You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: change-notes/1.21/analysis-javascript.md
+3-2Lines changed: 3 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -40,14 +40,15 @@
40
40
| Expression has no effect | Fewer false-positive results | This rule now treats uses of `Object.defineProperty` more conservatively. |
41
41
| Incomplete regular expression for hostnames | More results | This rule now tracks regular expressions for host names further. |
42
42
| Incomplete string escaping or encoding | More results | This rule now considers the flow of regular expressions literals, and it no longer flags the removal of trailing newlines. |
43
+
| Incorrect suffix check | Fewer false-positive results | This rule now recognizes valid checks in more cases. |
43
44
| Password in configuration file | Fewer false positive results | This query now excludes passwords that are inserted into the configuration file using a templating mechanism or read from environment variables. Results are no longer shown on LGTM by default. |
44
45
| Replacement of a substring with itself | More results | This rule now considers the flow of regular expressions literals. |
45
46
| Server-side URL redirect | Fewer false-positive results | This rule now treats URLs as safe in more cases where the hostname cannot be tampered with. |
47
+
| Tainted path | More results and fewer false-positive results | This rule now analyses path manipulation code more precisely. |
46
48
| Type confusion through parameter tampering | Fewer false-positive results | This rule now recognizes additional emptiness checks. |
47
49
| Useless assignment to property | Fewer false-positive results | This rule now ignore reads of additional getters. |
48
50
| Unreachable statement | Unreachable throws no longer give an alert | This ignores unreachable throws, as they could be intentional (for example, to placate the TS compiler). |
49
-
| Incorrect suffix check | Fewer false-positive results | This rule now recognizes valid checks in more cases. |
50
-
| Tainted path | More results and fewer false-positive results | This rule now analyses path manipulation code more precisely. |
0 commit comments