hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 03:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: add sanitizer support for ~whitelist.indexOf(x)

Browse Source
This commit is contained in:
Esben Sparre Andreasen
2018-08-20 13:28:19 +02:00
parent 692f416143
commit be8a32bb18
6 changed files with 47 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
change-notes/1.18/analysis-javascript.md
View File

@@ -10,6 +10,8 @@
* Modelling of taint flow through the array operations `map` and `join` has been improved. This may give additional results for the security queries.
* The taint tracking library now recognizes additional sanitization patterns. This may give fewer false-positive results for the security queries.
* Support for popular libraries has been improved. Consequently, queries may produce more results on code bases that use the following libraries:
- [bluebird](http://bluebirdjs.com)
- [browserid-crypto](https://github.com/mozilla/browserid-crypto)