github
diff --git a/‎change-notes/2020-08-18-oauth2.md
Lines changed: 2 additions & 0 deletions b/‎change-notes/2020-08-18-oauth2.md
Lines changed: 2 additions & 0 deletions
diff --git a/‎ql/src/experimental/CWE-352/ConstantOauth2State.qhelp renamed to ‎ql/src/Security/CWE-352/ConstantOauth2State.qhelp b/‎ql/src/experimental/CWE-352/ConstantOauth2State.qhelp renamed to ‎ql/src/Security/CWE-352/ConstantOauth2State.qhelp
diff --git a/‎ql/src/experimental/CWE-352/ConstantOauth2State.ql renamed to ‎ql/src/Security/CWE-352/ConstantOauth2State.ql b/‎ql/src/experimental/CWE-352/ConstantOauth2State.ql renamed to ‎ql/src/Security/CWE-352/ConstantOauth2State.ql
diff --git a/‎ql/src/experimental/CWE-352/ConstantOauth2StateBad.go renamed to ‎ql/src/Security/CWE-352/ConstantOauth2StateBad.go b/‎ql/src/experimental/CWE-352/ConstantOauth2StateBad.go renamed to ‎ql/src/Security/CWE-352/ConstantOauth2StateBad.go
diff --git a/‎ql/src/experimental/CWE-352/ConstantOauth2StateBetter.go renamed to ‎ql/src/Security/CWE-352/ConstantOauth2StateBetter.go b/‎ql/src/experimental/CWE-352/ConstantOauth2StateBetter.go renamed to ‎ql/src/Security/CWE-352/ConstantOauth2StateBetter.go
diff --git a/‎ql/test/experimental/CWE-352/ConstantOauth2State.qlref
Lines changed: 0 additions & 1 deletion b/‎ql/test/experimental/CWE-352/ConstantOauth2State.qlref
Lines changed: 0 additions & 1 deletion
diff --git a/‎ql/test/experimental/CWE-352/ConstantOauth2State.expected renamed to ‎ql/test/query-tests/Security/CWE-352/ConstantOauth2State.expected b/‎ql/test/experimental/CWE-352/ConstantOauth2State.expected renamed to ‎ql/test/query-tests/Security/CWE-352/ConstantOauth2State.expected
diff --git a/‎ql/test/experimental/CWE-352/ConstantOauth2State.go renamed to ‎ql/test/query-tests/Security/CWE-352/ConstantOauth2State.go b/‎ql/test/experimental/CWE-352/ConstantOauth2State.go renamed to ‎ql/test/query-tests/Security/CWE-352/ConstantOauth2State.go
diff --git a/‎ql/test/query-tests/Security/CWE-352/ConstantOauth2State.qlref
Lines changed: 1 addition & 0 deletions b/‎ql/test/query-tests/Security/CWE-352/ConstantOauth2State.qlref
Lines changed: 1 addition & 0 deletions
diff --git a/‎ql/test/experimental/CWE-352/go.mod renamed to ‎ql/test/query-tests/Security/CWE-352/go.mod b/‎ql/test/experimental/CWE-352/go.mod renamed to ‎ql/test/query-tests/Security/CWE-352/go.mod
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* The query "Use of constant `state` value in OAuth 2.0 URL" (`go/constant-oauth2-state`) has been promoted from experimental status. This checks for use of a constant state value in generating an OAuth2 redirect URL, which may open the way for a CSRF attack.
@@ -0,0 +1 @@
+Security/CWE-352/ConstantOauth2State.ql
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+lgtm,codescanning`
	`2`	+* The query "Use of constant `state` value in OAuth 2.0 URL" (`go/constant-oauth2-state`) has been promoted from experimental status. This checks for use of a constant state value in generating an OAuth2 redirect URL, which may open the way for a CSRF attack.
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Security/CWE-352/ConstantOauth2State.ql`