From 5bf6497c682a488c4a50e0f07026bc38deac7294 Mon Sep 17 00:00:00 2001 From: Carles Capell Date: Wed, 25 Feb 2026 16:13:22 +0100 Subject: [PATCH] refactor(appsec): prefer optional chaining over guard expressions --- packages/dd-trace/src/appsec/iast/analyzers/cookie-analyzer.js | 2 +- packages/dd-trace/src/appsec/iast/analyzers/ssrf-analyzer.js | 2 +- .../src/appsec/iast/analyzers/unvalidated-redirect-analyzer.js | 2 +- .../sensitive-analyzers/command-sensitive-analyzer.js | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/dd-trace/src/appsec/iast/analyzers/cookie-analyzer.js b/packages/dd-trace/src/appsec/iast/analyzers/cookie-analyzer.js index 06404d5941..63568fec97 100644 --- a/packages/dd-trace/src/appsec/iast/analyzers/cookie-analyzer.js +++ b/packages/dd-trace/src/appsec/iast/analyzers/cookie-analyzer.js @@ -39,7 +39,7 @@ class CookieAnalyzer extends Analyzer { } _checkOCE (context, value) { - if (value && value.location) { + if (value?.location) { return true } return super._checkOCE(context, value) diff --git a/packages/dd-trace/src/appsec/iast/analyzers/ssrf-analyzer.js b/packages/dd-trace/src/appsec/iast/analyzers/ssrf-analyzer.js index e3010cced0..912660997a 100644 --- a/packages/dd-trace/src/appsec/iast/analyzers/ssrf-analyzer.js +++ b/packages/dd-trace/src/appsec/iast/analyzers/ssrf-analyzer.js @@ -12,7 +12,7 @@ class SSRFAnalyzer extends InjectionAnalyzer { this.addSub('apm:http:client:request:start', ({ args }) => { if (typeof args.originalUrl === 'string') { this.analyze(args.originalUrl) - } else if (args.options && args.options.host) { + } else if (args.options?.host) { this.analyze(args.options.host) } }) diff --git a/packages/dd-trace/src/appsec/iast/analyzers/unvalidated-redirect-analyzer.js b/packages/dd-trace/src/appsec/iast/analyzers/unvalidated-redirect-analyzer.js index a8f8ac47c0..c6b619ec0e 100644 --- a/packages/dd-trace/src/appsec/iast/analyzers/unvalidated-redirect-analyzer.js +++ b/packages/dd-trace/src/appsec/iast/analyzers/unvalidated-redirect-analyzer.js @@ -36,7 +36,7 @@ class UnvalidatedRedirectAnalyzer extends InjectionAnalyzer { } isLocationHeader (name) { - return name && name.trim().toLowerCase() === 'location' + return name?.trim().toLowerCase() === 'location' } _isVulnerable (value, iastContext) { diff --git a/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/command-sensitive-analyzer.js b/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/command-sensitive-analyzer.js index 0be7f5679e..1602062254 100644 --- a/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/command-sensitive-analyzer.js +++ b/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/command-sensitive-analyzer.js @@ -10,7 +10,7 @@ module.exports = function extractSensitiveRanges (evidence) { pattern.lastIndex = 0 const regexResult = pattern.exec(evidence.value) - if (regexResult && regexResult.length > 1) { + if (regexResult?.length > 1) { const start = regexResult.index + (regexResult[0].length - regexResult[1].length) const end = start + regexResult[1].length return [{ start, end }]