CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.6.21-dev (changelog, source)
Index
Search

Module UnsafeCodeConstruction

Provides a taint-tracking configuration for reasoning about code constructed from library input vulnerabilities.

Note, for performance reasons: only import this file if UnsafeCodeConstruction::Configuration is needed, otherwise UnsafeCodeConstructionCustomizations should be imported instead.

Import path

import semmle.javascript.security.dataflow.UnsafeCodeConstruction

Imports

javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Modules

UnsafeCodeConstruction

Classes and predicates for the code constructed from library input query.