mirror of
https://github.com/github/codeql.git
synced 2025-12-17 01:03:14 +01:00
2.4 KiB
2.4 KiB
Improvements to JavaScript analysis
General improvements
-
Support for the following frameworks and libraries has been improved:
-
The call graph has been improved to resolve method calls in more cases. This may produce more security alerts.
New queries
| Query | Tags | Purpose |
|---|
Changes to existing queries
| Query | Expected impact | Change |
|---|---|---|
Client-side cross-site scripting (js/xss) |
More results | More potential vulnerabilities involving functions that manipulate DOM attributes are now recognized. |
Code injection (js/code-injection) |
More results | More potential vulnerabilities involving functions that manipulate DOM event handler attributes are now recognized. |
Incorrect suffix check (js/incorrect-suffix-check) |
Fewer false-positive results | The query recognizes valid checks in more cases. |
Network data written to file (js/http-to-file-access) |
Fewer false-positive results | This query has been renamed to better match its intended purpose, and now only considers network data untrusted. |
Prototype pollution (js/prototype-pollution) |
More results | The query now highlights vulnerable uses of jQuery and Angular, and the results are shown on LGTM by default. |
Uncontrolled command line (js/command-line-injection) |
More results | This query now treats responses from servers as untrusted. |
Changes to QL libraries
Expr.getDocumentation()now handles chain assignments.