Запросы Ruby для анализа CodeQL

Изучите запросы, которые CodeQL используются для анализа кода, написанного в Ruby при выборе default или наборе security-extended запросов.

Кто эту функцию можно использовать?

Code scanning доступен для всех общедоступных репозиториев на GitHub.com. Code scanning также доступен для частных репозиториев, принадлежащих организациям, использующей GitHub Enterprise Cloud и имеющих лицензию на GitHub Advanced Security. Дополнительные сведения см. в разделе Сведения о GitHub Advanced Security.

CodeQL includes many queries for analyzing Ruby code. All queries in the default query suite are run by default. If you choose to use the security-extended query suite, additional queries are run. For more information, see "CodeQL query suites."

Built-in queries for Ruby analysis

This table lists the queries available with the latest release of the CodeQL action and CodeQL CLI. For more information, see CodeQL change logs in the CodeQL documentation site.

Note: GitHub autofix for code scanning is in beta. Functionality and documentation are subject to change. During this phase, the feature is restricted to JavaScript, TypeScript, Python, and Java alerts identified by CodeQL. If you have an enterprise account and use GitHub Advanced Security, your enterprise has access to the beta.

Query nameRelated CWEsDefaultExtended
Bad HTML filtering regexp116, 020, 185, 186
Badly anchored regular expression020
Clear-text logging of sensitive information312, 359, 532
Clear-text storage of sensitive information312, 359, 532
Code injection094, 095, 116
CSRF protection not enabled352
CSRF protection weakened or disabled352
Dependency download using unencrypted communication channel300, 319, 494, 829
Deserialization of user-controlled data502
Download of sensitive file through insecure connection829
Incomplete multi-character sanitization020, 080, 116
Incomplete regular expression for hostnames020
Incomplete string escaping or encoding020, 080, 116
Incomplete URL substring sanitization020
Inefficient regular expression1333, 730, 400
Information exposure through an exception209, 497
Insecure Mass Assignment915
Overly permissive regular expression range020
Polynomial regular expression used on uncontrolled data1333, 730, 400
Reflected server-side cross-site scripting079, 116
Regular expression injection1333, 730, 400
Sensitive data read from GET request598
Server-side request forgery918
SQL query built from user-controlled sources089
Stored cross-site scripting079, 116
Uncontrolled command line078, 088
Uncontrolled data used in path expression022, 023, 036, 073, 099
Unsafe HTML constructed from library input079, 116
Unsafe shell command constructed from library input078, 088, 073
URL redirection from remote source601
Use of Kernel.open or IO.read or similar sinks with a non-constant value078, 088, 073
Use of Kernel.open, IO.read or similar sinks with user-controlled input078, 088, 073
Use of a broken or weak cryptographic algorithm327
Use of externally-controlled format string134
Weak cookie configuration732, 1275
XML external entity expansion611, 776, 827
Hard-coded credentials259, 321, 798
Hard-coded data interpreted as code506
Log injection117
Missing regular expression anchor020
Network data written to file912, 434
Request without certificate validation295
Unsafe code constructed from library input094, 079, 116