8000 Merge pull request #19355 from tamasvajk/test/add-query-suite-tests · github/codeql@3437210 · GitHub
[go: up one dir, main page]
Skip to content

Commit 3437210

Browse files
tamasvajktamasvajk
authored
Merge pull request #19355 from tamasvajk/test/add-query-suite-tests
Add query suite integration tests for swift, actions, csharp, go, javascript, ruby, rust
2 parents ed69097 + 998e64b commit 3437210

File tree

44 files changed

+1765
-20
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

44 files changed

+1765
-20
lines changed

actions/ql/integration-tests/query-suite/actions-code-quality.qls.expected

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+

actions/ql/integration-tests/query-suite/actions-code-scanning.qls.expected

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
ql/actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.ql
2+
ql/actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.ql
3+
ql/actions/ql/src/Security/CWE-094/CodeInjectionCritical.ql
4+
ql/actions/ql/src/Security/CWE-1395/UseOfKnownVulnerableAction.ql
5+
ql/actions/ql/src/Security/CWE-275/MissingActionsPermissions.ql
6+
ql/actions/ql/src/Security/CWE-285/ImproperAccessControl.ql
7+
ql/actions/ql/src/Security/CWE-312/ExcessiveSecretsExposure.ql
8+
ql/actions/ql/src/Security/CWE-312/SecretsInArtifacts.ql
9+
ql/actions/ql/src/Security/CWE-312/UnmaskedSecretExposure.ql
10+
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaCodeInjection.ql
11+
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaDirectCache.ql
12+
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaPoisonableStep.ql
13+
ql/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUCritical.ql
14+
ql/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUHigh.ql
15+
ql/actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.ql
16+
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.ql
17+
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.ql

actions/ql/integration-tests/query-suite/actions-security-and-quality.qls.expected

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
ql/actions/ql/src/Debug/SyntaxError.ql
2+
ql/actions/ql/src/Models/CompositeActionsSinks.ql
3+
ql/actions/ql/src/Models/CompositeActionsSources.ql
4+
ql/actions/ql/src/Models/CompositeActionsSummaries.ql
5+
ql/actions/ql/src/Models/ReusableWorkflowsSinks.ql
6+
ql/actions/ql/src/Models/ReusableWorkflowsSources.ql
7+
ql/actions/ql/src/Models/ReusableWorkflowsSummaries.ql
8+
ql/actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.ql
9+
ql/actions/ql/src/Security/CWE-077/EnvPathInjectionMedium.ql
10+
ql/actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.ql
11+
ql/actions/ql/src/Security/CWE-077/EnvVarInjectionMedium.ql
12+
ql/actions/ql/src/Security/CWE-094/CodeInjectionCritical.ql
13+
ql/actions/ql/src/Security/CWE-094/CodeInjectionMedium.ql
14+
ql/actions/ql/src/Security/CWE-1395/UseOfKnownVulnerableAction.ql
15+
ql/actions/ql/src/Security/CWE-275/MissingActionsPermissions.ql
16+
ql/actions/ql/src/Security/CWE-285/ImproperAccessControl.ql
17+
ql/actions/ql/src/Security/CWE-312/ExcessiveSecretsExposure.ql
18+
ql/actions/ql/src/Security/CWE-312/SecretsInArtifacts.ql
19+
ql/actions/ql/src/Security/CWE-312/UnmaskedSecretExposure.ql
20+
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaCodeInjection.ql
21+
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaDirectCache.ql
22+
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaPoisonableStep.ql
23+
ql/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUCritical.ql
24+
ql/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUHigh.ql
25+
ql/actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueCritical.ql
26+
ql/actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueHigh.ql
27+
ql/actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.ql
28+
ql/actions/ql/src/Security/CWE-829/ArtifactPoisoningMedium.ql
29+
ql/actions/ql/src/Security/CWE-829/UnpinnedActionsTag.ql
30+
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.ql
31+
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.ql
32+
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.ql
33+
ql/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.ql

actions/ql/integration-tests/query-suite/actions-security-extended.qls.expected

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
ql/actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.ql
2+
ql/actions/ql/src/Security/CWE-077/EnvPathInjectionMedium.ql
3+
ql/actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.ql
4+
ql/actions/ql/src/Security/CWE-077/EnvVarInjectionMedium.ql
5+
ql/actions/ql/src/Security/CWE-094/CodeInjectionCritical.ql
6+
ql/actions/ql/src/Security/CWE-094/CodeInjectionMedium.ql
7+
ql/actions/ql/src/Security/CWE-1395/UseOfKnownVulnerableAction.ql
8+
ql/actions/ql/src/Security/CWE-275/MissingActionsPermissions.ql
9+
ql/actions/ql/src/Security/CWE-285/ImproperAccessControl.ql
10+
ql/actions/ql/src/Security/CWE-312/ExcessiveSecretsExposure.ql
11+
ql/actions/ql/src/Security/CWE-312/SecretsInArtifacts.ql
12+
ql/actions/ql/src/Security/CWE-312/UnmaskedSecretExposure.ql
13+
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaCodeInjection.ql
14+
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaDirectCache.ql
15+
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaPoisonableStep.ql
16+
ql/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUCritical.ql
17+
ql/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUHigh.ql
18+
ql/actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.ql
19+
ql/actions/ql/src/Security/CWE-829/ArtifactPoisoningMedium.ql
20+
ql/actions/ql/src/Security/CWE-829/UnpinnedActionsTag.ql
21 10000 +
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.ql
22+
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.ql
23+
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.ql

actions/ql/integration-tests/query-suite/not_included_in_qls.expected

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
ql/actions/ql/src/Debug/partial.ql
2+
ql/actions/ql/src/experimental/Security/CWE-074/OutputClobberingHigh.ql
3+
ql/actions/ql/src/experimental/Security/CWE-078/CommandInjectionCritical.ql
4+
ql/actions/ql/src/experimental/Security/CWE-078/CommandInjectionMedium.ql
5+
ql/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionCritical.ql
6+
ql/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionMedium.ql
7+
ql/actions/ql/src/experimental/Security/CWE-200/SecretExfiltration.ql
8+
ql/actions/ql/src/experimental/Security/CWE-284/CodeExecutionOnSelfHostedRunner.ql
9+
ql/actions/ql/src/experimental/Security/CWE-829/ArtifactPoisoningPathTraversal.ql
10+
ql/actions/ql/src/experimental/Security/CWE-829/UnversionedImmutableAction.ql
11+
ql/actions/ql/src/experimental/Security/CWE-918/RequestForgery.ql

actions/ql/integration-tests/query-suite/test.py

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
import runs_on
2+
import pytest
3+
from query_suites import *
4+
5+
well_known_query_suites = ['actions-code-quality.qls', 'actions-security-and-quality.qls', 'actions-security-extended.qls', 'actions-code-scanning.qls']
6+
7+
@runs_on.posix
8+
@pytest.mark.parametrize("query_suite", well_known_query_suites)
9+
def test(codeql, actions, check_query_suite, query_suite):
10+
check_query_suite(query_suite)
11+
12+
@runs_on.posix
13+
def test_not_included_queries(codeql, actions, check_queries_not_included):
14+
check_queries_not_included('actions', well_known_query_suites)

csharp/ql/integration-tests/posix/query-suite/csharp-code-quality.qls.expected

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
ql/csharp/ql/src/API Abuse/FormatInvalid.ql
2+
ql/csharp/ql/src/API Abuse/NoDisposeCallOnLocalIDisposable.ql
3+
ql/csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
4+
ql/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql
5+
ql/csharp/ql/src/Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql
6+
ql/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql
7+
ql/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql
8+
ql/csharp/ql/src/Likely Bugs/ReferenceEqualsOnValueTypes.ql
9+
ql/csharp/ql/src/Likely Bugs/SelfAssignment.ql
10+
ql/csharp/ql/src/Likely Bugs/UncheckedCastInEquals.ql
11+
ql/csharp/ql/src/Performance/UseTryGetValue.ql
12+
ql/csharp/ql/src/Useless code/DefaultToString.ql
13+
ql/csharp/ql/src/Useless code/IntGetHashCode.ql

csharp/ql/integration-tests/posix/query-suite/csharp-code-scanning.qls.expected

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,57 @@
1+
ql/csharp/ql/src/Diagnostics/CompilerError.ql
2+
ql/csharp/ql/src/Diagnostics/CompilerMessage.ql
3+
ql/csharp/ql/src/Diagnostics/DiagnosticExtractionErrors.ql
4+
ql/csharp/ql/src/Diagnostics/ExtractedFiles.ql
5+
ql/csharp/ql/src/Diagnostics/ExtractorError.ql
6+
ql/csharp/ql/src/Diagnostics/ExtractorMessage.ql
7+
ql/csharp/ql/src/Metrics/Summaries/LinesOfCode.ql
8+
ql/csharp/ql/src/Security Features/CWE-011/ASPNetDebug.ql
9+
ql/csharp/ql/src/Security Features/CWE-016/ASPNetPagesValidateRequest.ql
10+
ql/csharp/ql/src/Security Features/CWE-022/TaintedPath.ql
11+
ql/csharp/ql/src/Security Features/CWE-022/ZipSlip.ql
12+
ql/csharp/ql/src/Security Features/CWE-078/CommandInjection.ql
13+
ql/csharp/ql/src/Security Features/CWE-079/XSS.ql
14+
ql/csharp/ql/src/Security Features/CWE-089/SqlInjection.ql
15+
ql/csharp/ql/src/Security Features/CWE-090/LDAPInjection.ql
16+
ql/csharp/ql/src/Security Features/CWE-091/XMLInjection.ql
17+
ql/csharp/ql/src/Security Features/CWE-094/CodeInjection.ql
18+
ql/csharp/ql/src/Security Features/CWE-099/ResourceInjection.ql
19+
ql/csharp/ql/src/Security Features/CWE-114/AssemblyPathInjection.ql
20+
ql/csharp/ql/src/Security Features/CWE-117/LogForging.ql
21+
ql/csharp/ql/src/Security Features/CWE-119/LocalUnvalidatedArithmetic.ql
22+
ql/csharp/ql/src/Security Features/CWE-134/UncontrolledFormatString.ql
23+
ql/csharp/ql/src/Security Features/CWE-201/ExposureInTransmittedData.ql
24+
ql/csharp/ql/src/Security Features/CWE-209/ExceptionInformationExposure.ql
25+
ql/csharp/ql/src/Security Features/CWE-248/MissingASPNETGlobalErrorHandler.ql
26+
ql/csharp/ql/src/Security Features/CWE-312/CleartextStorage.ql
27+
ql/csharp/ql/src/Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql
28+
ql/csharp/ql/src/Security Features/CWE-359/ExposureOfPrivateInformation.ql
29+
ql/csharp/ql/src/Security Features/CWE-384/AbandonSession.ql
30+
ql/csharp/ql/src/Security Features/CWE-451/MissingXFrameOptions.ql
31+
ql/csharp/ql/src/Security Features/CWE-502/DeserializedDelegate.ql
32+
ql/csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInp 179B ut.ql
33+
ql/csharp/ql/src/Security Features/CWE-548/ASPNetDirectoryListing.ql
34+
ql/csharp/ql/src/Security Features/CWE-601/UrlRedirect.ql
35+
ql/csharp/ql/src/Security Features/CWE-611/UntrustedDataInsecureXml.ql
36+
ql/csharp/ql/src/Security Features/CWE-614/RequireSSL.ql
37+
ql/csharp/ql/src/Security Features/CWE-643/XPathInjection.ql
38+
ql/csharp/ql/src/Security Features/CWE-730/ReDoS.ql
39+
ql/csharp/ql/src/Security Features/CWE-730/RegexInjection.ql
40+
ql/csharp/ql/src/Security Features/CWE-807/ConditionalBypass.ql
41+
ql/csharp/ql/src/Security Features/CookieWithOverlyBroadDomain.ql
42+
ql/csharp/ql/src/Security Features/CookieWithOverlyBroadPath.ql
43+
ql/csharp/ql/src/Security Features/Encryption using ECB.ql
44+
ql/csharp/ql/src/Security Features/HeaderCheckingDisabled.ql
45+
ql/csharp/ql/src/Security Features/InadequateRSAPadding.ql
46+
ql/csharp/ql/src/Security Features/InsecureRandomness.ql
47+
ql/csharp/ql/src/Security Features/InsufficientKeySize.ql
48+
ql/csharp/ql/src/Security Features/PersistentCookie.ql
49+
ql/csharp/ql/src/Security Features/WeakEncryption.ql
50+
ql/csharp/ql/src/Telemetry/DatabaseQualityDiagnostics.ql
51+
ql/csharp/ql/src/Telemetry/ExternalLibraryUsage.ql
52+
ql/csharp/ql/src/Telemetry/ExtractorInformation.ql
53+
ql/csharp/ql/src/Telemetry/SupportedExternalApis.ql
54+
ql/csharp/ql/src/Telemetry/SupportedExternalSinks.ql
55+
ql/csharp/ql/src/Telemetry/SupportedExternalSources.ql
56+
ql/csharp/ql/src/Telemetry/SupportedExternalTaint.ql
57+
ql/csharp/ql/src/Telemetry/UnsupportedExternalAPIs.ql

csharp/ql/integration-tests/posix/query-suite/csharp-security-and-quality.qls.expected

Lines changed: 173 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,173 @@
1+
ql/csharp/ql/src/API Abuse/CallToGCCollect.ql
2+
ql/csharp/ql/src/API Abuse/CallToObsoleteMethod.ql
3+
ql/csharp/ql/src/API Abuse/ClassDoesNotImplementEquals.ql
4+
ql/csharp/ql/src/API Abuse/ClassImplementsICloneable.ql
5+
ql/csharp/ql/src/API Abuse/DisposeNotCalledOnException.ql
6+
ql/csharp/ql/src/API Abuse/FormatInvalid.ql
7+
ql/csharp/ql/src/API Abuse/InconsistentEqualsGetHashCode.ql
8+
ql/csharp/ql/src/API Abuse/IncorrectCompareToSignature.ql
9+
ql/csharp/ql/src/API Abuse/IncorrectEqualsSignature.ql
10+
ql/csharp/ql/src/API Abuse/NoDisposeCallOnLocalIDisposable.ql
11+
ql/csharp/ql/src/API Abuse/NullArgumentToEquals.ql
12+
ql/csharp/ql/src/ASP/BlockCodeResponseWrite.ql
13+
ql/csharp/ql/src/Architecture/Refactoring Opportunities/InappropriateIntimacy.ql
14+
ql/csharp/ql/src/Bad Practices/CallsUnmanagedCode.ql
15+
ql/csharp/ql/src/Bad Practices/CatchOfNullReferenceException.ql
16+
ql/csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
17+
ql/csharp/ql/src/Bad Practices/Declarations/LocalScopeVariableShadowsMember.ql
18+
ql/csharp/ql/src/Bad Practices/Declarations/TooManyRefParameters.ql
19+
ql/csharp/ql/src/Bad Practices/EmptyCatchBlock.ql
20+
ql/csharp/ql/src/Bad Practices/ErroneousClassCompare.ql
21+
ql/csharp/ql/src/Bad Practices/Implementation Hiding/AbstractToConcreteCollection.ql
22+
ql/csharp/ql/src/Bad Practices/Implementation Hiding/ExposeRepresentation.ql
23+
ql/csharp/ql/src/Bad Practices/Naming Conventions/FieldMasksSuperField.ql
24+
ql/csharp/ql/src/Bad Practices/Naming Conventions/SameNameAsSuper.ql
25+
ql/csharp/ql/src/Bad Practices/PathCombine.ql
26+
ql/csharp/ql/src/Bad Practices/UnmanagedCodeCheck.ql
27+
ql/csharp/ql/src/Bad Practices/VirtualCallInConstructorOrDestructor.ql
28+
ql/csharp/ql/src/CSI/CompareIdenticalValues.ql
29+
ql/csharp/ql/src/CSI/NullAlways.ql
30+
ql/csharp/ql/src/CSI/NullMaybe.ql
31+
ql/csharp/ql/src/Complexity/BlockWithTooManyStatements.ql
32+
ql/csharp/ql/src/Complexity/ComplexCondition.ql
33+
ql/csharp/ql/src/Concurrency/FutileSyncOnField.ql
34+
ql/csharp/ql/src/Concurrency/LockOrder.ql
35+
ql/csharp/ql/src/Concurrency/LockThis.ql
36+
ql/csharp/ql/src/Concurrency/LockedWait.ql
37+
ql/csharp/ql/src/Concurrency/SynchSetUnsynchGet.ql
38+
ql/csharp/ql/src/Concurrency/UnsafeLazyInitialization.ql
39+
ql/csharp/ql/src/Concurrency/UnsynchronizedStaticAccess.ql
40+
ql/csharp/ql/src/Configuration/EmptyPasswordInConfigurationFile.ql
41+
ql/csharp/ql/src/Configuration/PasswordInConfigurationFile.ql
42+
ql/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql
43+
ql/csharp/ql/src/Diagnostics/CompilerError.ql
44+
ql/csharp/ql/src/Diagnostics/CompilerMessage.ql
45+
ql/csharp/ql/src/Diagnostics/DiagnosticExtractionErrors.ql
46+
ql/csharp/ql/src/Diagnostics/ExtractedFiles.ql
47+
ql/csharp/ql/src/Diagnostics/ExtractorError.ql
48+
ql/csharp/ql/src/Diagnostics/ExtractorMessage.ql
49+
ql/csharp/ql/src/Documentation/XmldocMissingSummary.ql
50+
ql/csharp/ql/src/Input Validation/UseOfFileUpload.ql
51+
ql/csharp/ql/src/Input Validation/ValueShadowing.ql
52+
ql/csharp/ql/src/Input Validation/ValueShadowingServerVariable.ql
53+
ql/csharp/ql/src/Language Abuse/CastThisToTypeParameter.ql
54+
ql/csharp/ql/src/Language Abuse/CatchOfGenericException.ql
55+
ql/csharp/ql/src/Language Abuse/ChainedIs.ql
56+
ql/csharp/ql/src/Language Abuse/DubiousDowncastOfThis.ql
57+
ql/csharp/ql/src/Language Abuse/DubiousTypeTestOfThis.ql
58+
ql/csharp/ql/src/Language Abuse/MissedReadonlyOpportunity.ql
59+
ql/csharp/ql/src/Language Abuse/MissedTernaryOpportunity.ql
60+
ql/csharp/ql/src/Language Abuse/MissedUsingOpportunity.ql
61+
ql/csharp/ql/src/Language Abuse/NestedIf.ql
62+
ql/csharp/ql/src/Language Abuse/RethrowException.ql
63+
ql/csharp/ql/src/Language Abuse/SimplifyBoolExpr.ql
64+
ql/csharp/ql/src/Language Abuse/UnusedPropertyValue.ql
65+
ql/csharp/ql/src/Language Abuse/UselessCastToSelf.ql
66+
ql/csharp/ql/src/Language Abuse/UselessNullCoalescingExpression.ql
67+
ql/csharp/ql/src/Language Abuse/UselessTypeTest.ql
68+
ql/csharp/ql/src/Language Abuse/UselessUpcast.ql
69+
ql/csharp/ql/src/Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql
70+
ql/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql
71+
ql/csharp/ql/src/Likely Bugs/Collections/ReadOnlyContainer.ql
72+
ql/csharp/ql/src/Likely Bugs/Collections/WriteOnlyContainer.ql
73+
ql/csharp/ql/src/Likely Bugs/ConstantComparison.ql
74+
ql/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql
75+
ql/csharp/ql/src/Likely Bugs/Dynamic/BadDynamicCall.ql
76+
ql/csharp/ql/src/Likely Bugs/EqualityCheckOnFloats.ql
77+
ql/csharp/ql/src/Likely Bugs/EqualsArray.ql
78+
ql/csharp/ql/src/Likely Bugs/EqualsUsesAs.ql
79+
ql/csharp/ql/src/Likely Bugs/EqualsUsesIs.ql
80+
ql/csharp/ql/src/Likely Bugs/HashedButNoHash.ql
81+
ql/csharp/ql/src/Likely Bugs/ImpossibleArrayCast.ql
82+
ql/csharp/ql/src/Likely Bugs/IncomparableEquals.ql
83+
ql/csharp/ql/src/Likely Bugs/InconsistentCompareTo.ql
84+
ql/csharp/ql/src/Likely Bugs/LeapYear/UnsafeYearConstruction.ql
85+
ql/csharp/ql/src/Likely Bugs/MishandlingJapaneseEra.ql
86+
ql/csharp/ql/src/Likely Bugs/NestedLoopsSameVariable.ql
87+
ql/csharp/ql/src/Likely Bugs/ObjectComparison.ql
88+
ql/csharp/ql/src/Likely Bugs/PossibleLossOfPrecision.ql
89+
ql/csharp/ql/src/Likely Bugs/RecursiveEquals.ql
90+
ql/csharp/ql/src/Likely Bugs/RecursiveOperatorEquals.ql
91+
ql/csharp/ql/src/Likely Bugs/ReferenceEqualsOnValueTypes.ql
92+
ql/csharp/ql/src/Likely Bugs/SelfAssignment.ql
93+
ql/csharp/ql/src/Likely Bugs/Statements/EmptyBlock.ql
94+
ql/csharp/ql/src/Likely Bugs/Statements/EmptyLockStatement.ql
95+
ql/csharp/ql/src/Likely Bugs/Statements/UseBraces.ql
96+
ql/csharp/ql/src/Likely Bugs/StaticFieldWrittenByInstance.ql
97+
ql/csharp/ql/src/Likely Bugs/StringBuilderCharInit.ql
98+
ql/csharp/ql/src/Likely Bugs/ThreadUnsafeICryptoTransform.ql
99+
ql/csharp/ql/src/Likely Bugs/ThreadUnsafeICryptoTransformLambda.ql
100+
ql/csharp/ql/src/Likely Bugs/UncheckedCastInEquals.ql
101+
ql/csharp/ql/src/Linq/BadMultipleIteration.ql
102+
ql/csharp/ql/src/Linq/MissedAllOpportunity.ql
103+
ql/csharp/ql/src/Linq/MissedCastOpportunity.ql
104+
ql/csharp/ql/src/Linq/MissedOfTypeOpportunity.ql
105+
ql/csharp/ql/src/Linq/MissedSelectOpportunity.ql
106+
ql/csharp/ql/src/Linq/MissedWhereOpportunity.ql
107+
ql/csharp/ql/src/Linq/RedundantSelect.ql
108+
ql/csharp/ql/src/Metrics/Summaries/LinesOfCode.ql
109+
ql/csharp/ql/src/Performance/StringBuilderInLoop.ql
110+
ql/csharp/ql/src/Performance/StringConcatenationInLoop.ql
111+
ql/csharp/ql/src/Performance/UseTryGetValue.ql
112+
ql/csharp/ql/src/Security Features/CWE-011/ASPNetDebug.ql
113+
ql/csharp/ql/src/Security Features/CWE-016/ASPNetPagesValidateRequest.ql
114+
ql/csharp/ql/src/Security Features/CWE-020/RuntimeChecksBypass.ql
115+
ql/csharp/ql/src/Security Features/CWE-022/TaintedPath.ql
116+
ql/csharp/ql/src/Security Features/CWE-022/ZipSlip.ql
117+
ql/csharp/ql/src/Security Features/CWE-078/CommandInjection.ql
118+
ql/csharp/ql/src/Security Features/CWE-079/XSS.ql
119+
ql/csharp/ql/src/Security Features/CWE-089/SqlInjection.ql
120+
ql/csharp/ql/src/Security Features/CWE-090/LDAPInjection.ql
121+
ql/csharp/ql/src/Security Features/CWE-091/XMLInjection.ql
122+
ql/csharp/ql/src/Security Features/CWE-094/CodeInjection.ql
123+
ql/csharp/ql/src/Security Features/CWE-099/ResourceInjection.ql
124+
ql/csharp/ql/src/Security Features/CWE-112/MissingXMLValidation.ql
125+
ql/csharp/ql/src/Security Features/CWE-114/AssemblyPathInjection.ql
126+
ql/csharp/ql/src/Security Features/CWE-117/LogForging.ql
127+
ql/csharp/ql/src/Security Features/CWE-119/LocalUnvalidatedArithmetic.ql
128+
ql/csharp/ql/src/Security Features/CWE-134/UncontrolledFormatString.ql
129+
ql/csharp/ql/src/Security Features/CWE-201/ExposureInTransmittedData.ql
130+
ql/csharp/ql/src/Security Features/CWE-209/ExceptionInformationExposure.ql
131+
ql/csharp/ql/src/Security Features/CWE-248/MissingASPNETGlobalErrorHandler.ql
132+
ql/csharp/ql/src/Security Features/CWE-285/MissingAccessControl.ql
133+
ql/csharp/ql/src/Security Features/CWE-312/CleartextStorage.ql
134+
ql/csharp/ql/src/Security Features/CWE-327/InsecureSQLConnection.ql
135+
ql/csharp/ql/src/Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql
136+
ql/csharp/ql/src/Security Features/CWE-359/ExposureOfPrivateInformation.ql
137+
ql/csharp/ql/src/Security Features/CWE-384/AbandonSession.ql
138+
ql/csharp/ql/src/Security Features/CWE-451/MissingXFrameOptions.ql
139+
ql/csharp/ql/src/Security Features/CWE-502/DeserializedDelegate.ql
140+
ql/csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.ql
141+
ql/csharp/ql/src/Security Features/CWE-548/ASPNetDirectoryListing.ql
142+
ql/csharp/ql/src/Security Features/CWE-601/UrlRedirect.ql
143+
ql/csharp/ql/src/Security Features/CWE-611/UntrustedDataInsecureXml.ql
144+
ql/csharp/ql/src/Security Features/CWE-614/RequireSSL.ql
145+
ql/csharp/ql/src/Security Features/CWE-639/InsecureDirectObjectReference.ql
146+
ql/csharp/ql/src/Security Features/CWE-643/XPathInjection.ql
147+
ql/csharp/ql/src/Security Features/CWE-730/ReDoS.ql
148+
ql/csharp/ql/src/Security Features/CWE-730/RegexInjection.ql
149+
ql/csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql
150+
ql/csharp/ql/src/Security Features/CWE-798/HardcodedCredentials.ql
151+
ql/csharp/ql/src/Security Features/CWE-807/ConditionalBypass.ql
152+
ql/csharp/ql/src/Security Features/CookieWithOverlyBroadDomain.ql
153+
ql/csharp/ql/src/Security Features/CookieWithOverlyBroadPath.ql
154+
ql/csharp/ql/src/Security Features/Encryption using ECB.ql
155+
ql/csharp/ql/src/Security Features/HeaderCheckingDisabled.ql
156+
ql/csharp/ql/src/Security Features/InadequateRSAPadding.ql
157+
ql/csharp/ql/src/Security Features/InsecureRandomness.ql
158+
ql/csharp/ql/src/Security Features/InsufficientKeySize.ql
159+
ql/csharp/ql/src/Security Features/PersistentCookie.ql
160+
ql/csharp/ql/src/Security Features/WeakEncryption.ql
161+
ql/csharp/ql/src/Telemetry/DatabaseQualityDiagnostics.ql
162+
ql/csharp/ql/src/Telemetry/ExternalLibraryUsage.ql
163+
ql/csharp/ql/src/Telemetry/ExtractorInformation.ql
164+
ql/csharp/ql/src/Telemetry/SupportedExternalApis.ql
165+
ql/csharp/ql/src/Telemetry/SupportedExternalSinks.ql
166+
ql/csharp/ql/src/Telemetry/SupportedExternalSources.ql
167+
ql/csharp/ql/src/Telemetry/SupportedExternalTaint.ql
168+
ql/csharp/ql/src/Telemetry/UnsupportedExternalAPIs.ql
169+
ql/csharp/ql/src/Useless code/DefaultToString.ql
170+
ql/csharp/ql/src/Useless code/FutileConditional.ql
171+
ql/csharp/ql/src/Useless code/IntGetHashCode.ql
172+
ql/csharp/ql/src/Useless code/RedundantToStringCall.ql
173+
ql/csharp/ql/src/Useless code/UnusedLabel.ql

0 commit comments

Comments
 (0)
0