Release Notes - 2.12

  • 2.12.1-funcrel
    Fixes missing DynamoDB tables.
    Fixes missing Azure ServiceBus Publisher and SQL Query objects. After running the analysis for the first time with this fix, some of these objects may be assigned new GUIDs. As a result, the old objects will appear as missing and are replaced by the new ones.
    Fixes missing link to NodeJs SQL query.
    Improves accuracy of 💎 1020704 - Avoid using string concatenation when using __dirname and __filename
    Improves accuracy of 💎 1020700 - Avoid the lack of error handling in the Node.js callbacks
    Saves the link property “triggeredBy” with the name of the API triggering the call to persistence objects (Tables, Collections, Buckets…).
    Removes treatment of ‘request’, ‘request-promise’, ‘request-promise-any’, ‘request-promise-native’. They are already computed by HTML5/Javascript extension.
    Updates the description of NodeJS External Library.
    Removes incorrect exclusion criteria that previously prevented certain relevant JavaScript source files from being analyzed. This enhances object resolution and linking, and adjusts the scope of all rules. Updates the description of total scope population for affected rules, replacing “NodeJS artifacts” with “JavaScript artifacts.”
  • 2.12.0-funcrel
    Fixes a traceback error seen in the analysis log: “AttributeError: ‘NoneType’ object has no attribute ‘is_assignment’”.
    Fixes an issue causing false violations of the rule “Avoid unsecure connection to the Node.js server”. 💎 1020720
    Fixes an issue causing false violations of the rule “Ensure that browser cannot cache or store a page”. 💎 1020718
    Fixes an issue causing false violations of the rule “Ensure the X-Frame-Options header is setup (Node.js)”. 💎 1020712
    Fixes an issue causing false violations of the rule “Ensure the X-XSS-Protection header is enabled”. 💎 1020710
    Fixes an issue causing false violations of the rule “Ensure the X-Powered-By header is disabled”. 💎 1020708
    Fixes an issue causing false violations of the rule “Ensure the Content-Security-Policy is activated (Node.js)”. 💎 1020706
  • 2.12.0-beta2
    Updates for Hapi modelization and support.
  • 2.12.0-beta1
    Updates the vendor for persistence frameworks.
    Updates and improvements for Knex modelization and support.
    Sequelize framework used as an ORM is now supported. See hereexternal link.Sequelize used as an ORM is now supported.