From 98e6fc8a880c2d0a149f3cdf4a34b5ec790851de Mon Sep 17 00:00:00 2001 From: Rasmus Wriedt Larsen Date: Tue, 16 Nov 2021 12:03:50 +0100 Subject: [PATCH] Python/Ruby: Remove owasp tags These are no longer correct, since the A1 category changed from 2017 to 2021, see https://owasp.org/Top10/#whats-changed-in-the-top-10-for-2021 Since only a very few queries had these tags, I think we're much better off having them removed. --- python/ql/src/Security/CWE-022/PathInjection.ql | 1 - python/ql/src/Security/CWE-078/CommandInjection.ql | 1 - python/ql/src/Security/CWE-089/SqlInjection.ql | 1 - python/ql/src/Security/CWE-094/CodeInjection.ql | 1 - ruby/ql/src/queries/security/cwe-089/SqlInjection.ql | 1 - ruby/ql/src/queries/security/cwe-094/CodeInjection.ql | 1 - 6 files changed, 6 deletions(-) diff --git a/python/ql/src/Security/CWE-022/PathInjection.ql b/python/ql/src/Security/CWE-022/PathInjection.ql index ed4d9fc6a32f..ec745cfbff7d 100644 --- a/python/ql/src/Security/CWE-022/PathInjection.ql +++ b/python/ql/src/Security/CWE-022/PathInjection.ql @@ -9,7 +9,6 @@ * @id py/path-injection * @tags correctness * security - * external/owasp/owasp-a1 * external/cwe/cwe-022 * external/cwe/cwe-023 * external/cwe/cwe-036 diff --git a/python/ql/src/Security/CWE-078/CommandInjection.ql b/python/ql/src/Security/CWE-078/CommandInjection.ql index 111ce7ed261f..29ef95717a41 100755 --- a/python/ql/src/Security/CWE-078/CommandInjection.ql +++ b/python/ql/src/Security/CWE-078/CommandInjection.ql @@ -10,7 +10,6 @@ * @id py/command-line-injection * @tags correctness * security - * external/owasp/owasp-a1 * external/cwe/cwe-078 * external/cwe/cwe-088 */ diff --git a/python/ql/src/Security/CWE-089/SqlInjection.ql b/python/ql/src/Security/CWE-089/SqlInjection.ql index 9e6cf08899d3..548e9d7b5eb5 100644 --- a/python/ql/src/Security/CWE-089/SqlInjection.ql +++ b/python/ql/src/Security/CWE-089/SqlInjection.ql @@ -9,7 +9,6 @@ * @id py/sql-injection * @tags security * external/cwe/cwe-089 - * external/owasp/owasp-a1 */ import python diff --git a/python/ql/src/Security/CWE-094/CodeInjection.ql b/python/ql/src/Security/CWE-094/CodeInjection.ql index bcf16dc6d8a3..fb344aa8e54e 100644 --- a/python/ql/src/Security/CWE-094/CodeInjection.ql +++ b/python/ql/src/Security/CWE-094/CodeInjection.ql @@ -9,7 +9,6 @@ * @precision high * @id py/code-injection * @tags security - * external/owasp/owasp-a1 * external/cwe/cwe-094 * external/cwe/cwe-095 * external/cwe/cwe-116 diff --git a/ruby/ql/src/queries/security/cwe-089/SqlInjection.ql b/ruby/ql/src/queries/security/cwe-089/SqlInjection.ql index de795e34e712..dbffd00290ff 100644 --- a/ruby/ql/src/queries/security/cwe-089/SqlInjection.ql +++ b/ruby/ql/src/queries/security/cwe-089/SqlInjection.ql @@ -9,7 +9,6 @@ * @id rb/sql-injection * @tags security * external/cwe/cwe-089 - * external/owasp/owasp-a1 */ import ruby diff --git a/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql b/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql index 60e8e32c2f69..c3b524097105 100644 --- a/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql +++ b/ruby/ql/src/queries/security/cwe-094/CodeInjection.ql @@ -9,7 +9,6 @@ * @precision high * @id rb/code-injection * @tags security - * external/owasp/owasp-a1 * external/cwe/cwe-094 * external/cwe/cwe-095 * external/cwe/cwe-116