8000 Add query suite integration tests for swift, actions, csharp, go, javascript, ruby, rust by tamasvajk · Pull Request #19355 · github/codeql · GitHub
[go: up one dir, main page]
Skip to content

Add query suite integration tests for swift, actions, csharp, go, javascript, ruby, rust #19355

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Apr 25, 2025
Merged

Add query suite integration tests for swift, actions, csharp, go, javascript, ruby, rust #19355

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
4c9aee2
Add query suite tests for swift with shared logic
tamasvajk Apr 23, 2025
522dd51
Improve query suite test based on feedback
tamasvajk Apr 24, 2025
a4a2447
Add query suite inclusion tests for actions, csharp, go, javascript, …
tamasvajk Apr 24, 2025
c54b684
Apply suggestions from code review - code quality improvements
tamasvajk Apr 24, 2025
998e64b
Fix failing C# test
tamasvajk Apr 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add query suite inclusion tests for actions, csharp, go, javascript, … 
…ruby, rust
  • Loading branch information
@tamasvajk
tamasvajk committed Apr 25, 2025
commit a4a24470c864553f7599060b90fb30bc0a2c40c8
1 change: 1 addition & 0 deletions actions/ql/integration-tests/query-suite/actions-code-quality.qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@

17 changes: 17 additions & 0 deletions actions/ql/integration-tests/query-suite/actions-code-scanning.qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
ql/actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.ql
ql/actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.ql
ql/actions/ql/src/Security/CWE-094/CodeInjectionCritical.ql
ql/actions/ql/src/Security/CWE-1395/UseOfKnownVulnerableAction.ql
ql/actions/ql/src/Security/CWE-275/MissingActionsPermissions.ql
ql/actions/ql/src/Security/CWE-285/ImproperAccessControl.ql
ql/actions/ql/src/Security/CWE-312/ExcessiveSecretsExposure.ql
ql/actions/ql/src/Security/CWE-312/SecretsInArtifacts.ql
ql/actions/ql/src/Security/CWE-312/UnmaskedSecretExposure.ql
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaCodeInjection.ql
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaDirectCache.ql
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaPoisonableStep.ql
ql/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUCritical.ql
ql/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUHigh.ql
ql/actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.ql
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.ql
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.ql
33 changes: 33 additions & 0 deletions actions/ql/integration-tests/query-suite/actions-security-and-quality.qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
ql/actions/ql/src/Debug/SyntaxError.ql
ql/actions/ql/src/Models/CompositeActionsSinks.ql
ql/actions/ql/src/Models/CompositeActionsSources.ql
ql/actions/ql/src/Models/CompositeActionsSummaries.ql
ql/actions/ql/src/Models/ReusableWorkflowsSinks.ql
ql/actions/ql/src/Models/ReusableWorkflowsSources.ql
ql/actions/ql/src/Models/ReusableWorkflowsSummaries.ql
ql/actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.ql
ql/actions/ql/src/Security/CWE-077/EnvPathInjectionMedium.ql
ql/actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.ql
ql/actions/ql/src/Security/CWE-077/EnvVarInjectionMedium.ql
ql/actions/ql/src/Security/CWE-094/CodeInjectionCritical.ql
ql/actions/ql/src/Security/CWE-094/CodeInjectionMedium.ql
ql/actions/ql/src/Security/CWE-1395/UseOfKnownVulnerableAction.ql
ql/actions/ql/src/Security/CWE-275/MissingActionsPermissions.ql
ql/actions/ql/src/Security/CWE-285/ImproperAccessControl.ql
ql/actions/ql/src/Security/CWE-312/ExcessiveSecretsExposure.ql
ql/actions/ql/src/Security/CWE-312/SecretsInArtifacts.ql
ql/actions/ql/src/Security/CWE-312/UnmaskedSecretExposure.ql
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaCodeInjection.ql
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaDirectCache.ql
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaPoisonabl D856 eStep.ql
ql/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUCritical.ql
ql/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUHigh.ql
ql/actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueCritical.ql
ql/actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueHigh.ql
ql/actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.ql
ql/actions/ql/src/Security/CWE-829/ArtifactPoisoningMedium.ql
ql/actions/ql/src/Security/CWE-829/UnpinnedActionsTag.ql
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.ql
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.ql
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.ql
ql/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.ql
23 changes: 23 additions & 0 deletions actions/ql/integration-tests/query-suite/actions-security-extended.qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
ql/actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.ql
ql/actions/ql/src/Security/CWE-077/EnvPathInjectionMedium.ql
ql/actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.ql
ql/actions/ql/src/Security/CWE-077/EnvVarInjectionMedium.ql
ql/actions/ql/src/Security/CWE-094/CodeInjectionCritical.ql
ql/actions/ql/src/Security/CWE-094/CodeInjectionMedium.ql
ql/actions/ql/src/Security/CWE-1395/UseOfKnownVulnerableAction.ql
ql/actions/ql/src/Security/CWE-275/MissingActionsPermissions.ql
ql/actions/ql/src/Security/CWE-285/ImproperAccessControl.ql
ql/actions/ql/src/Security/CWE-312/ExcessiveSecretsExposure.ql
ql/actions/ql/src/Security/CWE-312/SecretsInArtifacts.ql
ql/actions/ql/src/Security/CWE-312/UnmaskedSecretExposure.ql
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaCodeInjection.ql
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaDirectCache.ql
ql/actions/ql/src/Security/CWE-349/CachePoisoningViaPoisonableStep.ql
ql/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUCritical.ql
ql/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUHigh.ql
ql/actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.ql
ql/actions/ql/src/Security/CWE-829/ArtifactPoisoningMedium.ql
ql/actions/ql/src/Security/CWE-829/UnpinnedActionsTag.ql
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.ql
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.ql
ql/actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.ql
11 changes: 11 additions & 0 deletions actions/ql/integration-tests/query-suite/not_included_in_qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
ql/actions/ql/src/Debug/partial.ql
ql/actions/ql/src/experimental/Security/CWE-074/OutputClobberingHigh.ql
ql/actions/ql/src/experimental/Security/CWE-078/CommandInjectionCritical.ql
ql/actions/ql/src/experimental/Security/CWE-078/CommandInjectionMedium.ql
ql/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionCritical.ql
ql/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionMedium.ql
ql/actions/ql/src/experimental/Security/CWE-200/SecretExfiltration.ql
ql/actions/ql/src/experimental/Security/CWE-284/CodeExecutionOnSelfHostedRunner.ql
ql/actions/ql/src/experimental/Security/CWE-829/ArtifactPoisoningPathTraversal.ql
ql/actions/ql/src/experimental/Security/CWE-829/UnversionedImmutableAction.ql
ql/actions/ql/src/experimental/Security/CWE-918/RequestForgery.ql
14 changes: 14 additions & 0 deletions actions/ql/integration-tests/query-suite/test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
import runs_on
import pytest
from query_suites import *

well_known_query_suites = ['actions-code-quality.qls', 'actions-security-and-quality.qls', 'actions-security-extended.qls', 'actions-code-scanning.qls']

@runs_on.posix
@pytest.mark.parametrize(&q F438 uot;query_suite", well_known_query_suites)
def test(codeql, actions, check_query_suite, query_suite):
check_query_suite(query_suite)

@runs_on.posix
def test_not_included_queries(codeql, actions, check_queries_not_included):
check_queries_not_included('actions', well_known_query_suites)
12 changes: 12 additions & 0 deletions csharp/ql/integration-tests/posix/query-suite/csharp-code-quality.qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
ql/csharp/ql/src/API Abuse/NoDisposeCallOnLocalIDisposable.ql
ql/csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
ql/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql
ql/csharp/ql/src/Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql
ql/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql
ql/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql
ql/csharp/ql/src/Likely Bugs/ReferenceEqualsOnValueTypes.ql
ql/csharp/ql/src/Likely Bugs/SelfAssignment.ql
ql/csharp/ql/src/Likely Bugs/UncheckedCastInEquals.ql
ql/csharp/ql/src/Performance/UseTryGetValue.ql
ql/csharp/ql/src/Useless code/DefaultToString.ql
ql/csharp/ql/src/Useless code/IntGetHashCode.ql
57 changes: 57 additions & 0 deletions csharp/ql/integration-tests/posix/query-suite/csharp-code-scanning.qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
ql/csharp/ql/src/Diagnostics/CompilerError.ql
ql/csharp/ql/src/Diagnostics/CompilerMessage.ql
ql/csharp/ql/src/Diagnostics/DiagnosticExtractionErrors.ql
ql/csharp/ql/src/Diagnostics/ExtractedFiles.ql
ql/csharp/ql/src/Diagnostics/ExtractorError.ql
ql/csharp/ql/src/Diagnostics/ExtractorMessage.ql
ql/csharp/ql/src/Metrics/Summaries/LinesOfCode.ql
ql/csharp/ql/src/Security Features/CWE-011/ASPNetDebug.ql
ql/csharp/ql/src/Security Features/CWE-016/ASPNetPagesValidateRequest.ql
ql/csharp/ql/src/Security Features/CWE-022/TaintedPath.ql
ql/csharp/ql/src/Security Features/CWE-022/ZipSlip.ql
ql/csharp/ql/src/Security Features/CWE-078/CommandInjection.ql
ql/csharp/ql/src/Security Features/CWE-079/XSS.ql
ql/csharp/ql/src/Security Features/CWE-089/SqlInjection.ql
ql/csharp/ql/src/Security Features/CWE-090/LDAPInjection.ql
ql/csharp/ql/src/Security Features/CWE-091/XMLInjection.ql
ql/csharp/ql/src/Security Features/CWE-094/CodeInjection.ql
ql/csharp/ql/src/Security Features/CWE-099/ResourceInjection.ql
ql/csharp/ql/src/Security Features/CWE-114/AssemblyPathInjection.ql
ql/csharp/ql/src/Security Features/CWE-117/LogForging.ql
ql/csharp/ql/src/Security Features/CWE-119/LocalUnvalidatedArithmetic.ql
ql/csharp/ql/src/Security Features/CWE-134/UncontrolledFormatString.ql
ql/csharp/ql/src/Security Features/CWE-201/ExposureInTransmittedData.ql
ql/csharp/ql/src/Security Features/CWE-209/ExceptionInformationExposure.ql
ql/csharp/ql/src/Security Features/CWE-248/MissingASPNETGlobalErrorHandler.ql
ql/csharp/ql/src/Security Features/CWE-312/CleartextStorage.ql
ql/csharp/ql/src/Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql
ql/csharp/ql/src/Security Features/CWE-359/ExposureOfPrivateInformation.ql
ql/csharp/ql/src/Security Features/CWE-384/AbandonSession.ql
ql/csharp/ql/src/Security Features/CWE-451/MissingXFrameOptions.ql
ql/csharp/ql/src/Security Features/CWE-502/DeserializedDelegate.ql
ql/csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.ql
ql/csharp/ql/src/Security Features/CWE-548/ASPNetDirectoryListing.ql
ql/csharp/ql/src/Security Features/CWE-601/UrlRedirect.ql
ql/csharp/ql/src/Security Features/CWE-611/UntrustedDataInsecureXml.ql
ql/csharp/ql/src/Security Features/CWE-614/RequireSSL.ql
ql/csharp/ql/src/Security Features/CWE-643/XPathInjection.ql
ql/csharp/ql/src/Security Features/CWE-730/ReDoS.ql
ql/csharp/ql/src/Security Features/CWE-730/RegexInjection.ql
ql/csharp/ql/src/Security Features/CWE-807/ConditionalBypass.ql
ql/csharp/ql/src/Security Features/CookieWithOverlyBroadDomain.ql
ql/csharp/ql/src/Security Features/CookieWithOverlyBroadPath.ql
ql/csharp/ql/src/Security Features/Encryption using ECB.ql
ql/csharp/ql/src/Security Features/HeaderCheckingDisabled.ql
ql/csharp/ql/src/Security Features/InadequateRSAPadding.ql
ql/csharp/ql/src/Security Features/InsecureRandomness.ql
ql/csharp/ql/src/Security Features/InsufficientKeySize.ql
ql/csharp/ql/src/Security Features/PersistentCookie.ql
ql/csharp/ql/src/Security Features/WeakEncryption.ql
ql/csharp/ql/src/Telemetry/DatabaseQualityDiagnostics.ql
ql/csharp/ql/src/Telemetry/ExternalLibraryUsage.ql
ql/csharp/ql/src/Telemetry/ExtractorInformation.ql
ql/csharp/ql/src/Telemetry/SupportedExternalApis.ql
ql/csharp/ql/src/Telemetry/SupportedExternalSinks.ql
ql/csharp/ql/src/Telemetry/SupportedExternalSources.ql
ql/csharp/ql/src/Telemetry/SupportedExternalTaint.ql
ql/csharp/ql/src/Telemetry/UnsupportedExternalAPIs.ql
173 changes: 173 additions & 0 deletions csharp/ql/integration-tests/posix/query-suite/csharp-security-and-quality.qls.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,173 @@
ql/csharp/ql/src/API Abuse/CallToGCCollect.ql
ql/csharp/ql/src/API Abuse/CallToObsoleteMethod.ql
ql/csharp/ql/src/API Abuse/ClassDoesNotImplementEquals.ql
ql/csharp/ql/src/API Abuse/ClassImplementsICloneable.ql
ql/csharp/ql/src/API Abuse/DisposeNotCalledOnException.ql
ql/csharp/ql/src/API Abuse/FormatInvalid.ql
ql/csharp/ql/src/API Abuse/InconsistentEqualsGetHashCode.ql
ql/csharp/ql/src/API Abuse/IncorrectCompareToSignature.ql
ql/csharp/ql/src/API Abuse/IncorrectEqualsSignature.ql
ql/csharp/ql/src/API Abuse/NoDisposeCallOnLocalIDisposable.ql
ql/csharp/ql/src/API Abuse/NullArgumentToEquals.ql
ql/csharp/ql/src/ASP/BlockCodeResponseWrite.ql
ql/csharp/ql/src/Architecture/Refactoring Opportunities/InappropriateIntimacy.ql
ql/csharp/ql/src/Bad Practices/CallsUnmanagedCode.ql
ql/csharp/ql/src/Bad Practices/CatchOfNullReferenceException.ql
ql/csharp/ql/src/Bad Practices/Control-Flow/ConstantCondition.ql
ql/csharp/ql/src/Bad Practices/Declarations/LocalScopeVariableShadowsMember.ql
ql/csharp/ql/src/Bad Practices/Declarations/TooManyRefParameters.ql
ql/csharp/ql/src/Bad Practices/EmptyCatchBlock.ql
ql/csharp/ql/src/Bad Practices/ErroneousClassCompare.ql
ql/csharp/ql/src/Bad Practices/Implementation Hiding/AbstractToConcreteCollection.ql
ql/csharp/ql/src/Bad Practices/Implementation Hiding/ExposeRepresentation.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/FieldMasksSuperField.ql
ql/csharp/ql/src/Bad Practices/Naming Conventions/SameNameAsSuper.ql
ql/csharp/ql/src/Bad Practices/PathCombine.ql
ql/csharp/ql/src/Bad Practices/UnmanagedCodeCheck.ql
ql/csharp/ql/src/Bad Practices/VirtualCallInConstructorOrDestructor.ql
ql/csharp/ql/src/CSI/CompareIdenticalValues.ql
ql/csharp/ql/src/CSI/NullAlways.ql
ql/csharp/ql/src/CSI/NullMaybe.ql
ql/csharp/ql/src/Complexity/BlockWithTooManyStatements.ql
ql/csharp/ql/src/Complexity/ComplexCondition.ql
ql/csharp/ql/src/Concurrency/FutileSyncOnField.ql
ql/csharp/ql/src/Concurrency/LockOrder.ql
ql/csharp/ql/src/Concurrency/LockThis.ql
ql/csharp/ql/src/Concurrency/LockedWait.ql
ql/csharp/ql/src/Concurrency/SynchSetUnsynchGet.ql
ql/csharp/ql/src/Concurrency/UnsafeLazyInitialization.ql
ql/csharp/ql/src/Concurrency/UnsynchronizedStaticAccess.ql
ql/csharp/ql/src/Configuration/EmptyPasswordInConfigurationFile.ql
ql/csharp/ql/src/Configuration/PasswordInConfigurationFile.ql
ql/csharp/ql/src/Dead Code/DeadStoreOfLocal.ql
ql/csharp/ql/src/Diagnostics/CompilerError.ql
ql/csharp/ql/src/Diagnostics/CompilerMessage.ql
ql/csharp/ql/src/Diagnostics/DiagnosticExtractionErrors.ql
ql/csharp/ql/src/Diagnostics/ExtractedFiles.ql
ql/csharp/ql/src/Diagnostics/ExtractorError.ql
ql/csharp/ql/src/Diagnostics/ExtractorMessage.ql
ql/csharp/ql/src/Documentation/XmldocMissingSummary.ql
ql/csharp/ql/src/Input Validation/UseOfFileUpload.ql
ql/csharp/ql/src/Input Validation/ValueShadowing.ql
ql/csharp/ql/src/Input Validation/ValueShadowingServerVariable.ql
ql/csharp/ql/src/Language Abuse/CastThisToTypeParameter.ql
ql/csharp/ql/src/Language Abuse/CatchOfGenericException.ql
ql/csharp/ql/src/Language Abuse/ChainedIs.ql
ql/csharp/ql/src/Language Abuse/DubiousDowncastOfThis.ql
ql/csharp/ql/src/Language Abuse/DubiousTypeTestOfThis.ql
ql/csharp/ql/src/Language Abuse/MissedReadonlyOpportunity.ql
ql/csharp/ql/src/Language Abuse/MissedTernaryOpportunity.ql
ql/csharp/ql/src/Language Abuse/MissedUsingOpportunity.ql
ql/csharp/ql/src/Language Abuse/NestedIf.ql
ql/csharp/ql/src/Language Abuse/RethrowException.ql
ql/csharp/ql/src/Language Abuse/SimplifyBoolExpr.ql
ql/csharp/ql/src/Language Abuse/UnusedPropertyValue.ql
ql/csharp/ql/src/Language Abuse/UselessCastToSelf.ql
ql/csharp/ql/src/Language Abuse/UselessNullCoalescingExpression.ql
ql/csharp/ql/src/Language Abuse/UselessTypeTest.ql
ql/csharp/ql/src/Language Abuse/UselessUpcast.ql
ql/csharp/ql/src/Likely Bugs/Collections/ContainerLengthCmpOffByOne.ql
ql/csharp/ql/src/Likely Bugs/Collections/ContainerSizeCmpZero.ql
ql/csharp/ql/src/Likely Bugs/Collections/ReadOnlyContainer.ql
ql/csharp/ql/src/Likely Bugs/Collections/WriteOnlyContainer.ql
ql/csharp/ql/src/Likely Bugs/ConstantComparison.ql
ql/csharp/ql/src/Likely Bugs/DangerousNonShortCircuitLogic.ql
ql/csharp/ql/src/Likely Bugs/Dynamic/BadDynamicCall.ql
ql/csharp/ql/src/Likely Bugs/EqualityCheckOnFloats.ql
ql/csharp/ql/src/Likely Bugs/EqualsArray.ql
ql/csharp/ql/src/Likely Bugs/EqualsUsesAs.ql
ql/csharp/ql/src/Likely Bugs/EqualsUsesIs.ql
ql/csharp/ql/src/Likely Bugs/HashedButNoHash.ql
ql/csharp/ql/src/Likely Bugs/ImpossibleArrayCa 10000 st.ql
ql/csharp/ql/src/Likely Bugs/IncomparableEquals.ql
ql/csharp/ql/src/Likely Bugs/InconsistentCompareTo.ql
ql/csharp/ql/src/Likely Bugs/LeapYear/UnsafeYearConstruction.ql
ql/csharp/ql/src/Likely Bugs/MishandlingJapaneseEra.ql
ql/csharp/ql/src/Likely Bugs/NestedLoopsSameVariable.ql
ql/csharp/ql/src/Likely Bugs/ObjectComparison.ql
ql/csharp/ql/src/Likely Bugs/PossibleLossOfPrecision.ql
ql/csharp/ql/src/Likely Bugs/RecursiveEquals.ql
ql/csharp/ql/src/Likely Bugs/RecursiveOperatorEquals.ql
ql/csharp/ql/src/Likely Bugs/ReferenceEqualsOnValueTypes.ql
ql/csharp/ql/src/Likely Bugs/SelfAssignment.ql
ql/csharp/ql/src/Likely Bugs/Statements/EmptyBlock.ql
ql/csharp/ql/src/Likely Bugs/Statements/EmptyLockStatement.ql
ql/csharp/ql/src/Likely Bugs/Statements/UseBraces.ql
ql/csharp/ql/src/Likely Bugs/StaticFieldWrittenByInstance.ql
ql/csharp/ql/src/Likely Bugs/StringBuilderCharInit.ql
ql/csharp/ql/src/Likely Bugs/ThreadUnsafeICryptoTransform.ql
ql/csharp/ql/src/Likely Bugs/ThreadUnsafeICryptoTransformLambda.ql
ql/csharp/ql/src/Likely Bugs/UncheckedCastInEquals.ql
ql/csharp/ql/src/Linq/BadMultipleIteration.ql
ql/csharp/ql/src/Linq/MissedAllOpportunity.ql
ql/csharp/ql/src/Linq/MissedCastOpportunity.ql
ql/csharp/ql/src/Linq/MissedOfTypeOpportunity.ql
ql/csharp/ql/src/Linq/MissedSelectOpportunity.ql
ql/csharp/ql/src/Linq/MissedWhereOpportunity.ql
ql/csharp/ql/src/Linq/RedundantSelect.ql
ql/csharp/ql/src/Metrics/Summaries/LinesOfCode.ql
ql/csharp/ql/src/Performance/StringBuilderInLoop.ql
ql/csharp/ql/src/Performance/StringConcatenationInLoop.ql
ql/csharp/ql/src/Performance/UseTryGetValue.ql
ql/csharp/ql/src/Security Features/CWE-011/ASPNetDebug.ql
ql/csharp/ql/src/Security Features/CWE-016/ASPNetPagesValidateRequest.ql
ql/csharp/ql/src/Security Features/CWE-020/RuntimeChecksBypass.ql
ql/csharp/ql/src/Security Features/CWE-022/TaintedPath.ql
ql/csharp/ql/src/Security Features/CWE-022/ZipSlip.ql
ql/csharp/ql/src/Security Features/CWE-078/CommandInjection.ql
ql/csharp/ql/src/Security Features/CWE-079/XSS.ql
ql/csharp/ql/src/Security Features/CWE-089/SqlInjection.ql
ql/csharp/ql/src/Security Features/CWE-090/LDAPInjection.ql
ql/csharp/ql/src/Security Features/CWE-091/XMLInjection.ql
ql/csharp/ql/src/Security Features/CWE-094/CodeInjection.ql
ql/csharp/ql/src/Security Features/CWE-099/ResourceInjection.ql
ql/csharp/ql/src/Security Features/CWE-112/MissingXMLValidation.ql
ql/csharp/ql/src/Security Features/CWE-114/AssemblyPathInjection.ql
ql/csharp/ql/src/Security Features/CWE-117/LogForging.ql
ql/csharp/ql/src/Security Features/CWE-119/LocalUnvalidatedArithmetic.ql
ql/csharp/ql/src/Security Features/CWE-134/UncontrolledFormatString.ql
ql/csharp/ql/src/Security Features/CWE-201/ExposureInTransmittedData.ql
ql/csharp/ql/src/Security Features/CWE-209/ExceptionInformationExposure.ql
ql/csharp/ql/src/Security Features/CWE-248/MissingASPNETGlobalErrorHandler.ql
ql/csharp/ql/src/Security Features/CWE-285/MissingAccessControl.ql
ql/csharp/ql/src/Security Features/CWE-312/CleartextStorage.ql
ql/csharp/ql/src/Security Features/CWE-327/InsecureSQLConnection.ql
ql/csharp/ql/src/Security Features/CWE-352/MissingAntiForgeryTokenValidation.ql
ql/csharp/ql/src/Security Features/CWE-359/ExposureOfPrivateInformation.ql
ql/csharp/ql/src/Security Features/CWE-384/AbandonSession.ql
ql/csharp/ql/src/Security Features/CWE-451/MissingXFrameOptions.ql
ql/csharp/ql/src/Security Features/CWE-502/DeserializedDelegate.ql
ql/csharp/ql/src/Security Features/CWE-502/UnsafeDeserializationUntrustedInput.ql
ql/csharp/ql/src/Security Features/CWE-548/ASPNetDirectoryListing.ql
ql/csharp/ql/src/Security Features/CWE-601/UrlRedirect.ql
ql/csharp/ql/src/Security Features/CWE-611/UntrustedDataInsecureXml.ql
ql/csharp/ql/src/Security Features/CWE-614/RequireSSL.ql
ql/csharp/ql/src/Security Features/CWE-639/InsecureDirectObjectReference.ql
ql/csharp/ql/src/Security Features/CWE-643/XPathInjection.ql
ql/csharp/ql/src/Security Features/CWE-730/ReDoS.ql
ql/csharp/ql/src/Security Features/CWE-730/RegexInjection.ql
ql/csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql
ql/csharp/ql/src/Security Features/CWE-798/HardcodedCredentials.ql
ql/csharp/ql/src/Security Features/CWE-807/ConditionalBypass.ql
ql/csharp/ql/src/Security Features/CookieWithOverlyBroadDomain.ql
ql/csharp/ql/src/Security Features/CookieWithOverlyBroadPath.ql
ql/csharp/ql/src/Security Features/Encryption using ECB.ql
ql/csharp/ql/src/Security Features/HeaderCheckingDisabled.ql
ql/csharp/ql/src/Security Features/InadequateRSAPadding.ql
ql/csharp/ql/src/Security Features/InsecureRandomness.ql
ql/csharp/ql/src/Security Features/InsufficientKeySize.ql
ql/csharp/ql/src/Security Features/PersistentCookie.ql
ql/csharp/ql/src/Security Features/WeakEncryption.ql
ql/csharp/ql/src/Telemetry/DatabaseQualityDiagnostics.ql
ql/csharp/ql/src/Telemetry/ExternalLibraryUsage.ql
ql/csharp/ql/src/Telemetry/ExtractorInformation.ql
ql/csharp/ql/src/Telemetry/SupportedExternalApis.ql
ql/csharp/ql/src/Telemetry/SupportedExternalSinks.ql
ql/csharp/ql/src/Telemetry/SupportedExternalSources.ql
ql/csharp/ql/src/Telemetry/SupportedExternalTaint.ql
ql/csharp/ql/src/Telemetry/UnsupportedExternalAPIs.ql
ql/csharp/ql/src/Useless code/DefaultToString.ql
ql/csharp/ql/src/Useless code/FutileConditional.ql
ql/csharp/ql/src/Useless code/IntGetHashCode.ql
ql/csharp/ql/src/Useless code/RedundantToStringCall.ql
ql/csharp/ql/src/Useless code/UnusedLabel.ql
Loading
0