hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #19507 from michaelnebel/removehardcodedpassword

Browse Source 
Exclude some queries from query suites by lowering their precision.
This commit is contained in:
Michael Nebel
2025-05-21 11:13:14 +02:00
committed by GitHub
parent 789e881254 dabeddb62d
commit 2952c0d2b4
41 changed files with 50 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ruby/ql/integration-tests/query-suite/not_included_in_qls.expected
View File

@@ -30,6 +30,7 @@ ql/ruby/ql/src/queries/metrics/FLinesOfCode.ql
ql/ruby/ql/src/queries/metrics/FLinesOfComments.ql
ql/ruby/ql/src/queries/modeling/GenerateModel.ql
ql/ruby/ql/src/queries/security/cwe-732/WeakFilePermissions.ql
ql/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
ql/ruby/ql/src/queries/variables/UnusedParameter.ql
ql/ruby/ql/src/utils/modeleditor/ApplicationModeEndpoints.ql
ql/ruby/ql/src/utils/modeleditor/FrameworkModeAccessPaths.ql

1
ruby/ql/integration-tests/query-suite/ruby-security-and-quality.qls.expected
View File

@@ -41,7 +41,6 @@ ql/ruby/ql/src/queries/security/cwe-598/SensitiveGetQuery.ql
ql/ruby/ql/src/queries/security/cwe-601/UrlRedirect.ql
ql/ruby/ql/src/queries/security/cwe-611/Xxe.ql
ql/ruby/ql/src/queries/security/cwe-732/WeakCookieConfiguration.ql
ql/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
ql/ruby/ql/src/queries/security/cwe-829/InsecureDownload.ql
ql/ruby/ql/src/queries/security/cwe-912/HttpToFileAccess.ql
ql/ruby/ql/src/queries/security/cwe-915/MassAssignment.ql

1
ruby/ql/integration-tests/query-suite/ruby-security-extended.qls.expected
View File

@@ -40,7 +40,6 @@ ql/ruby/ql/src/queries/security/cwe-598/SensitiveGetQuery.ql
ql/ruby/ql/src/queries/security/cwe-601/UrlRedirect.ql
ql/ruby/ql/src/queries/security/cwe-611/Xxe.ql
ql/ruby/ql/src/queries/security/cwe-732/WeakCookieConfiguration.ql
ql/ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
ql/ruby/ql/src/queries/security/cwe-829/InsecureDownload.ql
ql/ruby/ql/src/queries/security/cwe-912/HttpToFileAccess.ql
ql/ruby/ql/src/queries/security/cwe-915/MassAssignment.ql

4
ruby/ql/src/change-notes/2025-05-16-hardcoded-credentials.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* The query `rb/hardcoded-credentials` has been removed from all query suites.

2
ruby/ql/src/queries/security/cwe-798/HardcodedCredentials.ql
View File

@@ -4,7 +4,7 @@
* @kind path-problem
* @problem.severity error
* @security-severity 9.8
* @precision medium
* @precision low
* @id rb/hardcoded-credentials
* @tags security
* external/cwe/cwe-259