hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 11:46:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
cbb6797ca871a61c60c39dde9af894d0255252c6
codeql/change-notes/1.24/analysis-javascript.md
Erik Krogh Kristensen c6c1ebe81a Merge remote-tracking branch 'upstream/master' into typeAheadSink
2019-12-02 08:41:49 +01:00

2.7 KiB
Raw Blame History

Improvements to JavaScript analysis

General improvements

  • Imports with the .js extension can now be resolved to a TypeScript file, when the import refers to a file generated by TypeScript.

New queries

Query Tags Purpose
Cross-site scripting through exception (js/xss-through-exception) security, external/cwe/cwe-079, external/cwe/cwe-116 Highlights potential XSS vulnerabilities where an exception is written to the DOM. Results are not shown on LGTM by default.

Changes to existing queries

Query Expected impact Change
Clear-text logging of sensitive information (js/clear-text-logging) More results More results involving process.env and indirect calls to logging methods are recognized.
Incomplete string escaping or encoding (js/incomplete-sanitization) Fewer false positive results This query now recognizes additional cases where a single replacement is likely to be intentional.
Unbound event handler receiver (js/unbound-event-handler-receiver) Fewer false positive results This query now recognizes additional ways event handler receivers can be bound.

Changes to libraries

  • The predicates RegExpTerm.getSuccessor and RegExpTerm.getPredecessor have been changed to reflect textual, not operational, matching order. This only makes a difference in lookbehind assertions, which are operationally matched backwards. Previously, getSuccessor would mimick this, so in an assertion (?<=ab) the term b would be considered the predecessor, not the successor, of a. Textually, however, a is still matched before b, and this is the order we now follow.