CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.9.1 (changelog, source)
Search

Module UnvalidatedDynamicMethodCallCustomizations

Provides default sources, sinks and sanitizers for reasoning about unvalidated dynamic method calls, as well as extension points for adding your own.

Import path

import semmle.javascript.security.dataflow.UnvalidatedDynamicMethodCallCustomizations

Imports

Express

Provides classes for working with Express applications.

PropertyInjectionShared

Provides predicates for reasoning about flow of user-controlled values that are used as property names.

javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Modules