GitHubSecurityLab
diff --git a/‎csharp/src/audit/CWE-078/CommandInjectionAudit.ql‎
Lines changed: 1 addition & 1 deletion b/‎csharp/src/audit/CWE-078/CommandInjectionAudit.ql‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎csharp/src/audit/CWE-094/CodeInjectionAudit.ql‎
Lines changed: 1 addition & 1 deletion b/‎csharp/src/audit/CWE-094/CodeInjectionAudit.ql‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎csharp/src/audit/CWE-502/UnsafeDeserializationAudit.ql‎
Lines changed: 1 addition & 2 deletions b/‎csharp/src/audit/CWE-502/UnsafeDeserializationAudit.ql‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎csharp/src/audit/CWE-611/UnsafeXMLResolverAudit.ql‎
Lines changed: 1 addition & 2 deletions b/‎csharp/src/audit/CWE-611/UnsafeXMLResolverAudit.ql‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎csharp/src/library_sources/ExternalAPIsUsedWithUntrustedData.ql‎
Lines changed: 1 addition & 1 deletion b/‎csharp/src/library_sources/ExternalAPIsUsedWithUntrustedData.ql‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎csharp/src/security/CWE-328/WeakHashingAlgorithms.ql‎
Lines changed: 1 addition & 1 deletion b/‎csharp/src/security/CWE-328/WeakHashingAlgorithms.ql‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎csharp/src/security/CWE-328/WeakPasswordHashing.ql‎
Lines changed: 1 addition & 1 deletion b/‎csharp/src/security/CWE-328/WeakPasswordHashing.ql‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎csharp/src/security/CWE-328/WeakSensitiveDataHashing.ql‎
Lines changed: 1 addition & 1 deletion b/‎csharp/src/security/CWE-328/WeakSensitiveDataHashing.ql‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎csharp/src/security/CWE-760/HardcodedSalt.ql‎
Lines changed: 1 addition & 1 deletion b/‎csharp/src/security/CWE-760/HardcodedSalt.ql‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎csharp/src/security/CWE-798/HardcodedCredentialsSymmetricSecurityKey.ql‎
Lines changed: 1 addition & 4 deletions b/‎csharp/src/security/CWE-798/HardcodedCredentialsSymmetricSecurityKey.ql‎
Lines changed: 1 addition & 4 deletions
@@ -6,7 +6,7 @@
  * @problem.severity error
  * @security-severity 2.0
  * @precision low
- * @id cs/audit/command-line-injection
+ * @id githubsecuritylab/audit/command-line-injection
  * @tags security
  *       external/cwe/cwe-078
  *       external/cwe/cwe-088
 
@@ -6,7 +6,7 @@
  * @problem.severity warning
  * @security-severity 2.0
  * @precision low
- * @id cs/audit/code-injection
+ * @id githubsecuritylab/audit/code-injection
  * @tags security
  *       external/cwe/cwe-094
  *       external/cwe/cwe-095
 
@@ -3,7 +3,7 @@
  * @description Calling an unsafe deserializer with data controlled by an attacker
  *              can lead to denial of service and other security problems.
  * @kind problem
- * @id cs/audit/unsafe-deserialization
+ * @id githubsecuritylab/audit/unsafe-deserialization
  * @problem.severity warning
  * @security-severity 2.0
  * @precision low
@@ -12,7 +12,6 @@
  *       audit
  */
 
-// https://github.com/advanced-security/codeql-queries/blob/audit-csharp/codeql/csharp/ql/src/Security Features/CWE-502/UnsafeDeserialization.ql
 import csharp
 import semmle.code.csharp.security.dataflow.UnsafeDeserializationQuery
 
 
@@ -6,15 +6,14 @@
  * @problem.severity warning
  * @security-severity 2.0
  * @precision low
- * @id cs/audit/insecure-xml-read
+ * @id githubsecuritylab/audit/insecure-xml-read
  * @tags security
  *       external/cwe/cwe-611
  *       external/cwe/cwe-827
  *       external/cwe/cwe-776
  *       audit
  */
 
-// https://github.com/advanced-security/codeql-queries/blob/c8cfb6a0cc44da3d2baae4b985262a84652f71ee/csharp/ql/src/Security Features/CWE-611/UseXmlSecureResolver.ql#L22s
 import csharp
 import semmle.code.csharp.security.xml.InsecureXMLQuery
 
 
@@ -3,7 +3,7 @@
  * @description This reports the external APIs that are used with untrusted data, along with how
  *              frequently the API is called, and how many unique sources of untrusted data flow
  *              to it.
- * @id cs/count-untrusted-data-external-api
+ * @id githubsecuritylab/count-untrusted-data-external-api
  * @kind table
  * @tags security external/cwe/cwe-20
  */
 
@@ -6,7 +6,7 @@
  * @security-severity 5.0
  * @sub-severity medium
  * @precision medium
- * @id cs/weak-cryptographic-hash-algorithms
+ * @id githubsecuritylab/weak-cryptographic-hash-algorithms
  * @tags security
  *       audit
  *       external/cwe/cwe-328
 
@@ -5,7 +5,7 @@
  * @problem.severity warning
  * @security-severity 7.5
  * @precision high
- * @id csharp/weak-password-hashing
+ * @id githubsecuritylab/weak-password-hashing
  * @tags security
  *       external/cwe/cwe-327
  *       external/cwe/cwe-328
 
@@ -5,7 +5,7 @@
  * @problem.severity warning
  * @security-severity 7.5
  * @precision high
- * @id csharp/weak-sensitive-data-hashing
+ * @id githubsecuritylab/weak-sensitive-data-hashing
  * @tags security
  *       external/cwe/cwe-327
  *       external/cwe/cwe-328
 
@@ -5,7 +5,7 @@
  * @problem.severity error
  * @security-severity 6.1
  * @precision medium
- * @id cs/hardcoded-salt
+ * @id githubsecuritylab/hardcoded-salt
  * @tags security
  *       external/cwe/cwe-760
  */
 
@@ -5,20 +5,17 @@
  * @problem.severity error
  * @security-severity 9.8
  * @precision high
- * @id cs/hardcoded-credentials-symmetricsecuritykey
+ * @id githubsecuritylab/hardcoded-credentials-symmetricsecuritykey
  * @tags security
  *       external/cwe/cwe-259
  *       external/cwe/cwe-321
  *       external/cwe/cwe-798
  */
 
 import csharp
-
 private import DataFlow::PathGraph
-
 private import github.HardcodedCredentials
 
-
 from DataFlow::PathNode source, DataFlow::PathNode sink, LiteralToSecurityKeyConfig config
 where config.hasFlowPath(source, sink)
 select source, sink, source, "Hard-coded credential $@ used as SymmetricSecurityKey $@",