Java: remove SpringBootActuators query #123
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR removes the Spring Boot Actuators query by deleting two files that define both test and configuration code for actuator endpoints, aligning the codebase with the updated CodeQL query suite.
- Removed test file for Spring Boot actuator security from java/test/security/CWE-016.
- Removed Spring Boot actuator configuration classes from java/src/security/CWE-016.
Reviewed Changes
Copilot reviewed 2 out of 7 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| java/test/security/CWE-016/SpringBootActuators.java | Removed test code for actuator endpoint security |
| java/src/security/CWE-016/SpringBootActuators.java | Removed actuator security configuration classes |
Files not reviewed (5)
- java/src/security/CWE-016/SpringBootActuators.qhelp: Language not supported
- java/src/security/CWE-016/SpringBootActuators.ql: Language not supported
- java/src/security/CWE-016/SpringBootActuators.qll: Language not supported
- java/test/security/CWE-016/SpringBootActuators.expected: Language not supported
- java/test/security/CWE-016/SpringBootActuators.qlref: Language not supported
Good question. It appears that this guide was merged around the time, where we added the experimental queries in the first place (at that time we didn't make any change notes). My best guess is that we don't need to add a change note (as this part of the documentation is dangling/unfinished). In any case, maybe ask in #codeql-community-packs on slack (the section in Contributing file should either be deleted or extended with the missing parts). |
Description
This PR removes the
githubsecuritylab/java/spring-boot-exposed-actuatorsquery. This query was added to the default code scanning query suite by github/codeql#18793 and released in CodeQL 2.21.0.I will make follow-up PRs to update package dependencies for 2.21.0 (draft PR) and to publish a new release.
Consideration
(cc @michaelnebel)