Page tree
Skip to end of metadata
Go to start of metadata

This extension was previously (in version 1.0, 1.1, and 1.2) known as TypeScript and Angular.

On this page:

Summary: This document provides information about changes and new features introduced in this release.

1.4.0-funcrel

Updates

  • Node.js Web services are supported
  • Methods defined within maps (i.e. dictionaries) are supported 

New rules

Below table lists the new rules added in this release of the extension.

1020898Avoid having multiple routes for the same path with Node.js Express App (TypeScript)
1020900Avoid enabling unsecure Node.js (TypeScript)
1020902Ensure the Content-Security-Policy is activated with express (TypeScript)
1020904Avoid using url.parse() with vulnerable Nodejs versions (TypeScript)
1020906Avoid using TLS library before Node.js 9.11.2 and 10.4.1 (TypeScript)
1020908Avoid using the file path validation with Node.js 8.5.0 (TypeScript)
1020910Avoid using path library parsing functions with vulnerable nodejs versions (TypeScript)
1020912Avoid using HTTP/2 library with vulnerable nodejs versions (TypeScript)
1020914Avoid using Buffer.fill() and/or Buffer.alloc() with vulnerable nodejs versions (TypeScript)
1020916Avoid using Buffer library and UCS-2 encoding with vulnerable versions (TypeScript)
1020918Avoid using Node.js query-mysql third-party (TypeScript)
1020920Avoid disabling SSL verification in node-curl (TypeScript)
1020922Avoid bypassing self-signed ssl certificate with Node.js (TypeScript)
1020924Avoid using net.Socket object as stream with vulnerable version of Node.js (TypeScript)
1020926Avoid string interpolations to prevent SQL injections (TypeScript)
7156Avoid too many copy pasted artifacts

The rule "Avoid too many copy pasted artifacts" depends on com.castsoftware.html5 extension. It will be activated automatically for TypeScript source code when using a version of com.castsoftware.html5 >= 2.0.15-funcrel.

1.4.0-beta1

Updates

New rules

Below table lists the new rules added in this release of the extension.

1020860Avoid using setInterval() (TypeScript)

1020870

Avoid using setTimeout() (TypeScript)

1020874Avoid the lack of error handling in the Node.js callbacks (TypeScript)
1020876Avoid using the Node.js process.exit() (TypeScript)
1020878Ensure the express X-XSS-Protection header is enabled (TypeScript)
1020880Ensure the express X-Powered-By header is disabled (TypeScript)
1020882Ensure the express X-Frame-Options header is setup (TypeScript)
1020884Ensure that the browser cannot cache or store a page when using express (TypeScript)
1020886Avoid using an unsecured cookie with express (TypeScript)
1020888Avoid unsecured connection to the express Node.js server (TypeScript)
1020890Ensure that CSRF Protection is enabled when using express (TypeScript)
1020892Ensure Node.js filesystem are closed (TypeScript)
1020894Avoid using string concatenation when using Node.js __dirname and __filename variables (TypeScript)
1020896Avoid using a risky cryptographic hash with Node.js (TypeScript)

Resolved issues

Internal ID

Call ID

Summary

ANGTS-114-Extend the rule "Avoid using web service calls inside a loop" to rxjs/ajax web service calls
ANGTS-26620864Missing links between Angular Delete Service and JAX-RS Operation
ANGTS-28721710Missing angular operation

Dependency issue

This version of the analyzer requires a version of com.castsoftware.nodejs >= 2.2.1-funcrel. This dependency is not specified in the analyzer and a recent enough version of nodejs will not be downloaded by default.

  • No labels