- Update sast-rules version 2.3.1 (!399)
- Add
rules/lgpl-cc/java/endpoint/rule-ManuallyConstructedURLs.yml
to detect unsafely constructed URLs that could lead to SSRF - Update
rules/lgpl/javascript/jwt/rule-node_jwt_none_algorithm.yml
to use taint instead of search mode - Update
rules/lgpl/javascript/eval/rule-eval_require.js
to use taint instead of search mode - Update
rules/lgpl/javascript/crypto/rule-node_sha1.yml
with new patterns for better coverage and with updated metadata - Update
rules/lgpl/javascript/ssrf/rule-wkhtmltoimage_ssrf.yml
to use taint instead of search mode - Update
rules/lgpl/javascript/traversal/rule-express_lfr.yml
to use taint instead of search mode
- Add