Skip to content

Commit a067cd3

Browse files
asgerfasgerf
authored
Merge pull request github#3756 from esbena/js/delay-slow-query-merge
JS: delay merging two slow queries
2 parents 4a459c8 + 7d54b02 commit a067cd3

26 files changed

+0
-1073
lines changed

change-notes/1.25/analysis-javascript.md

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,6 @@
4141
| Creating biased random numbers from a cryptographically secure source (`js/biased-cryptographic-random`) | security, external/cwe/cwe-327 | Highlights mathematical operations on cryptographically secure numbers that can create biased results. Results are shown on LGTM by default. |
4242
| Storage of sensitive information in build artifact (`js/build-artifact-leak`) | security, external/cwe/cwe-312 | Highlights storage of sensitive information in build artifacts. Results are shown on LGTM by default. |
4343
| Improper code sanitization (`js/bad-code-sanitization`) | security, external/cwe/cwe-094, external/cwe/cwe-079, external/cwe/cwe-116 | Highlights string concatenation where code is constructed without proper sanitization. Results are shown on LGTM by default. |
44-
| Resource exhaustion (`js/resource-exhaustion`) | security, external/cwe/cwe-770 | Highlights operations that may cause the resources of the application to be exhausted. Results are shown on LGTM by default. |
4544
| Incomplete multi-character sanitization (`js/incomplete-multi-character-sanitization`) | correctness, security, external/cwe/cwe-20, external/cwe/cwe-116 | Highlights sanitizers that fail to remove dangerous substrings completely. Results are shown on LGTM by default. |
4645

4746
## Changes to existing queries

javascript/config/suites/javascript/security

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,6 @@
4545
+ semmlecode-javascript-queries/Security/CWE-730/RegExpInjection.ql: /Security/CWE/CWE-730
4646
+ semmlecode-javascript-queries/Security/CWE-754/UnvalidatedDynamicMethodCall.ql: /Security/CWE/CWE-754
4747
+ semmlecode-javascript-queries/Security/CWE-770/MissingRateLimiting.ql: /Security/CWE/CWE-770
48-
+ semmlecode-javascript-queries/Security/CWE-770/ResourceExhaustion.ql: /Security/CWE/CWE-770
4948
+ semmlecode-javascript-queries/Security/CWE-776/XmlBomb.ql: /Security/CWE/CWE-776
5049
+ semmlecode-javascript-queries/Security/CWE-798/HardcodedCredentials.ql: /Security/CWE/CWE-798
5150
+ semmlecode-javascript-queries/Security/CWE-807/ConditionalBypass.ql: /Security/CWE/CWE-807

javascript/ql/src/Security/CWE-730/ServerCrash.qhelp

Lines changed: 0 additions & 22 deletions
This file was deleted.

javascript/ql/src/Security/CWE-730/ServerCrash.ql

Lines changed: 0 additions & 100 deletions
This file was deleted.

javascript/ql/src/Security/CWE-770/ResourceExhaustion.qhelp

Lines changed: 0 additions & 113 deletions
This file was deleted.

javascript/ql/src/Security/CWE-770/ResourceExhaustion.ql

Lines changed: 0 additions & 20 deletions
This file was deleted.

javascript/ql/src/Security/CWE-770/examples/ResourceExhaustion_array.js

Lines changed: 0 additions & 10 deletions
This file was deleted.

javascript/ql/src/Security/CWE-770/examples/ResourceExhaustion_array_fixed.js

Lines changed: 0 additions & 16 deletions
This file was deleted.

javascript/ql/src/Security/CWE-770/examples/ResourceExhaustion_buffer.js

Lines changed: 0 additions & 10 deletions
This file was deleted.

javascript/ql/src/Security/CWE-770/examples/ResourceExhaustion_buffer_fixed.js

Lines changed: 0 additions & 16 deletions
This file was deleted.

0 commit comments

Comments
 (0)