You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
| Expression has no effect | Fewer false-positive results | This rule now treats uses of `Object.defineProperty` more conservatively. |
21
-
| Useless assignment to property | Fewer false-positive results | This rule now ignores reads of additional getters. |
22
20
| Arbitrary file write during zip extraction ("Zip Slip") | More results | This rule now considers more libraries, including tar as well as zip. |
23
-
| Client-side URL redirect | Fewer false-positive results | This rule now treats URLs as safe in more cases where the hostname cannot be tampered with. |
21
+
| Client-side URL redirect | More results and fewer false-positive results | This rule now recognizes additional uses of the document URL. This rule now treats URLs as safe in more cases where the hostname cannot be tampered with. |
22
+
| Double escaping or unescaping | More results | This rule now considers the flow of regular expressions literals. |
23
+
| Expression has no effect | Fewer false-positive results | This rule now treats uses of `Object.defineProperty` more conservatively. |
24
+
| Incomplete string escaping or encoding | More results | This rule now considers the flow of regular expressions literals. |
25
+
| Replacement of a substring with itself | More results | This rule now considers the flow of regular expressions literals. |
24
26
| Server-side URL redirect | Fewer false-positive results | This rule now treats URLs as safe in more cases where the hostname cannot be tampered with. |
27
+
| Useless assignment to property | Fewer false-positive results | This rule now ignore reads of additional getters. |
0 commit comments