CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.8.12 (changelog, source)
Search

Module UnsafeDynamicMethodAccessCustomizations

Provides default sources, sinks and sanitizers for reasoning about method invocations with a user-controlled method name on objects with unsafe methods, as well as extension points for adding your own.

Import path

import semmle.javascript.security.dataflow.UnsafeDynamicMethodAccessCustomizations

Imports

Express

Provides classes for working with Express applications.

PropertyInjectionShared

Provides predicates for reasoning about flow of user-controlled values that are used as property names.

javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Modules