Skip to content

GitLab Next

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

Update njsscan to v0.1.9

Review changes
Download
Patches
Plain diff

Thomas Woodham requested to merge 1217-update-dependencies into master Dec 17, 2020

Overview 3
Commits 1
Pipelines 1
Changes 3

What does this MR do?

Update njsscan to v0.1.9
- Added rule to detect CWE-89 (SQL Injection) with knex.js.
- Added rule to detect CWE-327 (broken or risky crypto algorithm) when AES is used without an initialization vector.

What are the relevant issue numbers?

https://gitlab.com/gitlab-org/security-products/release/-/issues/104

Does this MR meet the acceptance criteria?

Changelog entry added
Documentation created/updated for GitLab EE, if necessary
Documentation created/updated for this project, if necessary
Documentation reviewed by technical writer or follow-up review issue created
Tests added for this feature/bug
Job definition updated, if necessary
Conforms to the code review guidelines
Conforms to the Go guidelines
Security reports checked/validated by reviewer

Edited Dec 17, 2020 by Lucas Charles

Merge request reports

Assignee Loading

Reviewers Loading

Request review from

Loading

Time tracking Loading

Loading