hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-01 16:56:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update ql/src/Security/CWE-829/UnpinnedActionsTag.ql

Browse Source 
Co-authored-by: Alvaro Muñoz <pwntester@github.com>
This commit is contained in:
Kylie Stradley
2024-11-04 11:30:29 -05:00
committed by GitHub
parent 40ec9d623d
commit 5bf02e73ea
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ql/src/Security/CWE-829/UnpinnedActionsTag.ql
View File

@@ -18,7 +18,7 @@ private predicate isPinnedCommit(string version) { version.regexpMatch("^[A-Fa-f
bindingset[repo]
private predicate isTrustedOrg(string repo) {
exists(string org | org in ["actions", "github", "advanced-security"] | repo.matches(org + "/%"))
repo.matches(["actions", "github", "advanced-security"] + "/%"))
}
from UsesStep uses, string repo, string version, Workflow workflow, string name