cognium-dev 3.23.1 → 3.23.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +2 -1
- package/package.json +3 -4
package/dist/cli.js
CHANGED
|
@@ -9377,6 +9377,7 @@ var DEFAULT_SINKS = [
|
|
|
9377
9377
|
{ method: "getResource", class: "ServletContext", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
|
|
9378
9378
|
{ method: "getResourceAsStream", class: "ServletContext", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
|
|
9379
9379
|
{ method: "getRealPath", class: "ServletContext", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
|
|
9380
|
+
{ method: "child", class: "SCMFileSystem", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
|
|
9380
9381
|
{ method: "externalStaticFileLocation", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
|
|
9381
9382
|
{ method: "staticFileLocation", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
|
|
9382
9383
|
{ method: "getEntry", class: "ZipFile", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
|
|
@@ -25713,7 +25714,7 @@ var colors = {
|
|
|
25713
25714
|
};
|
|
25714
25715
|
|
|
25715
25716
|
// src/version.ts
|
|
25716
|
-
var version = "3.23.
|
|
25717
|
+
var version = "3.23.2";
|
|
25717
25718
|
|
|
25718
25719
|
// src/formatters.ts
|
|
25719
25720
|
var SINK_SEVERITY = {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cognium-dev",
|
|
3
|
-
"version": "3.23.
|
|
3
|
+
"version": "3.23.2",
|
|
4
4
|
"description": "Static Application Security Testing CLI for detecting security vulnerabilities via taint tracking",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -16,8 +16,7 @@
|
|
|
16
16
|
"typecheck": "tsc --noEmit",
|
|
17
17
|
"version": "node -e \"const v = require('./package.json').version; require('fs').writeFileSync('src/version.ts', '/**\\n * Version information\\n *\\n * Kept in sync with package.json via the \\`version\\` npm lifecycle script.\\n * Do not edit manually — use \\`npm version patch|minor|major\\` instead.\\n */\\nexport const version = \\x27' + v + '\\x27;\\n')\" && git add src/version.ts",
|
|
18
18
|
"dogfood": "bun run src/cli.ts scan src/ -q",
|
|
19
|
-
"prepublishOnly": "bun run build"
|
|
20
|
-
"release": "bash release.sh"
|
|
19
|
+
"prepublishOnly": "bun run build"
|
|
21
20
|
},
|
|
22
21
|
"keywords": [
|
|
23
22
|
"security",
|
|
@@ -66,7 +65,7 @@
|
|
|
66
65
|
"registry": "https://registry.npmjs.org/"
|
|
67
66
|
},
|
|
68
67
|
"dependencies": {
|
|
69
|
-
"circle-ir": "^3.23.
|
|
68
|
+
"circle-ir": "^3.23.2"
|
|
70
69
|
},
|
|
71
70
|
"devDependencies": {
|
|
72
71
|
"@types/node": "^25.5.0",
|