mirror of
https://github.com/github/codeql.git
synced 2025-12-17 01:03:14 +01:00
2.8 KiB
2.8 KiB
Improvements to JavaScript analysis
General improvements
-
Support for the following frameworks and libraries has been improved:
-
The call graph has been improved to resolve method calls in more cases. This may produce more security alerts.
New queries
| Query | Tags | Purpose |
|---|---|---|
Unused index variable (js/unused-index-variable) |
correctness | Highlights loops that iterate over an array, but do not use the index variable to access array elements, indicating a possible typo or logic error. |
Changes to existing queries
| Query | Expected impact | Change |
|---|---|---|
Incomplete string escaping or encoding (js/incomplete-sanitization) |
Fewer false-positive results | This rule now recognizes additional ways delimiters can be stripped away. |
Client-side cross-site scripting (js/xss) |
More results | More potential vulnerabilities involving functions that manipulate DOM attributes are now recognized. |
Code injection (js/code-injection) |
More results | More potential vulnerabilities involving functions that manipulate DOM event handler attributes are now recognized. |
Hard-coded credentials (js/hardcoded-credentials) |
Fewer false-positive results | This rule now flags fewer password examples. |
Password in configuration file (js/password-in-configuration-file) |
Fewer false-positive results | This rule now flags fewer password examples. |
Prototype pollution (js/prototype-pollution) |
More results | The query now highlights vulnerable uses of jQuery and Angular, and the results are shown on LGTM by default. |
Incorrect suffix check (js/incorrect-suffix-check) |
Fewer false-positive results | The query recognizes valid checks in more cases. |
Changes to QL libraries
Expr.getDocumentation()now handles chain assignments.