Skip to content

Commit 08261c7

Browse files
GeekMasherGeekMasher
committed
feat: Add coverage data and README update
1 parent 683f853 commit 08261c7

File tree

2 files changed

+399
-0
lines changed

2 files changed

+399
-0
lines changed

.coverage.json

Lines changed: 353 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,353 @@
1+
{
2+
"queries": [
3+
{
4+
"path": "ql/src/security/CWE-200/PublicResource.ql",
5+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-200/PublicResource.ql",
6+
"name": "PublicResource",
7+
"category": "security",
8+
"cwe": "CWE-200",
9+
"covered": false,
10+
"test_files": []
11+
},
12+
{
13+
"path": "ql/src/security/CWE-200/GrafanaExternalSnapshotsEnabled.ql",
14+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-200/GrafanaExternalSnapshotsEnabled.ql",
15+
"name": "GrafanaExternalSnapshotsEnabled",
16+
"category": "security",
17+
"cwe": "CWE-200",
18+
"covered": false,
19+
"test_files": []
20+
},
21+
{
22+
"path": "ql/src/security/CWE-284/DatabasePublicNetworkAccess.ql",
23+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-284/DatabasePublicNetworkAccess.ql",
24+
"name": "DatabasePublicNetworkAccess",
25+
"category": "security",
26+
"cwe": "CWE-284",
27+
"covered": false,
28+
"test_files": []
29+
},
30+
{
31+
"path": "ql/src/security/CWE-284/RedisCachePublicNetwork.ql",
32+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-284/RedisCachePublicNetwork.ql",
33+
"name": "RedisCachePublicNetwork",
34+
"category": "security",
35+
"cwe": "CWE-284",
36+
"covered": false,
37+
"test_files": []
38+
},
39+
{
40+
"path": "ql/src/security/CWE-306/RedisCacheNoAuth.ql",
41+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-306/RedisCacheNoAuth.ql",
42+
"name": "RedisCacheNoAuth",
43+
"category": "security",
44+
"cwe": "CWE-306",
45+
"covered": false,
46+
"test_files": []
47+
},
48+
{
49+
"path": "ql/src/security/CWE-306/GrafanaApiKeyEnabled.ql",
50+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-306/GrafanaApiKeyEnabled.ql",
51+
"name": "GrafanaApiKeyEnabled",
52+
"category": "security",
53+
"cwe": "CWE-306",
54+
"covered": false,
55+
"test_files": []
56+
},
57+
{
58+
"path": "ql/src/security/CWE-319/GrafanaInsecureStartTLSPolicy.ql",
59+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-319/GrafanaInsecureStartTLSPolicy.ql",
60+
"name": "GrafanaInsecureStartTLSPolicy",
61+
"category": "security",
62+
"cwe": "CWE-319",
63+
"covered": false,
64+
"test_files": []
65+
},
66+
{
67+
"path": "ql/src/security/CWE-319/DatabaseSslNotEnforced.ql",
68+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-319/DatabaseSslNotEnforced.ql",
69+
"name": "DatabaseSslNotEnforced",
70+
"category": "security",
71+
"cwe": "CWE-319",
72+
"covered": false,
73+
"test_files": []
74+
},
75+
{
76+
"path": "ql/src/security/CWE-319/SslEnforement.ql",
77+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-319/SslEnforement.ql",
78+
"name": "SslEnforement",
79+
"category": "security",
80+
"cwe": "CWE-319",
81+
"covered": false,
82+
"test_files": []
83+
},
84+
{
85+
"path": "ql/src/security/CWE-319/RedisCacheNonSslPort.ql",
86+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-319/RedisCacheNonSslPort.ql",
87+
"name": "RedisCacheNonSslPort",
88+
"category": "security",
89+
"cwe": "CWE-319",
90+
"covered": false,
91+
"test_files": []
92+
},
93+
{
94+
"path": "ql/src/security/CWE-352/GrafanaCsrfDisabled.ql",
95+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-352/GrafanaCsrfDisabled.ql",
96+
"name": "GrafanaCsrfDisabled",
97+
"category": "security",
98+
"cwe": "CWE-352",
99+
"covered": false,
100+
"test_files": []
101+
},
102+
{
103+
"path": "ql/src/security/CWE-327/DatabaseWeakTlsVersion.ql",
104+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-327/DatabaseWeakTlsVersion.ql",
105+
"name": "DatabaseWeakTlsVersion",
106+
"category": "security",
107+
"cwe": "CWE-327",
108+
"covered": false,
109+
"test_files": []
110+
},
111+
{
112+
"path": "ql/src/security/CWE-327/WeakTlsVersion.ql",
113+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-327/WeakTlsVersion.ql",
114+
"name": "WeakTlsVersion",
115+
"category": "security",
116+
"cwe": "CWE-327",
117+
"covered": false,
118+
"test_files": []
119+
},
120+
{
121+
"path": "ql/src/security/CWE-327/TlsDisabled.ql",
122+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-327/TlsDisabled.ql",
123+
"name": "TlsDisabled",
124+
"category": "security",
125+
"cwe": "CWE-327",
126+
"covered": false,
127+
"test_files": []
128+
},
129+
{
130+
"path": "ql/src/security/AKS/AKSPublicApi.ql",
131+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/AKS/AKSPublicApi.ql",
132+
"name": "AKSPublicApi",
133+
"category": "security",
134+
"cwe": "",
135+
"covered": false,
136+
"test_files": []
137+
},
138+
{
139+
"path": "ql/src/security/AKS/AKSKubeDashboardEnabled.ql",
140+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/AKS/AKSKubeDashboardEnabled.ql",
141+
"name": "AKSKubeDashboardEnabled",
142+
"category": "security",
143+
"cwe": "",
144+
"covered": false,
145+
"test_files": []
146+
},
147+
{
148+
"path": "ql/src/security/AKS/AKSPrivateApiEnabled.ql",
149+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/AKS/AKSPrivateApiEnabled.ql",
150+
"name": "AKSPrivateApiEnabled",
151+
"category": "security",
152+
"cwe": "",
153+
"covered": false,
154+
"test_files": []
155+
},
156+
{
157+
"path": "ql/src/security/Dashboards/GrafanaMissingZoneRedundancy.ql",
158+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/Dashboards/GrafanaMissingZoneRedundancy.ql",
159+
"name": "GrafanaMissingZoneRedundancy",
160+
"category": "security",
161+
"cwe": "",
162+
"covered": false,
163+
"test_files": []
164+
},
165+
{
166+
"path": "ql/src/security/Storage/SupportHttpTraffic.ql",
167+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/Storage/SupportHttpTraffic.ql",
168+
"name": "SupportHttpTraffic",
169+
"category": "security",
170+
"cwe": "",
171+
"covered": false,
172+
"test_files": []
173+
},
174+
{
175+
"path": "ql/src/security/Storage/PublicAccess.ql",
176+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/Storage/PublicAccess.ql",
177+
"name": "PublicAccess",
178+
"category": "security",
179+
"cwe": "",
180+
"covered": false,
181+
"test_files": []
182+
},
183+
{
184+
"path": "ql/src/security/CWE-272/GrafanaExcessiveEditorPermissions.ql",
185+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-272/GrafanaExcessiveEditorPermissions.ql",
186+
"name": "GrafanaExcessiveEditorPermissions",
187+
"category": "security",
188+
"cwe": "CWE-272",
189+
"covered": false,
190+
"test_files": []
191+
},
192+
{
193+
"path": "ql/src/security/CWE-272/GrafanaExcessiveViewerPermissions.ql",
194+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-272/GrafanaExcessiveViewerPermissions.ql",
195+
"name": "GrafanaExcessiveViewerPermissions",
196+
"category": "security",
197+
"cwe": "CWE-272",
198+
"covered": false,
199+
"test_files": []
200+
},
201+
{
202+
"path": "ql/src/security/CWE-311/DatabaseNoInfrastructureEncryption.ql",
203+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-311/DatabaseNoInfrastructureEncryption.ql",
204+
"name": "DatabaseNoInfrastructureEncryption",
205+
"category": "security",
206+
"cwe": "CWE-311",
207+
"covered": false,
208+
"test_files": []
209+
},
210+
{
211+
"path": "ql/src/security/CWE-400/RedisCacheUnsafeMemoryPolicy.ql",
212+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-400/RedisCacheUnsafeMemoryPolicy.ql",
213+
"name": "RedisCacheUnsafeMemoryPolicy",
214+
"category": "security",
215+
"cwe": "CWE-400",
216+
"covered": false,
217+
"test_files": []
218+
},
219+
{
220+
"path": "ql/src/security/CWE-942/InsecureCorsAllHeaders.ql",
221+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-942/InsecureCorsAllHeaders.ql",
222+
"name": "InsecureCorsAllHeaders",
223+
"category": "security",
224+
"cwe": "CWE-942",
225+
"covered": false,
226+
"test_files": []
227+
},
228+
{
229+
"path": "ql/src/security/CWE-942/InsecureCorsAllowCredentialsWildcard.ql",
230+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-942/InsecureCorsAllowCredentialsWildcard.ql",
231+
"name": "InsecureCorsAllowCredentialsWildcard",
232+
"category": "security",
233+
"cwe": "CWE-942",
234+
"covered": false,
235+
"test_files": []
236+
},
237+
{
238+
"path": "ql/src/security/CWE-942/InsecureCorsWildcardOrigin.ql",
239+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-942/InsecureCorsWildcardOrigin.ql",
240+
"name": "InsecureCorsWildcardOrigin",
241+
"category": "security",
242+
"cwe": "CWE-942",
243+
"covered": false,
244+
"test_files": []
245+
},
246+
{
247+
"path": "ql/src/security/CWE-942/InsecureCorsAllMethods.ql",
248+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-942/InsecureCorsAllMethods.ql",
249+
"name": "InsecureCorsAllMethods",
250+
"category": "security",
251+
"cwe": "CWE-942",
252+
"covered": false,
253+
"test_files": []
254+
},
255+
{
256+
"path": "ql/src/security/CWE-693/RedisCacheNoBackup.ql",
257+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-693/RedisCacheNoBackup.ql",
258+
"name": "RedisCacheNoBackup",
259+
"category": "security",
260+
"cwe": "CWE-693",
261+
"covered": false,
262+
"test_files": []
263+
},
264+
{
265+
"path": "ql/src/security/CWE-295/GrafanaSmtpSslVerificationDisabled.ql",
266+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-295/GrafanaSmtpSslVerificationDisabled.ql",
267+
"name": "GrafanaSmtpSslVerificationDisabled",
268+
"category": "security",
269+
"cwe": "CWE-295",
270+
"covered": false,
271+
"test_files": []
272+
},
273+
{
274+
"path": "ql/src/security/CWE-798/RedisCacheNoAAD.ql",
275+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-798/RedisCacheNoAAD.ql",
276+
"name": "RedisCacheNoAAD",
277+
"category": "security",
278+
"cwe": "CWE-798",
279+
"covered": false,
280+
"test_files": []
281+
},
282+
{
283+
"path": "ql/src/security/CWE-798/HardcodedSmtpCredentials.ql",
284+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-798/HardcodedSmtpCredentials.ql",
285+
"name": "HardcodedSmtpCredentials",
286+
"category": "security",
287+
"cwe": "CWE-798",
288+
"covered": false,
289+
"test_files": []
290+
},
291+
{
292+
"path": "ql/src/security/CWE-404/CosmosDBNoBackupPolicy.ql",
293+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-404/CosmosDBNoBackupPolicy.ql",
294+
"name": "CosmosDBNoBackupPolicy",
295+
"category": "security",
296+
"cwe": "CWE-404",
297+
"covered": false,
298+
"test_files": []
299+
},
300+
{
301+
"path": "ql/src/security/CWE-404/DatabaseNoGeoRedundantBackup.ql",
302+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/security/CWE-404/DatabaseNoGeoRedundantBackup.ql",
303+
"name": "DatabaseNoGeoRedundantBackup",
304+
"category": "security",
305+
"cwe": "CWE-404",
306+
"covered": false,
307+
"test_files": []
308+
},
309+
{
310+
"path": "ql/src/diagnostics/ExtractionErrors.ql",
311+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/diagnostics/ExtractionErrors.ql",
312+
"name": "ExtractionErrors",
313+
"category": "diagnostics",
314+
"cwe": "",
315+
"covered": false,
316+
"test_files": []
317+
},
318+
{
319+
"path": "ql/src/diagnostics/SuccessfullyExtractedFiles.ql",
320+
"absolute_path": "/home/geekmasher/development/github/codeql-extractor-bicep/ql/src/diagnostics/SuccessfullyExtractedFiles.ql",
321+
"name": "SuccessfullyExtractedFiles",
322+
"category": "diagnostics",
323+
"cwe": "",
324+
"covered": false,
325+
"test_files": []
326+
}
327+
],
328+
"metadata": {
329+
"total_queries": 36,
330+
"covered_queries": 0,
331+
"categories": [
332+
"diagnostics",
333+
"security"
334+
],
335+
"cwes": [
336+
"CWE-200",
337+
"CWE-306",
338+
"CWE-311",
339+
"CWE-942",
340+
"CWE-400",
341+
"CWE-319",
342+
"CWE-693",
343+
"CWE-327",
344+
"CWE-284",
345+
"CWE-295",
346+
"CWE-404",
347+
"CWE-352",
348+
"CWE-798",
349+
"CWE-272"
350+
],
351+
"coverage_percentage": 0.0
352+
}
353+
}

0 commit comments

Comments
 (0)