Skip to content

Latest commit

 

History

History
21 lines (13 loc) · 949 Bytes

0.1.0.md

File metadata and controls

21 lines (13 loc) · 949 Bytes

0.1.0

Breaking Changes

  • The recently added flow-state versions of isBarrierIn, isBarrierOut, isSanitizerIn, and isSanitizerOut in the data flow and taint tracking libraries have been removed.

Deprecated APIs

  • Queries importing a data-flow configuration from semmle.python.security.dataflow should ensure that the imported file ends with Query, and only import its top-level module. For example, a query that used CommandInjection::Configuration from semmle.python.security.dataflow.CommandInjection should from now use Configuration from semmle.python.security.dataflow.CommandInjectionQuery instead.

Major Analysis Improvements

  • Added data-flow for Django ORM models that are saved in a database (no models.ForeignKey support).

Minor Analysis Improvements

  • Improved modeling of Flask Response objects, so passing a response body with the keyword argument response is now recognized.