CodeQL code scanning now recognizes more Python libraries and frameworks

We’ve improved the depth of CodeQL's Python analysis by adding support for more libraries and frameworks, including:

  • FastAPI
  • aiomysql
  • aiopg
  • asyncpg
  • Django REST framework
  • The os.path module
  • Flask-Admin
  • toml
  • ruamel.yaml
  • SQLAlchemy

As a result, CodeQL can now detect even more potential sources of untrusted user data, steps through which that data flows, and potentially dangerous sinks in which this data could end up. This results in an overall improvement of the quality of the code scanning alerts.

We carefully choose and prioritize the libraries and frameworks supported by CodeQL based on their popularity and through user feedback. These improvements are now available to users of CodeQL code scanning on GitHub.com, and will also be available in the next release of GitHub Enterprise Server (3.4).