Improvements to JavaScript analysis

General improvements

Support for the following frameworks and libraries has been improved:
- koa
- socket.io
- Node.js
- Firebase
- Express
- shelljs
The security queries now track data flow through Base64 decoders such as the Node.js Buffer class, the DOM function atob, and a number of npm packages intcluding abab, atob, btoa, base-64, js-base64, Base64.js and base64-js.

Query	Tags	Purpose

Query	Expected impact	Change
Arbitrary file write during zip extraction ("Zip Slip")	More results	This rule now considers more libraries, including tar as well as zip.
Client-side URL redirect	More results and fewer false-positive results	This rule now recognizes additional uses of the document URL. This rule now treats URLs as safe in more cases where the hostname cannot be tampered with.
Double escaping or unescaping	More results	This rule now considers the flow of regular expressions literals.
Expression has no effect	Fewer false-positive results	This rule now treats uses of `Object.defineProperty` more conservatively.
Incomplete string escaping or encoding	More results	This rule now considers the flow of regular expressions literals.
Replacement of a substring with itself	More results	This rule now considers the flow of regular expressions literals.
Server-side URL redirect	Fewer false-positive results	This rule now treats URLs as safe in more cases where the hostname cannot be tampered with.
Type confusion through parameter tampering	Fewer false-positive results	This rule now recognizes additional emptiness checks.
Useless assignment to property	Fewer false-positive results	This rule now ignore reads of additional getters.