codeql/javascript/change-notes/2021-04-26-unsafe-html-construction.md

lgtm,codescanning

• A new query, js/html-constructed-from-input, has been added to the query suite, highlighting libraries that may leave clients vulnerable to cross-site-scripting attacks.