cognium-dev 3.64.0 → 3.65.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/cli.js +15 -1
  2. package/package.json +2 -2
package/dist/cli.js CHANGED
@@ -22506,6 +22506,20 @@ class TaintPropagationPass {
22506
22506
  return false;
22507
22507
  });
22508
22508
  }
22509
+ if (finalFlows.length > 1) {
22510
+ const bestByKey = new Map;
22511
+ for (const f of finalFlows) {
22512
+ const key = `${f.source_line}|${f.sink_line}|${f.sink_type}`;
22513
+ const cur = bestByKey.get(key);
22514
+ if (!cur || f.confidence > cur.confidence) {
22515
+ bestByKey.set(key, f);
22516
+ }
22517
+ }
22518
+ finalFlows = finalFlows.filter((f) => {
22519
+ const key = `${f.source_line}|${f.sink_line}|${f.sink_type}`;
22520
+ return bestByKey.get(key) === f;
22521
+ });
22522
+ }
22509
22523
  return { flows: finalFlows };
22510
22524
  }
22511
22525
  }
@@ -31033,7 +31047,7 @@ var colors = {
31033
31047
  };
31034
31048
 
31035
31049
  // src/version.ts
31036
- var version = "3.64.0";
31050
+ var version = "3.65.0";
31037
31051
 
31038
31052
  // src/formatters.ts
31039
31053
  var SINK_SEVERITY = {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "cognium-dev",
3
- "version": "3.64.0",
3
+ "version": "3.65.0",
4
4
  "description": "Static Application Security Testing CLI for detecting security vulnerabilities via taint tracking",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
@@ -65,7 +65,7 @@
65
65
  "registry": "https://registry.npmjs.org/"
66
66
  },
67
67
  "dependencies": {
68
- "circle-ir": "^3.64.0"
68
+ "circle-ir": "^3.65.0"
69
69
  },
70
70
  "devDependencies": {
71
71
  "@types/node": "^25.5.0",