codeql/change-notes/1.26/analysis-javascript.md

Improvements to JavaScript analysis

General improvements

• Support for the following frameworks and libraries has been improved:

  • fast-json-stable-stringify
  • fast-safe-stringify
  • javascript-stringify
  • js-stringify
  • json-stable-stringify
  • json-stringify-safe
  • json3
  • object-inspect
  • pretty-format
  • stringify-object

• Analyzing files with the ".cjs" extension is now supported.

New queries

Query	Tags	Purpose

Changes to existing queries

Query	Expected impact	Change
Incomplete URL substring sanitization (js/incomplete-url-substring-sanitization)	More results	This query now recognizes additional URLs when the substring check is an inclusion check.
Ambiguous HTML id attribute (js/duplicate-html-id)	Results no longer shown	Precision tag reduced to "low". The query is no longer run by default.

Changes to libraries