C#: Adjust query metadata and library references.

michaelnebel · michaelnebel · commit 23e23ec43dec · 2024-11-06T11:57:23.000+01:00
diff --git a/csharp/src/security/CWE-099/TaintedWebClient.ql b/csharp/src/security/CWE-099/TaintedWebClient.ql
@@ -5,9 +5,8 @@
  * @kind path-problem
  * @problem.severity error
  * @precision high
- * @id cs/webclient-path-injection
+ * @id githubsecuritylab/cs/webclient-path-injection
  * @tags security
- *       experimental
  *       external/cwe/cwe-099
  *       external/cwe/cwe-023
  *       external/cwe/cwe-036
diff --git a/csharp/src/security/CWE-1004/CookieWithoutHttpOnly.ql b/csharp/src/security/CWE-1004/CookieWithoutHttpOnly.ql
@@ -7,17 +7,16 @@
  * @kind problem
  * @problem.severity warning
  * @precision high
- * @id cs/web/cookie-httponly-not-set
+ * @id githubsecuritylab/cs/web/cookie-httponly-not-set
  * @tags security
- *       experimental
  *       external/cwe/cwe-1004
  */
 
 import csharp
 import semmle.code.asp.WebConfig
 import semmle.code.csharp.frameworks.system.Web
 import semmle.code.csharp.frameworks.microsoft.AspNetCore
-import experimental.dataflow.flowsources.AuthCookie
+import security.dataflow.flowsources.AuthCookie
 
 from Expr httpOnlySink
 where
diff --git a/csharp/src/security/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql b/csharp/src/security/CWE-327/Azure/UnsafeUsageOfClientSideEncryptionVersion.ql
@@ -4,9 +4,8 @@
  * @kind problem
  * @tags security
  *       cryptography
- *       experimental
  *       external/cwe/cwe-327
- * @id cs/azure-storage/unsafe-usage-of-client-side-encryption-version
+ * @id githubsecuritylab/cs/azure-storage/unsafe-usage-of-client-side-encryption-version
  * @problem.severity error
  * @precision high
  */
diff --git a/csharp/src/security/CWE-614/CookieWithoutSecure.ql b/csharp/src/security/CWE-614/CookieWithoutSecure.ql
@@ -6,9 +6,8 @@
  * @kind problem
  * @problem.severity error
  * @precision high
- * @id cs/web/cookie-secure-not-set
+ * @id githubsecuritylab/cs/web/cookie-secure-not-set
  * @tags security
- *       experimental
  *       external/cwe/cwe-319
  *       external/cwe/cwe-614
  */
@@ -17,7 +16,7 @@ import csharp
 import semmle.code.asp.WebConfig
 import semmle.code.csharp.frameworks.system.Web
 import semmle.code.csharp.frameworks.microsoft.AspNetCore
-import experimental.dataflow.flowsources.AuthCookie
+import security.dataflow.flowsources.AuthCookie
 
 from Expr secureSink
 where
diff --git a/csharp/src/security/CWE-759/HashWithoutSalt.ql b/csharp/src/security/CWE-759/HashWithoutSalt.ql
@@ -3,9 +3,8 @@
  * @description Hashed passwords without a salt are vulnerable to dictionary attacks.
  * @kind path-problem
  * @problem.severity error
- * @id cs/hash-without-salt
+ * @id githubsecuritylab/cs/hash-without-salt
  * @tags security
- *       experimental
  *       external/cwe/cwe-759
  */
 
diff --git a/csharp/src/security/CWE-918/RequestForgery.ql b/csharp/src/security/CWE-918/RequestForgery.ql
@@ -4,9 +4,8 @@
  * @kind path-problem
  * @problem.severity error
  * @precision high
- * @id cs/request-forgery
+ * @id githubsecuritylab/cs/request-forgery
  * @tags security
- *       experimental
  *       external/cwe/cwe-918
  */
 
diff --git a/csharp/src/security/JsonWebTokenHandler/delegated-security-validations-always-return-true.ql b/csharp/src/security/JsonWebTokenHandler/delegated-security-validations-always-return-true.ql
@@ -4,10 +4,9 @@
  *   Higher precision version checks for exception throws, so less false positives are expected.
  * @kind problem
  * @tags security
- *       experimental
  *       JsonWebTokenHandler
  *       manual-verification-required
- * @id cs/json-webtoken-handler/delegated-security-validations-always-return-true
+ * @id githubsecuritylab/cs/json-webtoken-handler/delegated-security-validations-always-return-true
  * @problem.severity error
  * @precision high
  */
diff --git a/csharp/src/security/JsonWebTokenHandler/security-validation-disabled.ql b/csharp/src/security/JsonWebTokenHandler/security-validation-disabled.ql
@@ -3,10 +3,9 @@
  * @description Check if security sensitive token validations for `JsonWebTokenHandler` are being disabled.
  * @kind problem
  * @tags security
- *       experimental
  *       JsonWebTokenHandler
  *       manual-verification-required
- * @id cs/json-webtoken-handler/security-validations-disabled
+ * @id githubsecuritylab/cs/json-webtoken-handler/security-validations-disabled
  * @problem.severity error
  * @precision high
  */
diff --git a/csharp/src/security/Serialization/DefiningDatasetRelatedType.ql b/csharp/src/security/Serialization/DefiningDatasetRelatedType.ql
@@ -3,9 +3,8 @@
  * @description Defining a class that inherits or has a property derived from the obsolete DataSet or DataTable types may lead to the usage of dangerous functionality. Please visit https://go.microsoft.com/fwlink/?linkid=2132227 for details.
  * @kind problem
  * @problem.severity warning
- * @id cs/dataset-serialization/defining-dataset-related-type
+ * @id githubsecuritylab/cs/dataset-serialization/defining-dataset-related-type
  * @tags security
- *       experimental
  */
 
 import csharp
diff --git a/csharp/src/security/Serialization/DefiningPotentiallyUnsafeXmlSerializer.ql b/csharp/src/security/Serialization/DefiningPotentiallyUnsafeXmlSerializer.ql
@@ -4,9 +4,8 @@
  * @kind problem
  * @problem.severity error
  * @precision medium
- * @id cs/dataset-serialization/defining-potentially-unsafe-xml-serializer
+ * @id githubsecuritylab/cs/dataset-serialization/defining-potentially-unsafe-xml-serializer
  * @tags security
- *       experimental
  */
 
 import csharp
diff --git a/csharp/src/security/Serialization/UnsafeTypeUsedDataContractSerializer.ql b/csharp/src/security/Serialization/UnsafeTypeUsedDataContractSerializer.ql
@@ -4,9 +4,8 @@
  * @kind problem
  * @problem.severity error
  * @precision medium
- * @id cs/dataset-serialization/unsafe-type-used-data-contract-serializer
+ * @id githubsecuritylab/cs/dataset-serialization/unsafe-type-used-data-contract-serializer
  * @tags security
- *       experimental
  */
 
 import csharp
diff --git a/csharp/src/security/Serialization/XmlDeserializationWithDataSet.ql b/csharp/src/security/Serialization/XmlDeserializationWithDataSet.ql
@@ -4,9 +4,8 @@
  * @kind problem
  * @problem.severity error
  * @precision medium
- * @id cs/dataset-serialization/xml-deserialization-with-dataset
+ * @id githubsecuritylab/cs/dataset-serialization/xml-deserialization-with-dataset
  * @tags security
- *       experimental
  */
 
 import csharp
diff --git a/csharp/src/security/backdoor/DangerousNativeFunctionCall.ql b/csharp/src/security/backdoor/DangerousNativeFunctionCall.ql
@@ -4,9 +4,8 @@
  * @kind problem
  * @problem.severity warning
  * @precision low
- * @id cs/backdoor/dangerous-native-functions
+ * @id githubsecuritylab/cs/backdoor/dangerous-native-functions
  * @tags security
- *       experimental
  *       solorigate
  */
 
diff --git a/csharp/src/security/backdoor/PotentialTimeBomb.ql b/csharp/src/security/backdoor/PotentialTimeBomb.ql
@@ -2,11 +2,10 @@
  * @name Potential Timebomb
  * @description If there is data flow from a file's last modification date and an offset to a condition statement, this could trigger a "time bomb".
  * @kind path-problem
- * @precision Low
+ * @precision low
  * @problem.severity warning
- * @id cs/backdoor/potential-time-bomb
+ * @id githubsecuritylab/cs/backdoor/potential-time-bomb
  * @tags security
- *       experimental
  *       solorigate
  */
 
diff --git a/csharp/src/security/backdoor/ProcessNameToHashTaintFlow.ql b/csharp/src/security/backdoor/ProcessNameToHashTaintFlow.ql
@@ -3,11 +3,10 @@
  * @description Flow from a function retrieving process name to a hash function.
  * @kind path-problem
  * @tags security
- *       experimental
  *       solorigate
  * @problem.severity warning
  * @precision medium
- * @id cs/backdoor/process-name-to-hash-function
+ * @id githubsecuritylab/cs/backdoor/process-name-to-hash-function
  */
 
 import csharp
