hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-03 16:51:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ad2ab5602eaf4e4ec4de288efb9d4e05a303a529
codeql/javascript/ql/src/CHANGELOG.md
github-actions[bot] 20fe22c8c8 Release preparation for version 2.8.2
2022-02-24 14:57:08 +00:00

2.9 KiB
Raw Blame History

0.0.11

New Queries

  • A new query, js/functionality-from-untrusted-source, has been added to the query suite. It finds DOM elements that load functionality from untrusted sources, like script or iframe elements using http links. The query is run by default.

Query Metadata Changes

  • The js/request-forgery query previously flagged both server-side and client-side request forgery, but these are now handled by two different queries:
    • js/request-forgery is now specific to server-side request forgery. Its precision has been raised to high and is now shown by default (it was previously in the security-extended suite).
    • js/client-side-request-forgery is specific to client-side request forgery. This is technically a new query but simply flags a subset of what the old query did. This has precision medium and is part of the security-extended suite.

Minor Analysis Improvements

0.0.10

New Queries

  • A new query, js/unsafe-code-construction, has been added to the query suite, highlighting libraries that may leave clients vulnerable to arbitary code execution. The query is not run by default.
  • A new query js/file-system-race has been added. The query detects when there is time between a file being checked and used. The query is not run by default.
  • A new query js/jwt-missing-verification has been added. The query detects applications that don't verify JWT tokens.
  • The js/insecure-dependency query has been added. It detects depedencies that are downloaded using an unencrypted connection.

0.0.9

New Queries

  • A new query js/samesite-none-cookie has been added. The query detects when the SameSite attribute is set to None on a sensitive cookie.
  • A new query js/empty-password-in-configuration-file has been added. The query detects empty passwords in configuration files. The query is not run by default.

0.0.8

0.0.7

Minor Analysis Improvements

  • Support for handlebars templates has improved. Raw interpolation tags of the form {{& ... }} are now recognized, as well as whitespace-trimming tags like {{~ ... }}.
  • Data flow is now tracked across middleware functions in more cases, leading to more security results in general. Affected packages are express and fastify.
  • js/missing-token-validation has been made more precise, yielding both fewer false positives and more true positives.

0.0.6

Major Analysis Improvements

  • TypeScript 4.5 is now supported.

0.0.5

New Queries

  • The js/sensitive-get-query query has been added. It highlights GET requests that read sensitive information from the query string.
  • The js/insufficient-key-size query has been added. It highlights the creation of cryptographic keys with a short key size.
  • The js/session-fixation query has been added. It highlights servers that reuse a session after a user has logged in.