Skip to content

Latest commit

 

History

History
182 lines (126 loc) · 11.3 KB

CHANGELOG.md

File metadata and controls

182 lines (126 loc) · 11.3 KB

Changelog

3.0.1 (2024-06-14)

Bug Fixes

3.0.1 (2024-06-13)

Bug Fixes

3.0.0 (2024-04-10)

⚠ BREAKING CHANGES

  • requires node ^18.18.0 || ^20.9.0 || >=21.1.0 (#146)

Features

  • requires node ^18.18.0 || ^20.9.0 || >=21.1.0 (#146) (df1b606)

Bug Fixes

  • Ensure everything works with ESLint v9 (#145) (ac50ab4)

2.1.1 (2024-02-14)

Bug Fixes

  • Ensure empty eval() doesn't crash detect-eval-with-expression (#139) (8a7c7db)

2.1.0 (2023-12-15)

Features

2.0.0 (2023-10-17)

⚠ BREAKING CHANGES

  • switch the recommended config to flat (#118)

Features

  • switch the recommended config to flat (#118) (e20a366)

1.7.1 (2023-02-02)

Bug Fixes

  • false positives for static expressions in detect-non-literal-fs-filename, detect-child-process, detect-non-literal-regexp, and detect-non-literal-require (#109) (56102b5)

1.7.0 (2023-01-26)

Features

1.6.0 (2023-01-11)

Features

  • Add meta object documentation for all rules (#79) (fb1d9ef)
  • detect-bidi-characters rule (#95) (4294d29)
  • detect-non-literal-fs-filename: change to track non-top-level require() as well (#105) (d3b1543)
  • extend detect non literal fs filename (#92) (08ba476)
  • non-literal-require: support template literals (#81) (208019b)

Bug Fixes

  • Avoid crash when exec() is passed no arguments (7f97815), closes #82 #23
  • Avoid TypeError when exec stub is used with no arguments (#97) (9c18f16)
  • detect-child-process: false positive for destructuring with exec (#102) (657921a)
  • detect-child-process: false positives for destructuring spawn (#103) (fdfe37d)
  • Incorrect method name in detect-buffer-noassert. (313c0c6), closes #63 #80

1.5.0 / 2022-04-14

  • Fix avoid crash when exec() is passed no arguments Closes #82 with ref as #23
  • Fix incorrect method name in detect-buffer-noassert Closes #63 and #80
  • Clean up source code formatting Fixes #4 and closes #78
  • Add release script Script
  • Add non-literal require TemplateLiteral support #81
  • Add meta object documentation for all rules #79
  • Added Git pre-commit hook to format JS files Pre-commit hook
  • Added yarn installation method
  • Fix linting errors and step Lint errors, Lint step
  • Create workflows Check commit message on pull requests, Set up ci on main branch
  • Update test and lint commands to work cross-platform Commit
  • Merge pull request #47 from pdehaan/add-docs Add old liftsecurity blog posts to docs/ folder
  • Bumped up dependencies
  • Added package-lock.json
  • Fixed typos in README and documentation Replaced dead links in README

1.4.0 / 2017-06-12

  • 1.4.0
  • Stuff and things for 1.4.0 beep boop 🤖
  • Merge pull request #14 from travi/recommended-example Add recommended ruleset to the usage example
  • Merge pull request #19 from pdehaan/add-changelog Add basic CHANGELOG.md file
  • Merge pull request #17 from pdehaan/issue-16 Remove filename from error output
  • Add basic CHANGELOG.md file
  • Remove filename from error output
  • Add recommended ruleset to the usage example for #9
  • Merge pull request #10 from pdehaan/issue-9 Add 'plugin:security/recommended' config to plugin
  • Merge pull request #12 from tupaschoal/patch-1 Fix broken link for detect-object-injection
  • Fix broken link for detect-object-injection The current link leads to a 404 page, the new one is the proper page.
  • Add 'plugin:security/recommended' config to plugin

1.3.0 / 2017-02-09

  • 1.3.0
  • Merge branch 'scottnonnenberg-update-docs'
  • Fix merge conflicts because I can't figure out how to accept pr's in the right order
  • Merge pull request #7 from HamletDRC/patch-1 README.md - documentation detect-new-buffer rule
  • Merge pull request #8 from HamletDRC/patch-2 README.md - document detect-disable-mustache-escape rule
  • Merge pull request #3 from jesusprubio/master A bit of love
  • README.md - document detect-disable-mustache-escape rule
  • README.md - documentation detect-new-buffer rule
  • Merge pull request #6 from mathieumg/csrf-bug Fixed crash with detect-no-csrf-before-method-override rule
  • Fixed crash with detect-no-csrf-before-method-override rule.
  • Finishing last commit
  • Style guide applied to all the code involving the tests
  • Removing a repeated test and style changes
  • ESLint added to the workflow
  • Removed not needed variables
  • Fix to a problem with a rule detected implementing the tests
  • Test engine with tests for all the rules
  • Minor typos
  • A little bit of massage to readme intro
  • Add additional information to README for each rule

1.2.0 / 2016-01-21

  • 1.2.0
  • updated to check for new RegExp too

1.1.0 / 2016-01-06

  • 1.1.0
  • adding eslint rule to detect new buffer hotspot

1.0.0 / 2015-11-15

  • updated desc
  • rules disabled by default
  • update links
  • beep boop