hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-05 23:26:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
44b570f7b65f90cd4a9dbdb71ce46009d81d33db
codeql/change-notes/1.25/analysis-javascript.md
Erik Krogh Kristensen aee7cc117d add change-note
2020-04-20 13:08:51 +02:00

1.7 KiB
Raw Blame History

Improvements to JavaScript analysis

General improvements

New queries

Query Tags Purpose

Changes to existing queries

Query Expected impact Change
Misspelled variable name (js/misspelled-variable-name) Message changed The message for this query now correctly identifies the misspelled variable in additional cases.
Uncontrolled data used in path expression (js/path-injection) More results This query now recognizes additional file system calls.
Uncontrolled command line (js/command-line-injection) More results This query now recognizes additional command execution calls.

Changes to libraries

  • Added data flow for Map and Set, and added matching type-tracking steps that can accessed using the CollectionsTypeTracking module.