- This line was added.
- This line was removed.
- Formatting was changed.
Table of Contents
Angular dynamic componentEmbedded in
. This release allows you to check for dynamic componentsand the ability to parse JSX
that were built in an Angular Framework.
The underlying vulnerability from using dynamic component components construction is not different from other "eval injection" issues, review the following links for more information:It is well-known as an insecure practice, from a security overview (), and in particular, for Angular, review The Security Angle on Angular.
The following elements have been identified as potential security flaws and detected by the existing JS rules:
In React, the HTML code is embedded into the JS code, so the HTML code must be checked to mark sources, sinks, or neutralization (For example: <input> elements).
Also, the embedded HTML code is analyzed by Kiuwan with the rules from the HTML technology. The following existing checks might be applied:
Jenkins Kiuwan plugin update
Kiuwan has its plugin to integrate with a Jenkins environment:
This new version includes the following updates:
Other bug fixes and improvements