PSScriptanalyzer rules port #19343
Closed
PSScriptanalyzer rules port #19343
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… and misc. crypto example files
…er-shared-changes Powershell: Fix dataflow library after GitHub changes
Compatible with the latest released version of the CodeQL CLI
…ition Brodes/open source query transition
…ifications to the shared dataflow library files.
Shared: Refactor `DataFlowStack`
Java/C#: Add missing files from #157
Java: Update file that was forgotten in #157
PS: Handle more flow sources
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR ports several PSScriptanalyzer rules and updates related example code, documentation, and workflow automation for the CodeQL repository.
- Adds a new example in C for conditional leap year logic.
- Updates change notes with a new class for additional call targets.
- Introduces and enhances GitHub workflows along with security and README updates.
Reviewed Changes
Copilot reviewed 1850 out of 1862 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| cpp/ql/src/Likely Bugs/Leap Year/examples/LeapYearConditionalLogicBad.c | Adds example code demonstrating leap year logic with branch comments. |
| cpp/ql/lib/change-notes/2023-10-12-additional-call-targets.md | Documenting the addition of the AdditionalCallTarget class. |
| SECURITY.md | Includes updated security guidelines and instructions. |
| README.md | Minor updates to spacing in tasks section. |
| .github/workflows/sync-main.yml | New workflow for syncing the main branch with upstream changes. |
| .github/workflows/powershell-pr-check.yml | New PowerShell PR check workflow for the repository. |
Files not reviewed (12)
- cpp/ql/lib/experimental/cryptography/utils/OpenSSL/CryptoFunction.qll: Language not supported
- cpp/ql/lib/semmle/code/cpp/models/implementations/Iterator.qll: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/Adding365DaysPerYear.ql: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/AntiPattern5InvalidLeapYearCheck.ql: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/LeapYearConditionalLogic.qhelp: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/LeapYearConditionalLogic.ql: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.qhelp: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/UncheckedLeapYearAfterYearModification.ql: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/UncheckedReturnValueForTimeFunctions.qhelp: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/UncheckedReturnValueForTimeFunctions.ql: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/UnsafeArrayForDaysOfYear.qhelp: Language not supported
- cpp/ql/src/Likely Bugs/Leap Year/UnsafeArrayForDaysOfYear.ql: Language not supported
Comments suppressed due to low confidence (2)
cpp/ql/src/Likely Bugs/Leap Year/examples/LeapYearConditionalLogicBad.c:5
- Consider adding tests that cover the 'isLeapYear' true branch to ensure the untested path is validated.
// untested path
cpp/ql/src/Likely Bugs/Leap Year/examples/LeapYearConditionalLogicBad.c:16
- Add tests to cover the leap day detection branch to ensure complete testing of the conditional logic.
// untested path
github-actions
bot
added
C#
JS
C++
documentation
Java
Python
Ruby
Rust
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Porting the following:
AvoidUsingComputerNameHardcoded
AvoidUsingConvertToSecureStringWithPlainText
AvoidUsingUsernameAndPasswordParams
ReservedCmdletChar