- A new query,
js/unsafe-code-construction, has been added to the query suite, highlighting libraries that may leave clients vulnerable to arbitrary code execution. The query is not run by default. - A new query
js/file-system-racehas been added. The query detects when there is time between a file being checked and used. The query is not run by default. - A new query
js/jwt-missing-verificationhas been added. The query detects applications that don't verify JWT tokens. - The
js/insecure-dependencyquery has been added. It detects dependencies that are downloaded using an unencrypted connection.