Skip to content

JS: Improve alert messages of js/incomplete-sanitization #19953

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Napalys wants to merge 4 commits into from

JS: add extra test case with `}`

cc1d2c4
Select commit
Loading
Failed to load commit list.
Closed

JS: Improve alert messages of js/incomplete-sanitization #19953

JS: add extra test case with `}`
cc1d2c4
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL completed Jul 2, 2025 in 7s

6 configurations not found

Warning: Code scanning may not have found all the alerts introduced by this pull request, because 6 configurations present on refs/heads/main were not found:

Actions workflow (rust-analysis.yml)

  • ❓  .github/workflows/rust-analysis.yml:analyze/language:rust

Actions workflow (csv-coverage-metrics.yml)

  • ❓  .github/workflows/csv-coverage-metrics.yml:publish-csharp
  • ❓  .github/workflows/csv-coverage-metrics.yml:publish-java

Actions workflow (codeql-analysis.yml)

  • ❓  .github/workflows/codeql-analysis.yml:CodeQL-Build/language:actions
  • ❓  .github/workflows/codeql-analysis.yml:CodeQL-Build/language:csharp

Actions workflow (cpp-swift-analysis.yml)

  • ❓  .github/workflows/cpp-swift-analysis.yml:CodeQL-Build

New alerts in code changed by this pull request

  • 1 warning

See annotations below for details.

View all branch alerts.

Annotations

Check warning on line 150 in javascript/ql/src/Security/CWE-116/IncompleteSanitization.ql

See this annotation in the file changed.

Code scanning / CodeQL

Using 'toString' in query logic Warning

Query logic depends on implementation of 'toString'.