add the resolve library as a sink to js/path-injection

2026-04-28 02:05:14 +02:00 · 2021-06-04 17:16:12 +02:00
parent f21e949898
commit dd2fe2a489
4 changed files with 28 additions and 0 deletions
--- a/javascript/change-notes/2021-06-04-resolve.md
+++ b/javascript/change-notes/2021-06-04-resolve.md
@@ -0,0 +1,4 @@
+lgtm,codescanning
+* Paths used with the [resolve](https://npmjs.com/package/resolve) command are seen as sinks for the `js/path-injection` query.
+  Affected packages are
+    [resolve](https://npmjs.com/package/resolve)