Consultas swift para el análisis de CodeQL

Explore las consultas que CodeQL usa para analizar el código escrito en Swift al seleccionar default o el conjunto de consultas security-extended.

¿Quién puede utilizar esta característica?

CodeQL está disponible para los siguientes tipos de repositorios:

CodeQL includes many queries for analyzing Swift code. All queries in the default query suite are run by default. If you choose to use the security-extended query suite, additional queries are run. For more information, see CodeQL query suites.

Built-in queries for Swift analysis

This table lists the queries available with the latest release of the CodeQL action and CodeQL CLI. For more information, see CodeQL change logs in the CodeQL documentation site.

Query nameRelated CWEsDefaultExtendedCopilot Autofix
Bad HTML filtering regexp116, 020, 185, 186
Cleartext logging of sensitive information312, 359, 532
Cleartext storage of sensitive information in a local database312
Cleartext storage of sensitive information in an application preference store312
Cleartext transmission of sensitive information319
Database query built from user-controlled sources089
Encryption using ECB327
Incomplete regular expression for hostnames020
Inefficient regular expression1333, 730, 400
Insecure TLS configuration757
Insufficient hash iterations916
Missing regular expression anchor020
Predicate built from user-controlled sources943
Regular expression injection730, 400
Resolving XML external entity in user-controlled data611, 776, 827
Static initialization vector for encryption329, 1204
String length conflation135
System command built from user-controlled sources078, 088
Uncontrolled data used in path expression022, 023, 036, 073, 099
Uncontrolled format string134
Unsafe WebView fetch079, 095, 749
Use of a broken or weak cryptographic hashing algorithm on sensitive data327, 328
Use of an inappropriate cryptographic hashing algorithm on passwords327, 328, 916
Use of constant salts760
JavaScript Injection094, 095, 749