Add full stop at the end of each reference

actions/ql/src/Security/CWE-077/EnvPathInjectionCritical.md

@@ -34,4 +34,4 @@ If an attacker can manipulate the value being set, such as through artifact down
 
 ## References
 
-- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions)
+- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions).

actions/ql/src/Security/CWE-077/EnvPathInjectionMedium.md

@@ -34,4 +34,4 @@ If an attacker can manipulate the value being set, such as through artifact down
 
 ## References
 
-- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions)
+- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions).

actions/ql/src/Security/CWE-077/EnvVarInjectionCritical.md

@@ -111,5 +111,5 @@ An attacker is be able to run arbitrary code by injecting environment variables
 
 ## References
 
-- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions)
-- [GitHub Actions Exploitation: Repo Jacking and Environment Manipulation](https://www.synacktiv.com/publications/github-actions-exploitation-repo-jacking-and-environment-manipulation)
+- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions).
+- [GitHub Actions Exploitation: Repo Jacking and Environment Manipulation](https://www.synacktiv.com/publications/github-actions-exploitation-repo-jacking-and-environment-manipulation).

actions/ql/src/Security/CWE-077/EnvVarInjectionMedium.md

@@ -111,5 +111,5 @@ An attacker would be able to run arbitrary code by injecting environment variabl
 
 ## References
 
-- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions)
-- [GitHub Actions Exploitation: Repo Jacking and Environment Manipulation](https://www.synacktiv.com/publications/github-actions-exploitation-repo-jacking-and-environment-manipulation)
+- [Workflow commands for GitHub Actions](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/workflow-commands-for-github-actions).
+- [GitHub Actions Exploitation: Repo Jacking and Environment Manipulation](https://www.synacktiv.com/publications/github-actions-exploitation-repo-jacking-and-environment-manipulation).

actions/ql/src/Security/CWE-1395/UseOfKnownVulnerableAction.md

@@ -8,4 +8,4 @@ Either remove the component from the workflow or upgrade it to a version that is
 
 ## References
 
-- [GitHub Docs: Keeping your actions up to date with Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot)
+- [GitHub Docs: Keeping your actions up to date with Dependabot](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot).

actions/ql/src/Security/CWE-275/MissingActionsPermissions.md

@@ -36,4 +36,4 @@ jobs:
 
 ## References
 
-- [Assigning permissions to jobs](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/assigning-permissions-to-jobs)
+- [Assigning permissions to jobs](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/assigning-permissions-to-jobs).

actions/ql/src/Security/CWE-285/ImproperAccessControl.md

@@ -55,4 +55,4 @@ jobs:
 
 ## References
 
-- [Events that trigger workflows](https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#pull_request_target)
+- [Events that trigger workflows](https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#pull_request_target).

actions/ql/src/Security/CWE-312/ExcessiveSecretsExposure.md

@@ -46,5 +46,5 @@ env:
 
 ## References
 
-- [Using secrets in GitHub Actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#using-encrypted-secrets-in-a-workflow)
-- [Job uses all secrets](https://github.com/boostsecurityio/poutine/blob/main/docs/content/en/rules/job_all_secrets.md)
+- [Using secrets in GitHub Actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#using-encrypted-secrets-in-a-workflow).
+- [Job uses all secrets](https://github.com/boostsecurityio/poutine/blob/main/docs/content/en/rules/job_all_secrets.md).

actions/ql/src/Security/CWE-312/UnmaskedSecretExposure.md

@@ -32,4 +32,4 @@ Avoid defining non-plain secrets. For example, do not define a new secret contai
 
 ## References
 
-- [Using secrets in GitHub Actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#using-encrypted-secrets-in-a-workflow)
+- [Using secrets in GitHub Actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions#using-encrypted-secrets-in-a-workflow).

actions/ql/src/Security/CWE-349/CachePoisoningViaCodeInjection.md

@@ -76,6 +76,6 @@ jobs:
 
 ## References
 
-- [The Monsters in Your Build Cache – GitHub Actions Cache Poisoning](https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/)
-- [GitHub Actions Caching Documentation](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows)
-- [Cache Poisoning in GitHub Actions](https://scribesecurity.com/blog/github-cache-poisoning/)
+- [The Monsters in Your Build Cache – GitHub Actions Cache Poisoning](https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/).
+- [GitHub Actions Caching Documentation](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows).
+- [Cache Poisoning in GitHub Actions](https://scribesecurity.com/blog/github-cache-poisoning/).

actions/ql/src/Security/CWE-349/CachePoisoningViaDirectCache.md

@@ -121,6 +121,6 @@ jobs:
 
 ## References
 
-- [The Monsters in Your Build Cache – GitHub Actions Cache Poisoning](https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/)
-- [GitHub Actions Caching Documentation](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows)
-- [Cache Poisoning in GitHub Actions](https://scribesecurity.com/blog/github-cache-poisoning/)
+- [The Monsters in Your Build Cache – GitHub Actions Cache Poisoning](https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/).
+- [GitHub Actions Caching Documentation](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows).
+- [Cache Poisoning in GitHub Actions](https://scribesecurity.com/blog/github-cache-poisoning/).

actions/ql/src/Security/CWE-349/CachePoisoningViaPoisonableStep.md

@@ -78,6 +78,6 @@ jobs:
 
 ## References
 
-- [The Monsters in Your Build Cache – GitHub Actions Cache Poisoning](https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/)
-- [GitHub Actions Caching Documentation](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows)
-- [Cache Poisoning in GitHub Actions](https://scribesecurity.com/blog/github-cache-poisoning/)
+- [The Monsters in Your Build Cache – GitHub Actions Cache Poisoning](https://adnanthekhan.com/2024/05/06/the-monsters-in-your-build-cache-github-actions-cache-poisoning/).
+- [GitHub Actions Caching Documentation](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows).
+- [Cache Poisoning in GitHub Actions](https://scribesecurity.com/blog/github-cache-poisoning/).

actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUCritical.md

@@ -97,4 +97,4 @@ jobs:
 
 ## References
 
-- [ActionsTOCTOU](https://github.com/AdnaneKhan/ActionsTOCTOU)
+- [ActionsTOCTOU](https://github.com/AdnaneKhan/ActionsTOCTOU).

actions/ql/src/Security/CWE-367/UntrustedCheckoutTOCTOUHigh.md

@@ -97,4 +97,4 @@ jobs:
 
 ## References
 
-- [ActionsTOCTOU](https://github.com/AdnaneKhan/ActionsTOCTOU)
+- [ActionsTOCTOU](https://github.com/AdnaneKhan/ActionsTOCTOU).

actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueCritical.md

@@ -58,4 +58,4 @@ To avoid the vulnerability where an `if` condition always evaluates to `true`, i
 
 ## References
 
-- [Expression Always True Github Issue](https://github.com/actions/runner/issues/1173)
+- [Expression Always True Github Issue](https://github.com/actions/runner/issues/1173).

actions/ql/src/Security/CWE-571/ExpressionIsAlwaysTrueHigh.md

@@ -58,4 +58,4 @@ To avoid the vulnerability where an `if` condition always evaluates to `true`, i
 
 ## References
 
-- [Expression Always True Github Issue](https://github.com/actions/runner/issues/1173)
+- [Expression Always True Github Issue](https://github.com/actions/runner/issues/1173).

actions/ql/src/Security/CWE-829/ArtifactPoisoningCritical.md

@@ -67,4 +67,4 @@ jobs:
 
 ## References
 
-- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
+- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/).

actions/ql/src/Security/CWE-829/ArtifactPoisoningMedium.md

@@ -67,4 +67,4 @@ jobs:
 
 ## References
 
-- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
+- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/).

actions/ql/src/Security/CWE-829/UnpinnedActionsTag.md

@@ -22,4 +22,4 @@ Pinning an action to a full length commit SHA is currently the only way to use a
 
 ## References
 
-- [Using third-party actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)
+- [Using third-party actions](https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#using-third-party-actions).

actions/ql/src/Security/CWE-829/UntrustedCheckoutCritical.md

@@ -132,4 +132,4 @@ jobs:
 
 ## References
 
-- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
+- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/).

actions/ql/src/Security/CWE-829/UntrustedCheckoutHigh.md

@@ -132,4 +132,4 @@ jobs:
 
 ## References
 
-- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
+- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/).

actions/ql/src/Security/CWE-829/UntrustedCheckoutMedium.md

@@ -132,4 +132,4 @@ jobs:
 
 ## References
 
-- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
+- [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/).

actions/ql/src/Violations Of Best Practice/CodeQL/UnnecessaryUseOfAdvancedConfig.md

@@ -8,4 +8,4 @@ If there is no reason to have a custom configuration switch to the CodeQL defaul
 
 ## References
 
-- [GitHub Docs: Configuring Default Setup for a repository](https://docs.github.com/en/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#configuring-default-setup-for-a-repository)
+- [GitHub Docs: Configuring Default Setup for a repository](https://docs.github.com/en/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#configuring-default-setup-for-a-repository).

actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionCritical.md

@@ -33,7 +33,7 @@ An attacker may set the body of an Issue comment to `BAR/g;1e whoami;#` and the
 
 ## References
 
-- [Common Weakness Enumeration: CWE-88](https://cwe.mitre.org/data/definitions/88.html).
-- [Argument Injection Explained](https://sonarsource.github.io/argument-injection-vectors/explained/)
-- [Argument Injection Vectors](https://sonarsource.github.io/argument-injection-vectors/)
-- [GTFOBins](https://gtfobins.github.io/)
+- Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).
+- [Argument Injection Explained](https://sonarsource.github.io/argument-injection-vectors/explained/).
+- [Argument Injection Vectors](https://sonarsource.github.io/argument-injection-vectors/).
+- [GTFOBins](https://gtfobins.github.io/).

actions/ql/src/experimental/Security/CWE-088/ArgumentInjectionMedium.md

@@ -33,7 +33,7 @@ An attacker may set the body of an Issue comment to `BAR|g;1e whoami;#` and the
 
 ## References
 
-- [Common Weakness Enumeration: CWE-88](https://cwe.mitre.org/data/definitions/88.html).
-- [Argument Injection Explained](https://sonarsource.github.io/argument-injection-vectors/explained/)
-- [Argument Injection Vectors](https://sonarsource.github.io/argument-injection-vectors/)
-- [GTFOBins](https://gtfobins.github.io/)
+- Common Weakness Enumeration: [CWE-88](https://cwe.mitre.org/data/definitions/88.html).
+- [Argument Injection Explained](https://sonarsource.github.io/argument-injection-vectors/explained/).
+- [Argument Injection Vectors](https://sonarsource.github.io/argument-injection-vectors/).
+- [GTFOBins](https://gtfobins.github.io/).

actions/ql/src/experimental/Security/CWE-829/UnversionedImmutableAction.md

@@ -23,4 +23,4 @@ For internal users: when using [immutable actions](https://github.com/github/pac
 
 ## References
 
-- [Consuming immutable actions]()
+- [Consuming immutable actions]().

docs/query-help-style-guide.md

@@ -242,8 +242,8 @@ tab width settings cannot be taken into account.
 
 ## References
 
-* Java SE Documentation: [Compound Statements](https://www.oracle.com/java/technologies/javase/codeconventions-statements.html#15395)
-* Wikipedia: [Indentation style](https://en.wikipedia.org/wiki/Indentation_style)
+* Java SE Documentation: [Compound Statements](https://www.oracle.com/java/technologies/javase/codeconventions-statements.html#15395).
+* Wikipedia: [Indentation style](https://en.wikipedia.org/wiki/Indentation_style).
 ````
 
 ### XML example

ruby/ql/src/queries/variables/UninitializedLocal.md

@@ -38,5 +38,5 @@ end
 
 ## References
 
-- https://www.rubyguides.com/: [Nil](https://www.rubyguides.com/2018/01/ruby-nil/)
-- https://ruby-doc.org/: [NoMethodError](https://ruby-doc.org/core-2.6.5/NoMethodError.html)
+- https://www.rubyguides.com/: [Nil](https://www.rubyguides.com/2018/01/ruby-nil/).
+- https://ruby-doc.org/: [NoMethodError](https://ruby-doc.org/core-2.6.5/NoMethodError.html).