Skip to content

Python: Add precision to NoSQL query #15720

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
yoff merged 2 commits into from
Mar 4, 2024
Merged

Python: Add precision to NoSQL query #15720

yoff merged 2 commits into from
Mar 4, 2024

Conversation

@RasmusWL
Copy link
Member

@RasmusWL RasmusWL commented Feb 26, 2024

Due to this, it was not part of any query suite :O

@yoff do you agree it should be high, or should it be medium? I don't have the details from when you did the promotion of this query, so just took a guess.

@RasmusWL
Python: Add precision to NoSQL query
1cfac50 
Due to this, it was not part of any query suite :O
@RasmusWL RasmusWL requested a review from a team as a code owner February 26, 2024 10:25
@yoff
Copy link
Contributor

yoff commented Mar 1, 2024

@yoff do you agree it should be high, or should it be medium? I don't have the details from when you did the promotion of this query, so just took a guess.

Yes. I read through the old PR to jog my memory. I think 'high' should be defensible.

yoff
yoff previously approved these changes Mar 1, 2024
View reviewed changes
Copy link
Contributor

@yoff yoff left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@yoff
Copy link
Contributor

yoff commented Mar 1, 2024

Do we need a change note about this query now being included by default? Thanks for cleaning up this mess!

@RasmusWL
Copy link
Member Author

RasmusWL commented Mar 4, 2024

Do we need a change note about this query now being included by default? Thanks for cleaning up this mess!

sure, I made one 👍 I based it on the following, but put emphasis on the fact that it's run by default now 😅

codeql/python/ql/src/change-notes/released/0.9.0.md

Line 5 in 9fe993b

* The query `py/nosql-injection` for finding NoSQL injection vulnerabilities is now available in the default security suite.

@RasmusWL RasmusWL requested a review from yoff March 4, 2024 10:47
yoff
yoff approved these changes Mar 4, 2024
View reviewed changes
Copy link
Contributor

@yoff yoff left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@yoff yoff merged commit 00e77a3 into github:main Mar 4, 2024
@RasmusWL RasmusWL deleted the nosql-precision branch March 4, 2024 14:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yoff yoff yoff approved these changes

Assignees

No one assigned

Labels

documentation Python

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@RasmusWL @yoff