зеркало из https://github.com/github/codeql.git
411 B
411 B
lgtm,codescanning
- Added support for more templating languages.
- EJS, Mustache, Handlebars, Nunjucks, Hogan, and Swig are now supported.
- Template tags from the above dialects are now recognized as sinks
when not escaped safely for the context, leading to additional results for
js/xssandjs/code-injection. - Files with the extension
.ejs,.hbs, or.njkare now extracted and analyzed.