Skip to content

Commit b498889

Browse files
GeekMasherGeekMasher
committed
fix: Update select statements in Grafana security queries for clarity
1 parent 357aa0e commit b498889

File tree

3 files changed

+3
-3
lines changed

3 files changed

+3
-3
lines changed

ql/src/security/CWE-352/GrafanaCsrfDisabled.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,6 @@ where
2626
security = configs.getSecurity() and
2727
security.hasCsrfAlwaysCheck() and
2828
security.csrfAlwaysCheck() = false
29-
select security,
29+
select security.getCsrfAlwaysCheck(),
3030
"CSRF protection (csrfAlwaysCheck) is explicitly disabled in Grafana configuration, " +
3131
"which can lead to cross-site request forgery attacks."

ql/src/security/Dashboards/GrafanaMissingZoneRedundancy.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,6 @@ where
2424
not props.hasZoneRedundancy() or
2525
props.zoneRedundancy() = "Disabled"
2626
)
27-
select grafana,
27+
select props.getZoneRedundancy(),
2828
"Grafana instance is configured without zone redundancy, which may reduce availability " +
2929
"in case of zone failures."

ql/test/queries-tests/security/Dashboards/GrafanaMissingZoneRedundancy/GrafanaMissingZoneRedundancy.expected

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
| app.bicep:6:1:15:1 | GrafanaResource | Grafana instance is configured without zone redundancy, which may reduce availability in case of zone failures. |
1+
| app.bicep:10:21:10:30 | String | Grafana instance is configured without zone redundancy, which may reduce availability in case of zone failures. |

0 commit comments

Comments
 (0)