|
2 | 2 |
|
3 | 3 | ## General improvements |
4 | 4 |
|
| 5 | +* Modelling of taint flow through array operations has been improved. This may give additional results for the security queries. |
| 6 | + |
| 7 | +* Support for popular libraries has been improved. Consequently, queries may produce more results on code bases that use the following features: |
| 8 | + - file system access, for example through [fs-extra](https://github.com/jprichardson/node-fs-extra) or [globby](https://www.npmjs.com/package/globby) |
| 9 | + |
| 10 | + |
5 | 11 | ## New queries |
6 | 12 |
|
7 | | -| **Query** | **Tags** | **Purpose** | |
8 | | -|-----------------------------|-----------|--------------------------------------------------------------------| |
9 | | -| *@name of query (Query ID)* | *Tags* |*Aim of the new query and whether it is enabled by default or not* | |
| 13 | +| **Query** | **Tags** | **Purpose** | |
| 14 | +|-----------------------------------------------|------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |
| 15 | +| Enabling Node.js integration for Electron web content renderers (`js/enabling-electron-renderer-node-integration`) | security, frameworks/electron, external/cwe/cwe-094 | Highlights Electron web content renderer preferences with Node.js integration enabled, indicating a violation of [CWE-94](https://cwe.mitre.org/data/definitions/94.html). Results are not shown on LGTM by default. | |
| 16 | +| Stored cross-site scripting (`js/stored-xss`) | security, external/cwe/cwe-079, external/cwe/cwe-116 | Highlights uncontrolled stored values flowing into HTML content, indicating a violation of [CWE-079](https://cwe.mitre.org/data/definitions/79.html). Results shown on LGTM by default. | |
| 17 | +| Replacement of a substring with itself (`js/identity-replacement`) | correctness, security, external/cwe/cwe-116 | Highlights string replacements that replace a string with itself, which usually indicates a mistake. Results shown on LGTM by default. | |
10 | 18 |
|
11 | 19 | ## Changes to existing queries |
12 | 20 |
|
13 | 21 | | **Query** | **Expected impact** | **Change** | |
14 | 22 | |--------------------------------|----------------------------|----------------------------------------------| |
15 | 23 | | Regular expression injection | Fewer false-positive results | This rule now identifies calls to `String.prototype.search` with more precision. | |
16 | | - |
| 24 | +| Unbound event handler receiver | Fewer false-positive results | This rule now recognizes additional ways class methods can be bound. | |
| 25 | +| Remote property injection | Fewer results | The precision of this rule has been revised to "medium". Results are no longer shown on LGTM by default. | |
| 26 | +| Missing CSRF middleware | Fewer false-positive results | This rule now recognizes additional CSRF protection middlewares. | |
17 | 27 |
|
18 | 28 | ## Changes to QL libraries |
0 commit comments