CodeQL library for Python
codeql/python-all 0.6.4 (changelog, source)
Search

Module Model

Import path

import semmle.python.web.django.Model

Imports

Basic
Http
Sql

Provides class and predicates to track external data that may represent malicious SQL queries or parts of queries.

TaintTracking
python

Classes

DjangoDbTableObjects

A “taint” for django database tables

DjangoModel

A django model class

DjangoModelExtraCall

A call to the extra method on a django model. This allows a raw SQL query to be sent to the database, which is a security risk.

DjangoModelObjects

Django model objects, which are sources of django database table “taint”

DjangoModelRawCall

A call to the raw method on a django model. This allows a raw SQL query to be sent to the database, which is a security risk.