Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(detect-child-process): false positive for destructuring with exec #102

Merged
merged 2 commits into from
Dec 13, 2022

Conversation

ota-meshi
Copy link
Member

@ota-meshi ota-meshi commented Dec 8, 2022

This PR fixes false positives in detect-child-process.

detect-child-process rule did not understand destructuring assignment and was incorrectly reporting non-identifier exec().
This PR changes the detect-child-process rule to guard non-identifiers and correctly track variables.

fixes #64

Copy link
Contributor

@nzakas nzakas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks.

@nzakas nzakas merged commit 657921a into main Dec 13, 2022
@nzakas nzakas deleted the issue64 branch December 13, 2022 01:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

detect-child-process false-positive with exec
2 participants