This release adds 1 notable feature for engineering teams evaluating rollout.
Published 2mo
Developer Productivity
✓ No known CVEs patched
✓ No known CVEs patched in this version
Topics
ai
ai-slop
ai-slop-detection
cli
code-quality
code-review
+13 more
developer-tools
go
javascript
linter
php
pre-commit
pull-request
python
quality-gate
ruby
rust
static-analysis
typescript
Affected surfaces
auth
Summary
AI summaryFixed false‑positive XSS detection of template.innerHTML and ensured aislop scan exits with code 1 on error‑severity diagnostics.
Full changelog
What's Changed
Fixed
- False positive:
template.innerHTMLno longer flagged as XSS —<template>elements are inert by spec and don't execute scripts (fixes #7) - Exit code:
aislop scannow exits with code 1 when error-severity diagnostics are found, fixing CI pipelines that depend on the exit code (fixes #8) - Self-detection of
innerHTMLpattern inrisky.tsvia string concatenation
Added
- 3 new security tests for template innerHTML exception (231 total)
Full Changelog: https://github.com/heavykenny/aislop/compare/v0.1.1...v0.1.2
What's Changed
- release: v0.1.2 by @heavykenny in https://github.com/heavykenny/aislop/pull/11
Full Changelog: https://github.com/heavykenny/aislop/compare/v0.1.1...v0.1.2
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About AISlop
All releases →Related context
Related tools
Beta — feedback welcome: [email protected]