hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 13:23:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
64fcdd1f2f3695d9f6290c1a1da03586ee9fb23f
codeql/javascript/ql/src/change-notes/released/2.1.0.md
Florin Coada ba520c60d2 Update 2.1.0.md
2025-09-26 10:11:03 +01:00

857 B
Raw Blame History

2.1.0

Major Analysis Improvements

  • Added support for TypeScript 5.9
  • Added support for import defer syntax in JavaScript and TypeScript.

Minor Analysis Improvements

  • Data flow is now tracked through the Promise.try and Array.prototype.with functions.
  • Query js/index-out-of-bounds no longer produces a false-positive when a strictly-less-than check overrides a previous less-than-or-equal test.
  • The query js/remote-property-injection now detects property injection vulnerabilities through object enumeration patterns such as Object.keys().
  • The query "Permissive CORS configuration" (js/cors-permissive-configuration) has been promoted from experimental and is now part of the default security suite. Thank you to @maikypedia who submitted the original experimental query!