From 10bb88825eb6438c1b4ad976f926fe5d18d547ae Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Thu, 26 Jun 2025 14:51:14 +0100 Subject: [PATCH] Add full stop at the end of each reference --- .../ql/src/Security/CWE-077/EnvPathInjectionCritical.md | 2 +- actions/ql/src/Security/CWE-077/EnvPathInjectionMedium.md | 2 +- .../ql/src/Security/CWE-077/EnvVarInjectionCritical.md | 4 ++-- actions/ql/src/Security/CWE-077/EnvVarInjectionMedium.md | 4 ++-- .../src/Security/CWE-1395/UseOfKnownVulnerableAction.md | 2 +- .../ql/src/Security/CWE-275/MissingActionsPermissions.md | 2 +- actions/ql/src/Security/CWE-285/ImproperAccessControl.md | 2 +- .../ql/src/Security/CWE-312/ExcessiveSecretsExposure.md | 4 ++-- actions/ql/src/Security/CWE-312/UnmaskedSecretExposure.md | 2 +- .../Security/CWE-349/CachePoisoningViaCodeInjection.md | 6 +++--- .../src/Security/CWE-349/CachePoisoningViaDirectCache.md | 6 +++--- .../Security/CWE-349/CachePoisoningViaPoisonableStep.md | 6 +++--- .../Security/CWE-367/UntrustedCheckoutTOCTOUCritical.md | 2 +- .../src/Security/CWE-367/UntrustedCheckoutTOCTOUHigh.md | 2 +- .../Security/CWE-571/ExpressionIsAlwaysTrueCritical.md | 2 +- .../ql/src/Security/CWE-571/ExpressionIsAlwaysTrueHigh.md | 2 +- .../ql/src/Security/CWE-829/ArtifactPoisoningCritical.md | 2 +- .../ql/src/Security/CWE-829/ArtifactPoisoningMedium.md | 2 +- actions/ql/src/Security/CWE-829/UnpinnedActionsTag.md | 2 +- .../ql/src/Security/CWE-829/UntrustedCheckoutCritical.md | 2 +- actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md | 2 +- .../ql/src/Security/CWE-829/UntrustedCheckoutMedium.md | 2 +- .../CodeQL/UnnecessaryUseOfAdvancedConfig.md | 2 +- .../Security/CWE-088/ArgumentInjectionCritical.md | 8 ++++---- .../Security/CWE-088/ArgumentInjectionMedium.md | 8 ++++---- .../Security/CWE-829/UnversionedImmutableAction.md | 2 +- docs/query-help-style-guide.md | 4 ++-- ruby/ql/src/queries/variables/UninitializedLocal.md | 4 ++-- 28 files changed, 45 insertions(+), 45 deletions(-) diff --git a/actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.md b/actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.md index 2058ff00e9b..7a677221983 100644 --- a/actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.md +++ b/actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.md @@ -34,4 +34,4 @@ If an attacker can manipulate the value being set, such as through artifact down ## References -- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions) +- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions). diff --git a/actions/ql/src/Security/CWE-077/EnvPathInjectionMedium.md b/actions/ql/src/Security/CWE-077/EnvPathInjectionMedium.md index 2058ff00e9b..7a677221983 100644 --- a/actions/ql/src/Security/CWE-077/EnvPathInjectionMedium.md +++ b/actions/ql/src/Security/CWE-077/EnvPathInjectionMedium.md @@ -34,4 +34,4 @@ If an attacker can manipulate the value being set, such as through artifact down ## References -- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions) +- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions). diff --git a/actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.md b/actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.md index ae8949dc76b..bd179f7f254 100644 --- a/actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.md +++ b/actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.md @@ -111,5 +111,5 @@ An attacker is be able to run arbitrary code by injecting environment variables ## References -- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions) -- [GitHub Actions Exploitation: Repo Jacking and Environment Manipulation](https://www.synacktiv.com/publications/github-actions-exploitation-repo-jacking-and-environment-manipulation) +- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions). +- [GitHub Actions Exploitation: Repo Jacking and Environment Manipulation](https://www.synacktiv.com/publications/github-actions-exploitation-repo-jacking-and-environment-manipulation). diff --git a/actions/ql/src/Security/CWE-077/EnvVarInjectionMedium.md b/actions/ql/src/Security/CWE-077/EnvVarInjectionMedium.md index 3a9a37d85ff..cec9745d554 100644 --- a/actions/ql/src/Security/CWE-077/EnvVarInjectionMedium.md +++ b/actions/ql/src/Security/CWE-077/EnvVarInjectionMedium.md @@ -111,5 +111,5 @@ An attacker would be able to run arbitrary code by injecting environment variabl ## References -- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions) -- [GitHub Actions Exploitation: Repo Jacking and Environment Manipulation](https://www.synacktiv.com/publications/github-actions-exploitation-repo-jacking-and-environment-manipulation) +- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions). +- [GitHub Actions Exploitation: Repo Jacking and Environment Manipulation](https://www.synacktiv.com/publications/github-actions-exploitation-repo-jacking-and-environment-manipulation). diff --git a/actions/ql/src/Security/CWE-1395/UseOfKnownVulnerableAction.md b/actions/ql/src/Security/CWE-1395/UseOfKnownVulnerableAction.md index 9c44b0fd76f..a47dd852cef 100644 --- a/actions/ql/src/Security/CWE-1395/UseOfKnownVulnerableAction.md +++ b/actions/ql/src/Security/CWE-1395/UseOfKnownVulnerableAction.md @@ -8,4 +8,4 @@ Either remove the component from the workflow or upgrade it to a version that is ## References -- [GitHub Docs: Keeping your actions up to date with Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot) +- [GitHub Docs: Keeping your actions up to date with Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot). diff --git a/actions/ql/src/Security/CWE-275/MissingActionsPermissions.md b/actions/ql/src/Security/CWE-275/MissingActionsPermissions.md index bfbaf589a45..04a07d2a897 100644 --- a/actions/ql/src/Security/CWE-275/MissingActionsPermissions.md +++ b/actions/ql/src/Security/CWE-275/MissingActionsPermissions.md @@ -36,4 +36,4 @@ jobs: ## References -- [Assigning permissions to jobs](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/assigning-permissions-to-jobs) +- [Assigning permissions to jobs](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/assigning-permissions-to-jobs). diff --git a/actions/ql/src/Security/CWE-285/ImproperAccessControl.md b/actions/ql/src/Security/CWE-285/ImproperAccessControl.md index 63694670c5c..f889fb2fb23 100644 --- a/actions/ql/src/Security/CWE-285/ImproperAccessControl.md +++ b/actions/ql/src/Security/CWE-285/ImproperAccessControl.md @@ -55,4 +55,4 @@ jobs: ## References -- [Events that trigger workflows](https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#pull_request_target) +- [Events that trigger workflows](https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#pull_request_target). diff --git a/actions/ql/src/Security/CWE-312/ExcessiveSecretsExposure.md b/actions/ql/src/Security/CWE-312/ExcessiveSecretsExposure.md index 629de4c23f2..f8385783646 100644 --- a/actions/ql/src/Security/CWE-312/ExcessiveSecretsExposure.md +++ b/actions/ql/src/Security/CWE-312/ExcessiveSecretsExposure.md @@ -46,5 +46,5 @@ env: ## References -- [Using secrets in GitHub Actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#using-encrypted-secrets-in-a-workflow) -- [Job uses all secrets](https://github.com/boostsecurityio/poutine/blob/main/docs/content/en/rules/job_all_secrets.md) +- [Using secrets in GitHub Actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#using-encrypted-secrets-in-a-workflow). +- [Job uses all secrets](https://github.com/boostsecurityio/poutine/blob/main/docs/content/en/rules/job_all_secrets.md). diff --git a/actions/ql/src/Security/CWE-312/UnmaskedSecretExposure.md b/actions/ql/src/Security/CWE-312/UnmaskedSecretExposure.md index 26f30b2fc71..d43616437af 100644 --- a/actions/ql/src/Security/CWE-312/UnmaskedSecretExposure.md +++ b/actions/ql/src/Security/CWE-312/UnmaskedSecretExposure.md @@ -32,4 +32,4 @@ Avoid defining non-plain secrets. For example, do not define a new secret contai ## References -- [Using secrets in GitHub Actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#using-encrypted-secrets-in-a-workflow) +- [Using secrets in GitHub Actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#using-encrypted-secrets-in-a-workflow). diff --git a/actions/ql/src/Security/CWE-349/CachePoisoningViaCodeInjection.md b/actions/ql/src/Security/CWE-349/CachePoisoningViaCodeInjection.md index 446edd8b525..6e86bddf678 100644 --- a/actions/ql/src/Security/CWE-349/CachePoisoningViaCodeInjection.md +++ b/actions/ql/src/Security/CWE-349/CachePoisoningViaCodeInjection.md @@ -76,6 +76,6 @@ jobs: ## References -- [The Monsters in Your Build Cache – GitHub Actions Cache Poisoning](https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/) -- [GitHub Actions Caching Documentation](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows) -- [Cache Poisoning in GitHub Actions](https://scribesecurity.com/blog/github-cache-poisoning/) +- [The Monsters in Your Build Cache – GitHub Actions Cache Poisoning](https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/). +- [GitHub Actions Caching Documentation](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows). +- [Cache Poisoning in GitHub Actions](https://scribesecurity.com/blog/github-cache-poisoning/). diff --git a/actions/ql/src/Security/CWE-349/CachePoisoningViaDirectCache.md b/actions/ql/src/Security/CWE-349/CachePoisoningViaDirectCache.md index edd8b19be8b..6b9d3d44126 100644 --- a/actions/ql/src/Security/CWE-349/CachePoisoningViaDirectCache.md +++ b/actions/ql/src/Security/CWE-349/CachePoisoningViaDirectCache.md @@ -121,6 +121,6 @@ jobs: ## References -- [The Monsters in Your Build Cache – GitHub Actions Cache Poisoning](https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/) -- [GitHub Actions Caching Documentation](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows) -- [Cache Poisoning in GitHub Actions](https://scribesecurity.com/blog/github-cache-poisoning/) +- [The Monsters in Your Build Cache – GitHub Actions Cache Poisoning](https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/). +- [GitHub Actions Caching Documentation](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows). +- [Cache Poisoning in GitHub Actions](https://scribesecurity.com/blog/github-cache-poisoning/). diff --git a/actions/ql/src/Security/CWE-349/CachePoisoningViaPoisonableStep.md b/actions/ql/src/Security/CWE-349/CachePoisoningViaPoisonableStep.md index 1fa0536499b..3849d645fb6 100644 --- a/actions/ql/src/Security/CWE-349/CachePoisoningViaPoisonableStep.md +++ b/actions/ql/src/Security/CWE-349/CachePoisoningViaPoisonableStep.md @@ -78,6 +78,6 @@ jobs: ## References -- [The Monsters in Your Build Cache – GitHub Actions Cache Poisoning](https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/) -- [GitHub Actions Caching Documentation](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows) -- [Cache Poisoning in GitHub Actions](https://scribesecurity.com/blog/github-cache-poisoning/) +- [The Monsters in Your Build Cache – GitHub Actions Cache Poisoning](https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/). +- [GitHub Actions Caching Documentation](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows). +- [Cache Poisoning in GitHub Actions](https://scribesecurity.com/blog/github-cache-poisoning/). diff --git a/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUCritical.md b/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUCritical.md index fe650418fa9..c1912b97fa8 100644 --- a/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUCritical.md +++ b/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUCritical.md @@ -97,4 +97,4 @@ jobs: ## References -- [ActionsTOCTOU](https://github.com/AdnaneKhan/ActionsTOCTOU) +- [ActionsTOCTOU](https://github.com/AdnaneKhan/ActionsTOCTOU). diff --git a/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUHigh.md b/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUHigh.md index fe650418fa9..c1912b97fa8 100644 --- a/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUHigh.md +++ b/actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUHigh.md @@ -97,4 +97,4 @@ jobs: ## References -- [ActionsTOCTOU](https://github.com/AdnaneKhan/ActionsTOCTOU) +- [ActionsTOCTOU](https://github.com/AdnaneKhan/ActionsTOCTOU). diff --git a/actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueCritical.md b/actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueCritical.md index 5c825fab382..ced5434bdc3 100644 --- a/actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueCritical.md +++ b/actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueCritical.md @@ -58,4 +58,4 @@ To avoid the vulnerability where an `if` condition always evaluates to `true`, i ## References -- [Expression Always True Github Issue](https://github.com/actions/runner/issues/1173) +- [Expression Always True Github Issue](https://github.com/actions/runner/issues/1173). diff --git a/actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueHigh.md b/actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueHigh.md index 5c825fab382..ced5434bdc3 100644 --- a/actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueHigh.md +++ b/actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueHigh.md @@ -58,4 +58,4 @@ To avoid the vulnerability where an `if` condition always evaluates to `true`, i ## References -- [Expression Always True Github Issue](https://github.com/actions/runner/issues/1173) +- [Expression Always True Github Issue](https://github.com/actions/runner/issues/1173). diff --git a/actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.md b/actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.md index 44eb0a7badc..0a9c39d7839 100644 --- a/actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.md +++ b/actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.md @@ -67,4 +67,4 @@ jobs: ## References -- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) +- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/). diff --git a/actions/ql/src/Security/CWE-829/ArtifactPoisoningMedium.md b/actions/ql/src/Security/CWE-829/ArtifactPoisoningMedium.md index 44eb0a7badc..0a9c39d7839 100644 --- a/actions/ql/src/Security/CWE-829/ArtifactPoisoningMedium.md +++ b/actions/ql/src/Security/CWE-829/ArtifactPoisoningMedium.md @@ -67,4 +67,4 @@ jobs: ## References -- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) +- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/). diff --git a/actions/ql/src/Security/CWE-829/UnpinnedActionsTag.md b/actions/ql/src/Security/CWE-829/UnpinnedActionsTag.md index 5ea95d995a2..700c7d6b3b0 100644 --- a/actions/ql/src/Security/CWE-829/UnpinnedActionsTag.md +++ b/actions/ql/src/Security/CWE-829/UnpinnedActionsTag.md @@ -22,4 +22,4 @@ Pinning an action to a full length commit SHA is currently the only way to use a ## References -- [Using third-party actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#using-third-party-actions) +- [Using third-party actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#using-third-party-actions). diff --git a/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md b/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md index 6c982ac027e..84fdbc14311 100644 --- a/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md +++ b/actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md @@ -132,4 +132,4 @@ jobs: ## References -- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) +- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/). diff --git a/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md b/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md index 6c982ac027e..84fdbc14311 100644 --- a/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md +++ b/actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md @@ -132,4 +132,4 @@ jobs: ## References -- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) +- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/). diff --git a/actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md b/actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md index 6c982ac027e..84fdbc14311 100644 --- a/actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md +++ b/actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md @@ -132,4 +132,4 @@ jobs: ## References -- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) +- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/). diff --git a/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.md b/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.md index eb0fd972065..f33bfef18a5 100644 --- a/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.md +++ b/actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.md @@ -8,4 +8,4 @@ If there is no reason to have a custom configuration switch to the CodeQL defaul ## References -- [GitHub Docs: Configuring Default Setup for a repository](https://docs.github.com/en/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#configuring-default-setup-for-a-repository) +- [GitHub Docs: Configuring Default Setup for a repository](https://docs.github.com/en/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#configuring-default-setup-for-a-repository). diff --git a/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionCritical.md b/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionCritical.md index 932962082b7..c091a91b037 100644 --- a/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionCritical.md +++ b/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionCritical.md @@ -33,7 +33,7 @@ An attacker may set the body of an Issue comment to `BAR/g;1e whoami;#` and the ## References -- [Common Weakness Enumeration: CWE-88](https://cwe.mitre.org/data/definitions/88.html). -- [Argument Injection Explained](https://sonarsource.github.io/argument-injection-vectors/explained/) -- [Argument Injection Vectors](https://sonarsource.github.io/argument-injection-vectors/) -- [GTFOBins](https://gtfobins.github.io/) +- Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html). +- [Argument Injection Explained](https://sonarsource.github.io/argument-injection-vectors/explained/). +- [Argument Injection Vectors](https://sonarsource.github.io/argument-injection-vectors/). +- [GTFOBins](https://gtfobins.github.io/). diff --git a/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionMedium.md b/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionMedium.md index af059356b5c..3a0f5a7ba23 100644 --- a/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionMedium.md +++ b/actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionMedium.md @@ -33,7 +33,7 @@ An attacker may set the body of an Issue comment to `BAR|g;1e whoami;#` and the ## References -- [Common Weakness Enumeration: CWE-88](https://cwe.mitre.org/data/definitions/88.html). -- [Argument Injection Explained](https://sonarsource.github.io/argument-injection-vectors/explained/) -- [Argument Injection Vectors](https://sonarsource.github.io/argument-injection-vectors/) -- [GTFOBins](https://gtfobins.github.io/) +- Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html). +- [Argument Injection Explained](https://sonarsource.github.io/argument-injection-vectors/explained/). +- [Argument Injection Vectors](https://sonarsource.github.io/argument-injection-vectors/). +- [GTFOBins](https://gtfobins.github.io/). diff --git a/actions/ql/src/experimental/Security/CWE-829/UnversionedImmutableAction.md b/actions/ql/src/experimental/Security/CWE-829/UnversionedImmutableAction.md index c904a4b3176..5101eebceee 100644 --- a/actions/ql/src/experimental/Security/CWE-829/UnversionedImmutableAction.md +++ b/actions/ql/src/experimental/Security/CWE-829/UnversionedImmutableAction.md @@ -23,4 +23,4 @@ For internal users: when using [immutable actions](https://github.com/github/pac ## References -- [Consuming immutable actions]() +- [Consuming immutable actions](). diff --git a/docs/query-help-style-guide.md b/docs/query-help-style-guide.md index 010dd1cfa97..820c1da0260 100644 --- a/docs/query-help-style-guide.md +++ b/docs/query-help-style-guide.md @@ -242,8 +242,8 @@ tab width settings cannot be taken into account. ## References -* Java SE Documentation: [Compound Statements](https://www.oracle.com/java/technologies/javase/codeconventions-statements.html#15395) -* Wikipedia: [Indentation style](https://en.wikipedia.org/wiki/Indentation_style) +* Java SE Documentation: [Compound Statements](https://www.oracle.com/java/technologies/javase/codeconventions-statements.html#15395). +* Wikipedia: [Indentation style](https://en.wikipedia.org/wiki/Indentation_style). ```` ### XML example diff --git a/ruby/ql/src/queries/variables/UninitializedLocal.md b/ruby/ql/src/queries/variables/UninitializedLocal.md index 85468444af8..dfb584125eb 100644 --- a/ruby/ql/src/queries/variables/UninitializedLocal.md +++ b/ruby/ql/src/queries/variables/UninitializedLocal.md @@ -38,5 +38,5 @@ end ## References -- https://www.rubyguides.com/: [Nil](https://www.rubyguides.com/2018/01/ruby-nil/) -- https://ruby-doc.org/: [NoMethodError](https://ruby-doc.org/core-2.6.5/NoMethodError.html) +- https://www.rubyguides.com/: [Nil](https://www.rubyguides.com/2018/01/ruby-nil/). +- https://ruby-doc.org/: [NoMethodError](https://ruby-doc.org/core-2.6.5/NoMethodError.html).