datadog-static-analyzer

datadog-static-analyzer copied to clipboard

## What problem are you trying to solve? Currently, if someone upgrades some piece of code that could potentially change the output of the violation results, we would not know...

amaanq

Add option to specify heap memory limit to underlying JavaScript runtime

8

**Is your feature request related to a problem? Please describe.** While scanning a repo with 4000+ TypeScript files with a total of 100+ rules, it always crashes with the error:...

pranavpudasaini

## What problem are you trying to solve? As we refactor the JS runtime, we want to be able to efficiently send data between v8 and Rust. ## What is...

jasonforal

[STAL-2005] Update the javascript grammar

1

## What problem are you trying to solve? Being able to query for supertypes in the JS grammar, namely the statement node, so that we don't have to write an...

amaanq

[STAL-1886] JavaScript -> Rust Proof of Concept

1

## NOTE: Despite CI failures: this is a fully working proof of concept, but kept as a draft To run: 1. Create an empty directory to test this repo. 2....

jasonforal

Analyzer fails on alpine based containers

5

**Describe the bug** Using alpine linux on a CI provider, the static analuzer fails. DATADOG_STATIC_ANALYZER_URL: https://github.com/DataDog/datadog-static-analyzer/releases/latest/download/datadog-static-analyzer-x86_64-unknown-linux-gnu.zip ``` $ unzip /tmp/ddog-static-analyzer.zip -d /tmp Archive: /tmp/ddog-static-analyzer.zip inflating: datadog-static-analyzer-server inflating: datadog-static-analyzer inflating: datadog-export-rulesets...

crewone

## What problem are you trying to solve? Some significant security vulnerabilities (e.g. [SQL injection](https://en.wikipedia.org/wiki/SQL_injection)) can be caught with [taint analysis](https://en.wikipedia.org/wiki/Taint_checking). Currently, writing accurate rules to detect these vulnerabilities is...

jasonforal

[STAL-2635] Add JavaScript `Digraph`

2

## What problem are you trying to solve? To support more sophisticated analysis techniques, we want to be able to construct arbitrary graphs from the source code we're analyzing. We're...

jasonforal

## What is your solution? This PR is a grab bag of unrelated bug fixes + improvements to flow construction. See commits and their descriptions. ## Alternatives considered ## What...

jasonforal

Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.23 to 0.12.24. Release notes Sourced from reqwest's releases. v0.12.24 Highlights Refactor cookie handling to an internal middleware. Refactor internal random generator. Refactor base64 encoding to reduce...

dependabot[bot]