You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
With the recent news on attacks leveraging the non-ascii characters, implement a new analyzer that would flag such characters as suspicious, namely:
strings containing non-ascii characters
variable names and attribute names containing non-ascii characters
This should be preferably configurable in a config file as it can produce a lot of false-positives or uninteresting results in some codebases, for example to turn it off/on completely as well as setting a trigger for min and max occurence of non-ascii characters
The text was updated successfully, but these errors were encountered:
With the recent news on attacks leveraging the non-ascii characters, implement a new analyzer that would flag such characters as suspicious, namely:
This should be preferably configurable in a config file as it can produce a lot of false-positives or uninteresting results in some codebases, for example to turn it off/on completely as well as setting a trigger for min and max occurence of non-ascii characters
The text was updated successfully, but these errors were encountered: