mirror of
https://github.com/github/codeql.git
synced 2026-04-30 19:26:02 +02:00
add change note
This commit is contained in:
Erik Krogh Kristensen
8
javascript/change-notes/2021-02-11-apollo-client.md
Normal file
8
javascript/change-notes/2021-02-11-apollo-client.md
Normal file
@@ -0,0 +1,8 @@
|
||||
lgtm,codescanning
|
||||
* URIs used in the Apollo-link libraries are now recognized as sinks for `js/request-forgery`.
|
||||
Affected packages are
|
||||
[apollo-link-http](https://www.npmjs.com/package/apollo-link-http),
|
||||
[apollo-client](https://www.npmjs.com/package/apollo-client),
|
||||
[apollo-boost](https://www.npmjs.com/package/apollo-boost),
|
||||
[apollo-client-preset](https://www.npmjs.com/package/apollo-client-preset), and
|
||||
[apollo-link-ws](https://www.npmjs.com/package/apollo-link-ws)
|
||||
Reference in New Issue
Block a user