CodeQL code scanning now recognizes more Python libraries and frameworks
We’ve improved the depth of CodeQL's Python analysis by adding support for more libraries and frameworks, including:
- FastAPI
- aiomysql
- aiopg
- asyncpg
- Django REST framework
- The
os.pathmodule - Flask-Admin
- toml
- ruamel.yaml
- SQLAlchemy
As a result, CodeQL can now detect even more potential sources of untrusted user data, steps through which that data flows, and potentially dangerous sinks in which this data could end up. This results in an overall improvement of the quality of the code scanning alerts.
We carefully choose and prioritize the libraries and frameworks supported by CodeQL based on their popularity and through user feedback. These improvements are now available to users of CodeQL code scanning on GitHub.com, and will also be available in the next release of GitHub Enterprise Server (3.4).

Formed in 2009, the Archive Team (not to be confused with the archive.org Archive-It Team) is a rogue archivist collective dedicated to saving copies of rapidly dying or deleted websites for the sake of history and digital heritage. The group is 100% composed of volunteers and interested parties, and has expanded into a large amount of related projects for saving online and digital history.
