Provides default sources, sinks and sanitizers for reasoning about
user-controlled objects flowing into a vulnerable extends call,
as well as extension points for adding your own.
Import path
import semmle.javascript.security.dataflow.PrototypePollutionCustomizationsImports
| SemVer | Provides classes for working SemVer (Semantic Versioning). |
| TaintedObject | Provides methods for reasoning about the flow of deeply tainted objects, such as JSON objects parsed from user-controlled data. |
| javascript | Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML. |