Closed AntonNiklasson closed 3 years ago
Here's a sample were drawText
cause a false positive
TypeError: Cannot read property 'type' of undefined
Occurred while linting api/lib/infrastructure/utils/pdf/certification-attestation-pdf.js:86
Ah, of course it shouldn't run there. I'll fix that quickly in #9 for now. I still need to adress the fact that non-knex code can include .raw()
and similar.
Thanks a lot for the input @octo-topi 🙌
EDIT: Your case should be fixed in v1.0.5
now 😊
Works wonderfully, helped me to track several bugs
As seen in #5 any kind of code using
.raw()
, or the other raw queries searched for inavoid-injections
are hitting this rule. It would be great if the subject could for sure be either knex "root object" or a transaction. I'm not sure if it's possible without doing some back referencing gymnastics. But perhaps worth looking into at least.The point is, returning early if
!queryNode
is great, but I can see pretty simple cases that would give false negatives on that rule.