Add change-note 2021-06-16 20:09:05 +02:00
2021-06-24-add-CookieWrite-concept.md Python: Add change-note for `CookieWrite` 2021-06-24 17:34:43 +02:00
2021-06-24-dataflow-implicit-reads.md C++/C#/Java/Python: Add change notes. 2021-06-24 14:29:34 +02:00
2021-06-25-add-peewee-modeling.md Python: Add modeling of `peewee` 2021-06-25 17:50:59 +02:00
2021-07-12-add-typetrackingnode.md Python: Update change note 2021-07-22 13:11:29 +00:00
2021-07-13-path-problem-customization.md Python: Add change-note 2021-07-13 14:39:44 +02:00
2021-07-16-deprecate-importnode.md Python: Deprecate `importNode` 2021-07-16 11:38:30 +00:00
2021-07-28-port-RoDoS-queries.md Python: Update change note 2021-07-22 11:10:08 +00:00
2021-08-26-bad-tag-filter.md add a bad-tag-filter query for Python and JavaScript 2021-09-21 15:04:03 +02:00
2021-08-30-port-modifying-default-query.md Python: Add change note 2021-08-30 11:27:55 +02:00
2021-09-02-add-Flask-SQLAlchemy-modeling.md Python: Add modeling of `Flask-SQLAlchemy` 2021-09-02 10:48:24 +02:00
2021-09-02-add-SQLAlchemy-modeling.md Python: Promote `SQLAlchemy` modeling 2021-09-02 10:19:57 +02:00
2021-09-02-add-SQLAlchemyTextClauseInjection.md Python: Merge SQLAlchemy TextClause injection into `py/sql-injection` 2021-09-21 20:21:42 +02:00
2021-09-08-add-flow-from-default-values.md Python: Reclassify `defaultValueFlowStep` 2021-09-08 10:05:31 +02:00
2021-09-14-promote-regex-injection.md Python: update change note 2021-10-12 19:27:27 +02:00
2021-09-29-model-asyncpg.md Python: update change note 2021-10-28 14:53:46 +02:00
2021-10-08-add-dataflow-for-boolean-expressions.md Python: Apply suggestions from code review 2021-10-11 09:34:15 +02:00
2021-10-08-improve-pickle-dill-shelve-modeling.md Python: Add change-note 2021-10-08 12:06:18 +02:00
2021-10-11-model-aiomysql.md Python: model aiomysql 2021-11-10 14:29:39 +01:00
2021-10-20-extraction-errors-as-warnings.md Python: Add change-note 2021-10-20 17:03:55 +02:00
2021-10-25-add-FastAPI-modeling.md Python: Fix date for FastAPI change-note 2021-10-25 15:23:33 +02:00
2021-10-26-ruamel.yaml-modeling.md Python: Add modeling of `ruamel.yaml` PyPI package 2021-10-26 17:48:10 +02:00
2021-10-28-flask-send_file.md Python: Add change-note 2021-10-28 13:45:34 +02:00
2021-10-28-promote-ReDoS-queries.md Python: add changenote 2021-10-28 14:48:48 +02:00
2021-10-29-django-REST-framework-modeling.md Python: Add change-note 2021-11-02 10:55:44 +01:00
2021-11-02-flask_admin.md Python: Model `flask_admin` 2021-11-02 15:43:13 +01:00
2021-11-02-toml.md Python: Add `toml` modeling 2021-11-02 11:57:15 +01:00
2021-11-09-model-aiopg.md Python: add changenote 2021-11-09 12:57:36 +01:00
2021-11-12-fix-pyhton-query-ids.md Python: Add change-note 2021-11-12 14:27:01 +01:00
2021-11-15-model-wsgiref-simple-server-app.md Python: Model `wsgiref.simple_server` applications 2021-11-15 13:34:39 +01:00
2021-11-16-posixpath.md Python: Model `posixpath`, `ntpath`, and `genericpath` modules 2021-11-16 10:45:14 +01:00
2021-11-24-FastAPI-Custom-APIRouter-Subclass.md Python: Allow custom `fastapi.APIRouter` subclasses 2021-11-24 13:46:38 +01:00
2021-11-24-FastAPI-FileResponse-FileSystemAccess copy.md Python: Model FastAPI `FileResponse` as `FileSystemAccess` 2021-11-24 11:44:51 +01:00
2021-11-26-os-file-access.md Python: Refactor `os` FileSystemAccess change-note 2021-11-29 15:08:18 +01:00
2021-11-26-tempfile-file-access.md Python: Add modeling of `tempfile` module 2021-11-29 15:08:36 +01:00