From 303b0a0027388f62acf483502551afa1dfc55065 Mon Sep 17 00:00:00 2001 From: Max Schaefer Date: Tue, 14 Aug 2018 15:54:07 +0100 Subject: [PATCH] JavaScript: Demote `HeterogenousComparison` to warning level. --- change-notes/1.18/analysis-javascript.md | 1 + javascript/ql/src/Expressions/HeterogeneousComparison.ql | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/change-notes/1.18/analysis-javascript.md b/change-notes/1.18/analysis-javascript.md index 018402ee8f46..8341116f24ac 100644 --- a/change-notes/1.18/analysis-javascript.md +++ b/change-notes/1.18/analysis-javascript.md @@ -81,6 +81,7 @@ | **Query** | **Expected impact** | **Change** | |----------------------------|------------------------|------------------------------------------------------------------| | Arguments redefined | Fewer results | This rule previously also flagged redefinitions of `eval`. This was an oversight that is now fixed. | +| Comparison between inconvertible types | Lower severity | The severity of this rule has been revised to "warning". | | CORS misconfiguration for credentials transfer | More true-positive results | This rule now treats header names case-insensitively. | | Hard-coded credentials | More true-positive results | This rule now recognizes secret cryptographic keys. | | Incomplete sanitization | More true-positive results | This rule now recognizes incomplete URL encoding and decoding. | diff --git a/javascript/ql/src/Expressions/HeterogeneousComparison.ql b/javascript/ql/src/Expressions/HeterogeneousComparison.ql index f1123f2f77b0..f29ea9d38961 100644 --- a/javascript/ql/src/Expressions/HeterogeneousComparison.ql +++ b/javascript/ql/src/Expressions/HeterogeneousComparison.ql @@ -4,7 +4,7 @@ * the same type will always yield 'false', and an inequality comparison will always * yield 'true'. * @kind problem - * @problem.severity error + * @problem.severity warning * @id js/comparison-between-incompatible-types * @tags reliability * correctness