Merge branch 'main' into js/test-suite

2026-04-27 17:55:19 +02:00 · 2025-03-11 13:17:08 +01:00
parent 0f201d2070 a4f2264f17
commit e8c5e4d006
499 changed files with 16371 additions and 5390 deletions
--- a/javascript/ql/src/change-notes/2025-02-28-membership-regexp-test.md
+++ b/javascript/ql/src/change-notes/2025-02-28-membership-regexp-test.md
@@ -0,0 +1,7 @@
+---
+category: fix
+---
+* Fixed a bug that would in rare cases cause some regexp-based checks
+  to be seen as generic taint sanitisers, even though the underlying regexp
+  is not restrictive enough. The regexps are now analysed more precisely,
+  and unrestrictive regexp checks will no longer block taint flow.
--- a/javascript/ql/src/meta/alerts/TaintedNodes.ql
+++ b/javascript/ql/src/meta/alerts/TaintedNodes.ql
@@ -4,7 +4,7 @@
 *              via default taint-tracking steps.
 * @kind problem
 * @problem.severity recommendation
- * @tags meta
+ * @tags meta-expensive
 * @id js/meta/alerts/tainted-nodes
 * @precision very-low
 */