diff --git a/ql/lib/ext/generated/reusable-workflows/0xpolygon_polygon-edge.model.yml b/ql/lib/ext/generated/reusable-workflows/0xpolygon_polygon-edge.model.yml new file mode 100644 index 00000000000..2e8a6683a57 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/0xpolygon_polygon-edge.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["0xpolygon/polygon-edge/.github/workflows/loadtest.yml", "*", "inputs.scenario", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/8vim_8vim.model.yml b/ql/lib/ext/generated/reusable-workflows/8vim_8vim.model.yml new file mode 100644 index 00000000000..55533f12312 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/8vim_8vim.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["8vim/8vim/.github/workflows/publish.yaml", "*", "inputs.version_code", "code-injection", "generated"] + - ["8vim/8vim/.github/workflows/publish.yaml", "*", "inputs.version_name", "code-injection", "generated"] + - ["8vim/8vim/.github/workflows/bump-version.yaml", "*", "inputs.message", "code-injection", "generated"] + - ["8vim/8vim/.github/workflows/build.yaml", "*", "inputs.target", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/actions_reusable-workflows.model.yml b/ql/lib/ext/generated/reusable-workflows/actions_reusable-workflows.model.yml new file mode 100644 index 00000000000..a14d41a15b9 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/actions_reusable-workflows.model.yml @@ -0,0 +1,11 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["actions/reusable-workflows/.github/workflows/update-config-files.yml", "*", "inputs.base-pr-branch", "code-injection", "generated"] + - ["actions/reusable-workflows/.github/workflows/update-config-files.yml", "*", "inputs.head-pr-branch", "code-injection", "generated"] + - ["actions/reusable-workflows/.github/workflows/update-config-files.yml", "*", "inputs.reference-files", "code-injection", "generated"] + - ["actions/reusable-workflows/.github/workflows/update-config-files.yml", "*", "inputs.target-folder", "code-injection", "generated"] + - ["actions/reusable-workflows/.github/workflows/codeql-analysis.yml", "*", "inputs.build-command", "code-injection", "generated"] + - ["actions/reusable-workflows/.github/workflows/check-dist.yml", "*", "inputs.dist-path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/adap_flower.model.yml b/ql/lib/ext/generated/reusable-workflows/adap_flower.model.yml new file mode 100644 index 00000000000..0888318ad93 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/adap_flower.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["adap/flower/.github/workflows/_docker-build.yml", "*", "inputs.namespace-repository", "code-injection", "generated"] + - ["adap/flower/.github/workflows/_docker-build.yml", "*", "inputs.file-dir", "code-injection", "generated"] + - ["adap/flower/.github/workflows/_docker-build.yml", "*", "inputs.build-args", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/aio-libs_multidict.model.yml b/ql/lib/ext/generated/reusable-workflows/aio-libs_multidict.model.yml new file mode 100644 index 00000000000..6ea6dcdab70 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/aio-libs_multidict.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["aio-libs/multidict/.github/workflows/reusable-build-wheel.yml", "*", "inputs.wheel-tags-to-skip", "code-injection", "generated"] + - ["aio-libs/multidict/.github/workflows/reusable-build-wheel.yml", "*", "inputs.qemu", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/aio-libs_yarl.model.yml b/ql/lib/ext/generated/reusable-workflows/aio-libs_yarl.model.yml new file mode 100644 index 00000000000..2c18a166cc1 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/aio-libs_yarl.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["aio-libs/yarl/.github/workflows/reusable-build-wheel.yml", "*", "inputs.wheel-tags-to-skip", "code-injection", "generated"] + - ["aio-libs/yarl/.github/workflows/reusable-build-wheel.yml", "*", "inputs.qemu", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/airbytehq_airbyte.model.yml b/ql/lib/ext/generated/reusable-workflows/airbytehq_airbyte.model.yml new file mode 100644 index 00000000000..f065947dbdc --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/airbytehq_airbyte.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["airbytehq/airbyte/.github/workflows/connector-performance-command.yml", "*", "inputs.connector", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/alphagov_collections.model.yml b/ql/lib/ext/generated/reusable-workflows/alphagov_collections.model.yml new file mode 100644 index 00000000000..438525e77e2 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/alphagov_collections.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["alphagov/collections/.github/workflows/pact-verify.yml", "*", "inputs.pact_artifact_file_to_verify", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/alphagov_frontend.model.yml b/ql/lib/ext/generated/reusable-workflows/alphagov_frontend.model.yml new file mode 100644 index 00000000000..ca3111ad03a --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/alphagov_frontend.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["alphagov/frontend/.github/workflows/pact-verify.yml", "*", "inputs.pact_artifact_file_to_verify", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/alphagov_publishing-api.model.yml b/ql/lib/ext/generated/reusable-workflows/alphagov_publishing-api.model.yml new file mode 100644 index 00000000000..1e09e05e8b6 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/alphagov_publishing-api.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["alphagov/publishing-api/.github/workflows/pact-verify.yml", "*", "inputs.pact_artifact_file_to_verify", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/apache_druid.model.yml b/ql/lib/ext/generated/reusable-workflows/apache_druid.model.yml new file mode 100644 index 00000000000..ad061ca714d --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/apache_druid.model.yml @@ -0,0 +1,15 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["apache/druid/.github/workflows/reusable-unit-tests.yml", "*", "inputs.module", "code-injection", "generated"] + - ["apache/druid/.github/workflows/reusable-unit-tests.yml", "*", "inputs.jdk", "code-injection", "generated"] + - ["apache/druid/.github/workflows/reusable-unit-tests.yml", "*", "inputs.sql_compatibility", "code-injection", "generated"] + - ["apache/druid/.github/workflows/reusable-standard-its.yml", "*", "inputs.override_config_path", "code-injection", "generated"] + - ["apache/druid/.github/workflows/reusable-standard-its.yml", "*", "inputs.testing_groups", "code-injection", "generated"] + - ["apache/druid/.github/workflows/reusable-standard-its.yml", "*", "inputs.use_indexer", "code-injection", "generated"] + - ["apache/druid/.github/workflows/reusable-standard-its.yml", "*", "inputs.runtime_jdk", "code-injection", "generated"] + - ["apache/druid/.github/workflows/reusable-revised-its.yml", "*", "inputs.it", "code-injection", "generated"] + - ["apache/druid/.github/workflows/reusable-revised-its.yml", "*", "inputs.script", "code-injection", "generated"] + - ["apache/druid/.github/workflows/reusable-revised-its.yml", "*", "inputs.build_jdk", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/apache_flink.model.yml b/ql/lib/ext/generated/reusable-workflows/apache_flink.model.yml new file mode 100644 index 00000000000..3a721a0f2cf --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/apache_flink.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["apache/flink/.github/workflows/template.flink-ci.yml", "*", "inputs.environment", "code-injection", "generated"] + - ["apache/flink/.github/workflows/template.flink-ci.yml", "*", "inputs.workflow-caller-id", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/apache_spark.model.yml b/ql/lib/ext/generated/reusable-workflows/apache_spark.model.yml new file mode 100644 index 00000000000..bdabbb9ab60 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/apache_spark.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["apache/spark/.github/workflows/build_and_test.yml", "*", "inputs.branch", "code-injection", "generated"] + - ["apache/spark/.github/workflows/build_and_test.yml", "*", "inputs.jobs", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/argilla-io_argilla.model.yml b/ql/lib/ext/generated/reusable-workflows/argilla-io_argilla.model.yml new file mode 100644 index 00000000000..6d8438462a8 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/argilla-io_argilla.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["argilla-io/argilla/.github/workflows/run-python-tests.yml", "*", "inputs.pytestArgs", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/argoproj_argo-cd.model.yml b/ql/lib/ext/generated/reusable-workflows/argoproj_argo-cd.model.yml new file mode 100644 index 00000000000..6d7bf7af0c2 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/argoproj_argo-cd.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["argoproj/argo-cd/.github/workflows/image-reuse.yaml", "*", "inputs.docker_image_name", "code-injection", "generated"] + - ["argoproj/argo-cd/.github/workflows/image-reuse.yaml", "*", "inputs.ghcr_image_name", "code-injection", "generated"] + - ["argoproj/argo-cd/.github/workflows/image-reuse.yaml", "*", "inputs.quay_image_name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/argoproj_argo-rollouts.model.yml b/ql/lib/ext/generated/reusable-workflows/argoproj_argo-rollouts.model.yml new file mode 100644 index 00000000000..b3b198fbf65 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/argoproj_argo-rollouts.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["argoproj/argo-rollouts/.github/workflows/image-reuse.yaml", "*", "inputs.docker_image_name", "code-injection", "generated"] + - ["argoproj/argo-rollouts/.github/workflows/image-reuse.yaml", "*", "inputs.ghcr_image_name", "code-injection", "generated"] + - ["argoproj/argo-rollouts/.github/workflows/image-reuse.yaml", "*", "inputs.quay_image_name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/aws-amplify_amplify-ui.model.yml b/ql/lib/ext/generated/reusable-workflows/aws-amplify_amplify-ui.model.yml new file mode 100644 index 00000000000..9c3ae9bf194 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/aws-amplify_amplify-ui.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["aws-amplify/amplify-ui/.github/workflows/reusable-tagged-publish.yml", "*", "inputs.dist-tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/azure_apiops.model.yml b/ql/lib/ext/generated/reusable-workflows/azure_apiops.model.yml new file mode 100644 index 00000000000..68a85006c6c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/azure_apiops.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["azure/apiops/tools/github_workflows/run-publisher-with-env.yaml", "*", "inputs.API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/azure_mlops-templates.model.yml b/ql/lib/ext/generated/reusable-workflows/azure_mlops-templates.model.yml new file mode 100644 index 00000000000..ee336ee076c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/azure_mlops-templates.model.yml @@ -0,0 +1,13 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["azure/mlops-templates/.github/workflows/tf-gha-install-terraform.yml", "*", "inputs.terraform_workingdir", "code-injection", "generated"] + - ["azure/mlops-templates/.github/workflows/run-pipeline.yml", "*", "inputs.parameters-file", "code-injection", "generated"] + - ["azure/mlops-templates/.github/workflows/run-pipeline.yml", "*", "inputs.workspace_name", "code-injection", "generated"] + - ["azure/mlops-templates/.github/workflows/run-pipeline.yml", "*", "inputs.resource_group", "code-injection", "generated"] + - ["azure/mlops-templates/.github/workflows/register-environment.yml", "*", "inputs.dockerfile-location", "code-injection", "generated"] + - ["azure/mlops-templates/.github/workflows/register-environment.yml", "*", "inputs.environment_file", "code-injection", "generated"] + - ["azure/mlops-templates/.github/workflows/register-environment.yml", "*", "inputs.workspace_name", "code-injection", "generated"] + - ["azure/mlops-templates/.github/workflows/register-environment.yml", "*", "inputs.resource_group", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/bbq-beets_avocaddo-cmw.model.yml b/ql/lib/ext/generated/reusable-workflows/bbq-beets_avocaddo-cmw.model.yml new file mode 100644 index 00000000000..3d3f727923a --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/bbq-beets_avocaddo-cmw.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["bbq-beets/avocaddo-cmw/.github/workflows/mobile-ci-cd.yml", "*", "inputs.git-user-email", "code-injection", "generated"] + - ["bbq-beets/avocaddo-cmw/.github/workflows/mobile-ci-cd.yml", "*", "inputs.git-user-name", "code-injection", "generated"] + - ["bbq-beets/avocaddo-cmw/.github/workflows/mobile-ci-cd.yml", "*", "inputs.track", "code-injection", "generated"] + - ["bbq-beets/avocaddo-cmw/.github/workflows/mobile-ci-cd.yml", "*", "inputs.package-name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/bbq-beets_mobile-ci-cd.model.yml b/ql/lib/ext/generated/reusable-workflows/bbq-beets_mobile-ci-cd.model.yml new file mode 100644 index 00000000000..f18d1e4c50a --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/bbq-beets_mobile-ci-cd.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["bbq-beets/mobile-ci-cd/.github/workflows/mobile-ci-cd.yml", "*", "inputs.git-user-email", "code-injection", "generated"] + - ["bbq-beets/mobile-ci-cd/.github/workflows/mobile-ci-cd.yml", "*", "inputs.git-user-name", "code-injection", "generated"] + - ["bbq-beets/mobile-ci-cd/.github/workflows/mobile-ci-cd.yml", "*", "inputs.track", "code-injection", "generated"] + - ["bbq-beets/mobile-ci-cd/.github/workflows/mobile-ci-cd.yml", "*", "inputs.package-name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/bbq-beets_yujincat-action.model.yml b/ql/lib/ext/generated/reusable-workflows/bbq-beets_yujincat-action.model.yml new file mode 100644 index 00000000000..21db2585a5e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/bbq-beets_yujincat-action.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["bbq-beets/yujincat-action/.github/workflows/test-referInputs.yml", "*", "inputs.shell", "code-injection", "generated"] + - ["bbq-beets/yujincat-action/.github/workflows/test-referInputs.yml", "*", "inputs.environment", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/bdunderscore_modular-avatar.model.yml b/ql/lib/ext/generated/reusable-workflows/bdunderscore_modular-avatar.model.yml new file mode 100644 index 00000000000..3f263608c21 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/bdunderscore_modular-avatar.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["bdunderscore/modular-avatar/.github/workflows/build-test-docs.yml", "*", "inputs.path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/benc-uk_workflow-dispatch.model.yml b/ql/lib/ext/generated/reusable-workflows/benc-uk_workflow-dispatch.model.yml new file mode 100644 index 00000000000..017d0bc89f5 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/benc-uk_workflow-dispatch.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["benc-uk/workflow-dispatch/.github/workflows/echo-3.yaml", "*", "inputs.message", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/bridgecrewio_checkov.model.yml b/ql/lib/ext/generated/reusable-workflows/bridgecrewio_checkov.model.yml new file mode 100644 index 00000000000..1a38d6b35ad --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/bridgecrewio_checkov.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["bridgecrewio/checkov/tests/github_actions/resources/.github/workflows/docker-slsa.yaml", "*", "inputs.REGISTRY", "code-injection", "generated"] + - ["bridgecrewio/checkov/tests/github_actions/resources/.github/workflows/docker-slsa.yaml", "*", "inputs.IMAGE_NAME", "code-injection", "generated"] + - ["bridgecrewio/checkov/tests/github_actions/resources/.github/workflows/docker-slsa.yaml", "*", "inputs.IMAGE_TAG", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/bugsnag_bugsnag-ruby.model.yml b/ql/lib/ext/generated/reusable-workflows/bugsnag_bugsnag-ruby.model.yml new file mode 100644 index 00000000000..339d7b1dd0a --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/bugsnag_bugsnag-ruby.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["bugsnag/bugsnag-ruby/.github/workflows/run-maze-runner.yml", "*", "inputs.features", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/bytecodealliance_wasm-micro-runtime.model.yml b/ql/lib/ext/generated/reusable-workflows/bytecodealliance_wasm-micro-runtime.model.yml new file mode 100644 index 00000000000..ff0f83454c2 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/bytecodealliance_wasm-micro-runtime.model.yml @@ -0,0 +1,22 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/reuse_latest_release_binaries.yml", "*", "inputs.the_path", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/reuse_latest_release_binaries.yml", "*", "inputs.last_commit", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/reuse_latest_release_binaries.yml", "*", "inputs.binary_name_stem", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_wamrc.yml", "*", "inputs.ver_num", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_wamrc.yml", "*", "inputs.runner", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_wamr_vscode_ext.yml", "*", "inputs.ver_num", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_wamr_sdk.yml", "*", "inputs.ver_num", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_wamr_sdk.yml", "*", "inputs.runner", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_wamr_sdk.yml", "*", "inputs.config_file", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_wamr_sdk.yml", "*", "inputs.wasi_sdk_url", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_wamr_sdk.yml", "*", "inputs.wamr_app_framework_url", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_wamr_lldb.yml", "*", "inputs.ver_num", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_wamr_lldb.yml", "*", "inputs.runner", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_wamr_lldb.yml", "*", "inputs.wasi_sdk_url", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_llvm_libraries.yml", "*", "inputs.arch", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_llvm_libraries.yml", "*", "inputs.os", "code-injection", "generated"] + - ["bytecodealliance/wasm-micro-runtime/.github/workflows/build_iwasm_release.yml", "*", "inputs.ver_num", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/celo-org_celo-blockchain.model.yml b/ql/lib/ext/generated/reusable-workflows/celo-org_celo-blockchain.model.yml new file mode 100644 index 00000000000..c07d2aba0b6 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/celo-org_celo-blockchain.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["celo-org/celo-blockchain/.github/workflows/add-docker-tag.yaml", "*", "inputs.destination-tag", "code-injection", "generated"] + - ["celo-org/celo-blockchain/.github/workflows/add-docker-tag.yaml", "*", "inputs.origin-tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/cemu-project_cemu.model.yml b/ql/lib/ext/generated/reusable-workflows/cemu-project_cemu.model.yml new file mode 100644 index 00000000000..77a7eaae309 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/cemu-project_cemu.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["cemu-project/cemu/.github/workflows/build.yml", "*", "inputs.experimentalversion", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/cesiumgs_cesium-unreal.model.yml b/ql/lib/ext/generated/reusable-workflows/cesiumgs_cesium-unreal.model.yml new file mode 100644 index 00000000000..09299774b6a --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/cesiumgs_cesium-unreal.model.yml @@ -0,0 +1,29 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["cesiumgs/cesium-unreal/.github/workflows/testWindows.yml", "*", "inputs.unreal-program-name", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/testWindows.yml", "*", "inputs.test-package-base-name", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/testPackageOnWindows.yml", "*", "inputs.unreal-program-name", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/testPackageOnWindows.yml", "*", "inputs.unreal-engine-association", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/testPackageOnWindows.yml", "*", "inputs.test-package-base-name", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/testPackageOnWindows.yml", "*", "inputs.visual-studio-version", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/testPackageOnWindows.yml", "*", "inputs.visual-studio-components", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildiOS.yml", "*", "inputs.unreal-engine-version", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildiOS.yml", "*", "inputs.unreal-program-name", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildiOS.yml", "*", "inputs.upload-package-base-name", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildWindows.yml", "*", "inputs.unreal-engine-version", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildWindows.yml", "*", "inputs.cmake-generator", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildWindows.yml", "*", "inputs.cmake-platform", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildWindows.yml", "*", "inputs.cmake-toolchain", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildWindows.yml", "*", "inputs.upload-package-base-name", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildWindows.yml", "*", "inputs.unreal-program-name", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildWindows.yml", "*", "inputs.extra-choco-packages", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildWindows.yml", "*", "inputs.visual-studio-version", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildWindows.yml", "*", "inputs.visual-studio-components", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildMac.yml", "*", "inputs.unreal-engine-version", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildMac.yml", "*", "inputs.unreal-program-name", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildMac.yml", "*", "inputs.upload-package-base-name", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildLinux.yml", "*", "inputs.unreal-engine-version", "code-injection", "generated"] + - ["cesiumgs/cesium-unreal/.github/workflows/buildLinux.yml", "*", "inputs.clang-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/cgal_cgal.model.yml b/ql/lib/ext/generated/reusable-workflows/cgal_cgal.model.yml new file mode 100644 index 00000000000..028210d4eac --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/cgal_cgal.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["cgal/cgal/.github/workflows/send_email.yml", "*", "inputs.message", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/checkstyle_checkstyle.model.yml b/ql/lib/ext/generated/reusable-workflows/checkstyle_checkstyle.model.yml new file mode 100644 index 00000000000..2ea83d9d94b --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/checkstyle_checkstyle.model.yml @@ -0,0 +1,14 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["checkstyle/checkstyle/.github/workflows/release-upload-all-jar.yml", "*", "inputs.version", "code-injection", "generated"] + - ["checkstyle/checkstyle/.github/workflows/release-update-xdoc-with-releasenotes.yml", "*", "inputs.version", "code-injection", "generated"] + - ["checkstyle/checkstyle/.github/workflows/release-update-github-page.yml", "*", "inputs.version", "code-injection", "generated"] + - ["checkstyle/checkstyle/.github/workflows/release-update-github-io.yml", "*", "inputs.version", "code-injection", "generated"] + - ["checkstyle/checkstyle/.github/workflows/release-publish-releasenotes-twitter.yml", "*", "inputs.version", "code-injection", "generated"] + - ["checkstyle/checkstyle/.github/workflows/release-new-milestone-and-issues-in-other-repos.yml", "*", "inputs.version", "code-injection", "generated"] + - ["checkstyle/checkstyle/.github/workflows/release-maven-prepare.yml", "*", "inputs.version", "code-injection", "generated"] + - ["checkstyle/checkstyle/.github/workflows/release-maven-perform.yml", "*", "inputs.version", "code-injection", "generated"] + - ["checkstyle/checkstyle/.github/workflows/release-copy-github-io-to-sourceforge.yml", "*", "inputs.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/chia-network_actions.model.yml b/ql/lib/ext/generated/reusable-workflows/chia-network_actions.model.yml new file mode 100644 index 00000000000..69f1b740c96 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/chia-network_actions.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["chia-network/actions/.github/workflows/docker-build.yaml", "*", "inputs.docker-context", "code-injection", "generated"] + - ["chia-network/actions/.github/workflows/docker-build.yaml", "*", "inputs.image_subpath", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/chipsalliance_chisel.model.yml b/ql/lib/ext/generated/reusable-workflows/chipsalliance_chisel.model.yml new file mode 100644 index 00000000000..61af1d32441 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/chipsalliance_chisel.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["chipsalliance/chisel/.github/workflows/test.yml", "*", "inputs.scala", "code-injection", "generated"] + - ["chipsalliance/chisel/.github/workflows/test.yml", "*", "inputs.circt", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/clickhouse_clickhouse.model.yml b/ql/lib/ext/generated/reusable-workflows/clickhouse_clickhouse.model.yml new file mode 100644 index 00000000000..1532fc723aa --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/clickhouse_clickhouse.model.yml @@ -0,0 +1,14 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["clickhouse/clickhouse/.github/workflows/reusable_test.yml", "*", "inputs.test_name", "code-injection", "generated"] + - ["clickhouse/clickhouse/.github/workflows/reusable_test.yml", "*", "inputs.run_command", "code-injection", "generated"] + - ["clickhouse/clickhouse/.github/workflows/reusable_test.yml", "*", "inputs.working-directory", "code-injection", "generated"] + - ["clickhouse/clickhouse/.github/workflows/reusable_test.yml", "*", "inputs.additional_envs", "code-injection", "generated"] + - ["clickhouse/clickhouse/.github/workflows/reusable_simple_job.yml", "*", "inputs.test_name", "code-injection", "generated"] + - ["clickhouse/clickhouse/.github/workflows/reusable_simple_job.yml", "*", "inputs.run_command", "code-injection", "generated"] + - ["clickhouse/clickhouse/.github/workflows/reusable_simple_job.yml", "*", "inputs.working-directory", "code-injection", "generated"] + - ["clickhouse/clickhouse/.github/workflows/reusable_simple_job.yml", "*", "inputs.additional_envs", "code-injection", "generated"] + - ["clickhouse/clickhouse/.github/workflows/reusable_docker.yml", "*", "inputs.set_latest", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/cloudfoundry_cli.model.yml b/ql/lib/ext/generated/reusable-workflows/cloudfoundry_cli.model.yml new file mode 100644 index 00000000000..f4a7cd26183 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/cloudfoundry_cli.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["cloudfoundry/cli/.github/workflows/tests-integration-reusable.yml", "*", "inputs.os", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/cocotb_cocotb.model.yml b/ql/lib/ext/generated/reusable-workflows/cocotb_cocotb.model.yml new file mode 100644 index 00000000000..119bfeaa796 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/cocotb_cocotb.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["cocotb/cocotb/.github/workflows/regression-tests.yml", "*", "inputs.nox_session_test_sim", "code-injection", "generated"] + - ["cocotb/cocotb/.github/workflows/regression-tests.yml", "*", "inputs.nox_session_test_nosim", "code-injection", "generated"] + - ["cocotb/cocotb/.github/workflows/regression-tests.yml", "*", "inputs.group", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/codeigniter4_codeigniter4.model.yml b/ql/lib/ext/generated/reusable-workflows/codeigniter4_codeigniter4.model.yml new file mode 100644 index 00000000000..10ea343b7aa --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/codeigniter4_codeigniter4.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["codeigniter4/codeigniter4/.github/workflows/reusable-serviceless-phpunit-test.yml", "*", "inputs.extra-composer-options", "code-injection", "generated"] + - ["codeigniter4/codeigniter4/.github/workflows/reusable-serviceless-phpunit-test.yml", "*", "inputs.php-version", "code-injection", "generated"] + - ["codeigniter4/codeigniter4/.github/workflows/reusable-phpunit-test.yml", "*", "inputs.extra-composer-options", "code-injection", "generated"] + - ["codeigniter4/codeigniter4/.github/workflows/reusable-phpunit-test.yml", "*", "inputs.php-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/com-lihaoyi_mill.model.yml b/ql/lib/ext/generated/reusable-workflows/com-lihaoyi_mill.model.yml new file mode 100644 index 00000000000..6310b7155d3 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/com-lihaoyi_mill.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["com-lihaoyi/mill/.github/workflows/run-mill-action.yml", "*", "inputs.millargs", "code-injection", "generated"] + - ["com-lihaoyi/mill/.github/workflows/run-mill-action.yml", "*", "inputs.buildcmd", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/cosmos_ibc-go.model.yml b/ql/lib/ext/generated/reusable-workflows/cosmos_ibc-go.model.yml new file mode 100644 index 00000000000..a1de7e9a8f9 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/cosmos_ibc-go.model.yml @@ -0,0 +1,17 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["cosmos/ibc-go/.github/workflows/e2e-test-workflow-call.yml", "*", "inputs.upgrade-plan-name", "code-injection", "generated"] + - ["cosmos/ibc-go/.github/workflows/e2e-test-workflow-call.yml", "*", "inputs.chain-upgrade-tag", "code-injection", "generated"] + - ["cosmos/ibc-go/.github/workflows/e2e-test-workflow-call.yml", "*", "inputs.relayer-type", "code-injection", "generated"] + - ["cosmos/ibc-go/.github/workflows/e2e-test-workflow-call.yml", "*", "inputs.relayer-tag", "code-injection", "generated"] + - ["cosmos/ibc-go/.github/workflows/e2e-test-workflow-call.yml", "*", "inputs.relayer-image", "code-injection", "generated"] + - ["cosmos/ibc-go/.github/workflows/e2e-test-workflow-call.yml", "*", "inputs.chain-b-tag", "code-injection", "generated"] + - ["cosmos/ibc-go/.github/workflows/e2e-test-workflow-call.yml", "*", "inputs.chain-a-tag", "code-injection", "generated"] + - ["cosmos/ibc-go/.github/workflows/e2e-test-workflow-call.yml", "*", "inputs.chain-image", "code-injection", "generated"] + - ["cosmos/ibc-go/.github/workflows/e2e-test-workflow-call.yml", "*", "inputs.test", "code-injection", "generated"] + - ["cosmos/ibc-go/.github/workflows/e2e-test-workflow-call.yml", "*", "inputs.test-entry-point", "code-injection", "generated"] + - ["cosmos/ibc-go/.github/workflows/e2e-compatibility-workflow-call.yaml", "*", "inputs.test-suite", "code-injection", "generated"] + - ["cosmos/ibc-go/.github/workflows/e2e-compatibility-workflow-call.yaml", "*", "inputs.test-file-directory", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/crowdsecurity_crowdsec.model.yml b/ql/lib/ext/generated/reusable-workflows/crowdsecurity_crowdsec.model.yml new file mode 100644 index 00000000000..d6e334573e4 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/crowdsecurity_crowdsec.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["crowdsecurity/crowdsec/.github/workflows/publish-docker.yml", "*", "inputs.latest", "code-injection", "generated"] + - ["crowdsecurity/crowdsec/.github/workflows/publish-docker.yml", "*", "inputs.image_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/cryptomator_cryptomator.model.yml b/ql/lib/ext/generated/reusable-workflows/cryptomator_cryptomator.model.yml new file mode 100644 index 00000000000..eeff97a8aea --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/cryptomator_cryptomator.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["cryptomator/cryptomator/.github/workflows/get-version.yml", "*", "inputs.version", "code-injection", "generated"] + - ["cryptomator/cryptomator/.github/workflows/av-whitelist.yml", "*", "inputs.url", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/daeuniverse_dae.model.yml b/ql/lib/ext/generated/reusable-workflows/daeuniverse_dae.model.yml new file mode 100644 index 00000000000..34ffd6788b1 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/daeuniverse_dae.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["daeuniverse/dae/.github/workflows/seed-build.yml", "*", "inputs.pr-number", "code-injection", "generated"] + - ["daeuniverse/dae/.github/workflows/seed-build.yml", "*", "inputs.build-type", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dafny-lang_dafny.model.yml b/ql/lib/ext/generated/reusable-workflows/dafny-lang_dafny.model.yml new file mode 100644 index 00000000000..8ee00d47f79 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/dafny-lang_dafny.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["dafny-lang/dafny/.github/workflows/publish-release-reusable.yml", "*", "inputs.name", "code-injection", "generated"] + - ["dafny-lang/dafny/.github/workflows/publish-release-reusable.yml", "*", "inputs.tag_name", "code-injection", "generated"] + - ["dafny-lang/dafny/.github/workflows/integration-tests-reusable.yml", "*", "inputs.all_platforms", "code-injection", "generated"] + - ["dafny-lang/dafny/.github/workflows/integration-tests-reusable.yml", "*", "inputs.num_shards", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dagger_dagger.model.yml b/ql/lib/ext/generated/reusable-workflows/dagger_dagger.model.yml new file mode 100644 index 00000000000..40b35b5c873 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/dagger_dagger.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["dagger/dagger/.github/workflows/_hack_make.yml", "*", "inputs.mage-targets", "code-injection", "generated"] + - ["dagger/dagger/.github/workflows/_hack_make.yml", "*", "inputs.dev-engine", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dash-industry-forum_dash.js.model.yml b/ql/lib/ext/generated/reusable-workflows/dash-industry-forum_dash.js.model.yml new file mode 100644 index 00000000000..c02368b5d51 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/dash-industry-forum_dash.js.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["dash-industry-forum/dash.js/.github/workflows/deploy.yml", "*", "inputs.deploy_path", "code-injection", "generated"] + - ["dash-industry-forum/dash.js/.github/workflows/deploy.yml", "*", "inputs.envname", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-go.model.yml b/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-go.model.yml new file mode 100644 index 00000000000..61b3e84b29e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-go.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["datadog/dd-trace-go/.github/workflows/smoke-tests.yml", "*", "inputs.go-libddwaf-ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-py.model.yml b/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-py.model.yml new file mode 100644 index 00000000000..72e4a3eec65 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-py.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["datadog/dd-trace-py/.github/workflows/lib-inject-publish.yml", "*", "inputs.ddtrace-version", "code-injection", "generated"] + - ["datadog/dd-trace-py/.github/workflows/build-and-publish-image.yml", "*", "inputs.context", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/datafuselabs_databend.model.yml b/ql/lib/ext/generated/reusable-workflows/datafuselabs_databend.model.yml new file mode 100644 index 00000000000..5e875442771 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/datafuselabs_databend.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["datafuselabs/databend/.github/workflows/reuse.benchmark.yml", "*", "inputs.run_id", "code-injection", "generated"] + - ["datafuselabs/databend/.github/workflows/reuse.benchmark.yml", "*", "inputs.source_id", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-bigquery.model.yml b/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-bigquery.model.yml new file mode 100644 index 00000000000..991743df7d2 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-bigquery.model.yml @@ -0,0 +1,14 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["dbt-labs/dbt-bigquery/.github/workflows/release.yml", "*", "inputs.s3_bucket_name", "code-injection", "generated"] + - ["dbt-labs/dbt-bigquery/.github/workflows/release.yml", "*", "inputs.build_script_path", "code-injection", "generated"] + - ["dbt-labs/dbt-bigquery/.github/workflows/release.yml", "*", "inputs.nightly_release", "code-injection", "generated"] + - ["dbt-labs/dbt-bigquery/.github/workflows/release.yml", "*", "inputs.test_run", "code-injection", "generated"] + - ["dbt-labs/dbt-bigquery/.github/workflows/release.yml", "*", "inputs.env_setup_script_path", "code-injection", "generated"] + - ["dbt-labs/dbt-bigquery/.github/workflows/release.yml", "*", "inputs.target_branch", "code-injection", "generated"] + - ["dbt-labs/dbt-bigquery/.github/workflows/release.yml", "*", "inputs.sha", "code-injection", "generated"] + - ["dbt-labs/dbt-bigquery/.github/workflows/release.yml", "*", "inputs.package_test_command", "code-injection", "generated"] + - ["dbt-labs/dbt-bigquery/.github/workflows/release.yml", "*", "inputs.version_number", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-core.model.yml b/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-core.model.yml new file mode 100644 index 00000000000..780d95fab47 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-core.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["dbt-labs/dbt-core/.github/workflows/release.yml", "*", "inputs.nightly_release", "code-injection", "generated"] + - ["dbt-labs/dbt-core/.github/workflows/release.yml", "*", "inputs.test_run", "code-injection", "generated"] + - ["dbt-labs/dbt-core/.github/workflows/release.yml", "*", "inputs.target_branch", "code-injection", "generated"] + - ["dbt-labs/dbt-core/.github/workflows/release.yml", "*", "inputs.version_number", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-snowflake.model.yml b/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-snowflake.model.yml new file mode 100644 index 00000000000..cf69379583d --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-snowflake.model.yml @@ -0,0 +1,14 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["dbt-labs/dbt-snowflake/.github/workflows/release.yml", "*", "inputs.s3_bucket_name", "code-injection", "generated"] + - ["dbt-labs/dbt-snowflake/.github/workflows/release.yml", "*", "inputs.build_script_path", "code-injection", "generated"] + - ["dbt-labs/dbt-snowflake/.github/workflows/release.yml", "*", "inputs.nightly_release", "code-injection", "generated"] + - ["dbt-labs/dbt-snowflake/.github/workflows/release.yml", "*", "inputs.test_run", "code-injection", "generated"] + - ["dbt-labs/dbt-snowflake/.github/workflows/release.yml", "*", "inputs.env_setup_script_path", "code-injection", "generated"] + - ["dbt-labs/dbt-snowflake/.github/workflows/release.yml", "*", "inputs.target_branch", "code-injection", "generated"] + - ["dbt-labs/dbt-snowflake/.github/workflows/release.yml", "*", "inputs.sha", "code-injection", "generated"] + - ["dbt-labs/dbt-snowflake/.github/workflows/release.yml", "*", "inputs.package_test_command", "code-injection", "generated"] + - ["dbt-labs/dbt-snowflake/.github/workflows/release.yml", "*", "inputs.version_number", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/decidim_decidim.model.yml b/ql/lib/ext/generated/reusable-workflows/decidim_decidim.model.yml new file mode 100644 index 00000000000..211fe546e28 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/decidim_decidim.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["decidim/decidim/.github/workflows/test_app.yml", "*", "inputs.test_command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/defectdojo_django-defectdojo.model.yml b/ql/lib/ext/generated/reusable-workflows/defectdojo_django-defectdojo.model.yml new file mode 100644 index 00000000000..d59258ce992 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/defectdojo_django-defectdojo.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["defectdojo/django-defectdojo/.github/workflows/release-x-manual-helm-chart.yml", "*", "inputs.release_number", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dependencytrack_dependency-track.model.yml b/ql/lib/ext/generated/reusable-workflows/dependencytrack_dependency-track.model.yml new file mode 100644 index 00000000000..43f5349bf3c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/dependencytrack_dependency-track.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["dependencytrack/dependency-track/.github/workflows/_meta-build.yaml", "*", "inputs.app-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/devexpress_testcafe.model.yml b/ql/lib/ext/generated/reusable-workflows/devexpress_testcafe.model.yml new file mode 100644 index 00000000000..d6ef60a9698 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/devexpress_testcafe.model.yml @@ -0,0 +1,10 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["devexpress/testcafe/.github/workflows/test-server.yml", "*", "inputs.test-script", "code-injection", "generated"] + - ["devexpress/testcafe/.github/workflows/test-functional.yml", "*", "inputs.test-script", "code-injection", "generated"] + - ["devexpress/testcafe/.github/workflows/test-functional.yml", "*", "inputs.display", "code-injection", "generated"] + - ["devexpress/testcafe/.github/workflows/test-functional.yml", "*", "inputs.matrix-jobs-count", "code-injection", "generated"] + - ["devexpress/testcafe/.github/workflows/test-client.yml", "*", "inputs.test-script", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dfhack_dfhack.model.yml b/ql/lib/ext/generated/reusable-workflows/dfhack_dfhack.model.yml new file mode 100644 index 00000000000..1d41854bf71 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/dfhack_dfhack.model.yml @@ -0,0 +1,18 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["dfhack/dfhack/.github/workflows/build-windows.yml", "*", "inputs.artifact-name", "code-injection", "generated"] + - ["dfhack/dfhack/.github/workflows/build-windows.yml", "*", "inputs.append-date-and-hash", "code-injection", "generated"] + - ["dfhack/dfhack/.github/workflows/build-linux.yml", "*", "inputs.artifact-name", "code-injection", "generated"] + - ["dfhack/dfhack/.github/workflows/build-linux.yml", "*", "inputs.append-date-and-hash", "code-injection", "generated"] + - ["dfhack/dfhack/.github/workflows/build-linux.yml", "*", "inputs.common-files", "code-injection", "generated"] + - ["dfhack/dfhack/.github/workflows/build-linux.yml", "*", "inputs.xml-dump-type-sizes", "code-injection", "generated"] + - ["dfhack/dfhack/.github/workflows/build-linux.yml", "*", "inputs.tests", "code-injection", "generated"] + - ["dfhack/dfhack/.github/workflows/build-linux.yml", "*", "inputs.docs", "code-injection", "generated"] + - ["dfhack/dfhack/.github/workflows/build-linux.yml", "*", "inputs.extras", "code-injection", "generated"] + - ["dfhack/dfhack/.github/workflows/build-linux.yml", "*", "inputs.stonesense", "code-injection", "generated"] + - ["dfhack/dfhack/.github/workflows/build-linux.yml", "*", "inputs.platform-files", "code-injection", "generated"] + - ["dfhack/dfhack/.github/workflows/build-linux.yml", "*", "inputs.launchdf", "code-injection", "generated"] + - ["dfhack/dfhack/.github/workflows/build-linux.yml", "*", "inputs.gcc-ver", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/docker_build-push-action.model.yml b/ql/lib/ext/generated/reusable-workflows/docker_build-push-action.model.yml new file mode 100644 index 00000000000..9f64a59aead --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/docker_build-push-action.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["docker/build-push-action/.github/workflows/.e2e-run.yml", "*", "inputs.id", "code-injection", "generated"] + - ["docker/build-push-action/.github/workflows/.e2e-run.yml", "*", "inputs.type", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dragonwell-project_dragonwell11.model.yml b/ql/lib/ext/generated/reusable-workflows/dragonwell-project_dragonwell11.model.yml new file mode 100644 index 00000000000..69cb39e5e55 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/dragonwell-project_dragonwell11.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["dragonwell-project/dragonwell11/.github/workflows/test.yml", "*", "inputs.platform", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/earthly_earthly.model.yml b/ql/lib/ext/generated/reusable-workflows/earthly_earthly.model.yml new file mode 100644 index 00000000000..a66e2a2cca5 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/earthly_earthly.model.yml @@ -0,0 +1,22 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["earthly/earthly/.github/workflows/reusable-wait-block-target.yml", "*", "inputs.BINARY", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-wait-block-target.yml", "*", "inputs.SUDO", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-wait-block-target.yml", "*", "inputs.TARGET_NAME", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-wait-block-target.yml", "*", "inputs.EXTRA_ARGS", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-wait-block-target.yml", "*", "inputs.BUILT_EARTHLY_PATH", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-wait-block-main.yml", "*", "inputs.BINARY", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-wait-block-main.yml", "*", "inputs.SUDO", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-test.yml", "*", "inputs.BINARY", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-test.yml", "*", "inputs.SUDO", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-test.yml", "*", "inputs.EXTRA_ARGS", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-test.yml", "*", "inputs.BUILT_EARTHLY_PATH", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-test.yml", "*", "inputs.TEST_TARGET", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-test-local.yml", "*", "inputs.BINARY", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-test-local.yml", "*", "inputs.SUDO", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-test-local.yml", "*", "inputs.BINARY_COMPOSE", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-test-local.yml", "*", "inputs.RUN_EARTHLY_TEST_ARGS", "code-injection", "generated"] + - ["earthly/earthly/.github/workflows/reusable-test-local.yml", "*", "inputs.BUILT_EARTHLY_PATH", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vert.x.model.yml b/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vert.x.model.yml new file mode 100644 index 00000000000..ca3eeca8df7 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vert.x.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["eclipse-vertx/vert.x/.github/workflows/ci.yml", "*", "inputs.profile", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vertx-sql-client.model.yml b/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vertx-sql-client.model.yml new file mode 100644 index 00000000000..b95ce03ed3a --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vertx-sql-client.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["eclipse-vertx/vertx-sql-client/.github/workflows/ci.yml", "*", "inputs.profile", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/elastic_elasticsearch-net.model.yml b/ql/lib/ext/generated/reusable-workflows/elastic_elasticsearch-net.model.yml new file mode 100644 index 00000000000..326d4391ecb --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/elastic_elasticsearch-net.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["elastic/elasticsearch-net/.github/workflows/release.yml", "*", "inputs.solution", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/element-hq_element-desktop.model.yml b/ql/lib/ext/generated/reusable-workflows/element-hq_element-desktop.model.yml new file mode 100644 index 00000000000..849a531cd7b --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/element-hq_element-desktop.model.yml @@ -0,0 +1,11 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["element-hq/element-desktop/.github/workflows/build_windows.yaml", "*", "inputs.version", "code-injection", "generated"] + - ["element-hq/element-desktop/.github/workflows/build_prepare.yaml", "*", "inputs.config", "code-injection", "generated"] + - ["element-hq/element-desktop/.github/workflows/build_prepare.yaml", "*", "inputs.version", "code-injection", "generated"] + - ["element-hq/element-desktop/.github/workflows/build_macos.yaml", "*", "inputs.base-url", "code-injection", "generated"] + - ["element-hq/element-desktop/.github/workflows/build_macos.yaml", "*", "inputs.version", "code-injection", "generated"] + - ["element-hq/element-desktop/.github/workflows/build_linux.yaml", "*", "inputs.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/etcd-io_bbolt.model.yml b/ql/lib/ext/generated/reusable-workflows/etcd-io_bbolt.model.yml new file mode 100644 index 00000000000..835bbf4cf89 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/etcd-io_bbolt.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["etcd-io/bbolt/.github/workflows/robustness_template.yaml", "*", "inputs.testTimeout", "code-injection", "generated"] + - ["etcd-io/bbolt/.github/workflows/robustness_template.yaml", "*", "inputs.count", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/etcd-io_etcd.model.yml b/ql/lib/ext/generated/reusable-workflows/etcd-io_etcd.model.yml new file mode 100644 index 00000000000..453c3cd06f3 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/etcd-io_etcd.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["etcd-io/etcd/.github/workflows/tests-template.yaml", "*", "inputs.arch", "code-injection", "generated"] + - ["etcd-io/etcd/.github/workflows/robustness-template.yaml", "*", "inputs.scenario", "code-injection", "generated"] + - ["etcd-io/etcd/.github/workflows/robustness-template.yaml", "*", "inputs.testTimeout", "code-injection", "generated"] + - ["etcd-io/etcd/.github/workflows/robustness-template.yaml", "*", "inputs.count", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/eventstore_eventstore.model.yml b/ql/lib/ext/generated/reusable-workflows/eventstore_eventstore.model.yml new file mode 100644 index 00000000000..32e6124c06e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/eventstore_eventstore.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["eventstore/eventstore/.github/workflows/build-reusable.yml", "*", "inputs.arch", "code-injection", "generated"] + - ["eventstore/eventstore/.github/workflows/build-container-reusable.yml", "*", "inputs.container-runtime", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/expensify_app.model.yml b/ql/lib/ext/generated/reusable-workflows/expensify_app.model.yml new file mode 100644 index 00000000000..09177714b08 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/expensify_app.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["expensify/app/.github/workflows/e2ePerformanceTests.yml", "*", "inputs.PR_NUMBER", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/external-secrets_external-secrets.model.yml b/ql/lib/ext/generated/reusable-workflows/external-secrets_external-secrets.model.yml new file mode 100644 index 00000000000..78243b4c6d7 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/external-secrets_external-secrets.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["external-secrets/external-secrets/.github/workflows/publish.yml", "*", "inputs.image-tag", "code-injection", "generated"] + - ["external-secrets/external-secrets/.github/workflows/publish.yml", "*", "inputs.tag-suffix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/facebook_create-react-app.model.yml b/ql/lib/ext/generated/reusable-workflows/facebook_create-react-app.model.yml new file mode 100644 index 00000000000..6e69fb89fc8 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/facebook_create-react-app.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["facebook/create-react-app/.github/workflows/e2e-base.yml", "*", "inputs.testScript", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/facebookresearch_xformers.model.yml b/ql/lib/ext/generated/reusable-workflows/facebookresearch_xformers.model.yml new file mode 100644 index 00000000000..fee19d65a09 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/facebookresearch_xformers.model.yml @@ -0,0 +1,15 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["facebookresearch/xformers/.github/workflows/wheels_upload_s3.yml", "*", "inputs.aws_s3_cp_extra_args", "code-injection", "generated"] + - ["facebookresearch/xformers/.github/workflows/wheels_upload_s3.yml", "*", "inputs.s3_path", "code-injection", "generated"] + - ["facebookresearch/xformers/.github/workflows/wheels_upload_s3.yml", "*", "inputs.filter", "code-injection", "generated"] + - ["facebookresearch/xformers/.github/workflows/wheels_upload_s3.yml", "*", "inputs.artifact_tag", "code-injection", "generated"] + - ["facebookresearch/xformers/.github/workflows/wheels_upload_pip.yml", "*", "inputs.filter", "code-injection", "generated"] + - ["facebookresearch/xformers/.github/workflows/wheels_upload_pip.yml", "*", "inputs.artifact_tag", "code-injection", "generated"] + - ["facebookresearch/xformers/.github/workflows/wheels_upload_pip.yml", "*", "inputs.pypirc", "code-injection", "generated"] + - ["facebookresearch/xformers/.github/workflows/wheels_build.yml", "*", "inputs.cuda_short_version", "code-injection", "generated"] + - ["facebookresearch/xformers/.github/workflows/wheels_build.yml", "*", "inputs.torch_version", "code-injection", "generated"] + - ["facebookresearch/xformers/.github/workflows/linters_reusable.yml", "*", "inputs.pre-script", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/falcosecurity_falco.model.yml b/ql/lib/ext/generated/reusable-workflows/falcosecurity_falco.model.yml new file mode 100644 index 00000000000..51b58ab74f5 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/falcosecurity_falco.model.yml @@ -0,0 +1,11 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["falcosecurity/falco/.github/workflows/reusable_build_packages.yaml", "*", "inputs.build_type", "code-injection", "generated"] + - ["falcosecurity/falco/.github/workflows/reusable_build_packages.yaml", "*", "inputs.version", "code-injection", "generated"] + - ["falcosecurity/falco/.github/workflows/reusable_test_packages.yaml", "*", "inputs.version", "code-injection", "generated"] + - ["falcosecurity/falco/.github/workflows/reusable_test_packages.yaml", "*", "inputs.arch", "code-injection", "generated"] + - ["falcosecurity/falco/.github/workflows/reusable_publish_packages.yaml", "*", "inputs.version", "code-injection", "generated"] + - ["falcosecurity/falco/.github/workflows/reusable_publish_packages.yaml", "*", "inputs.bucket_suffix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/fastify_fastify.model.yml b/ql/lib/ext/generated/reusable-workflows/fastify_fastify.model.yml new file mode 100644 index 00000000000..5a53b788312 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/fastify_fastify.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["fastify/fastify/.github/workflows/citgm-package.yml", "*", "inputs.package", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/ferretdb_ferretdb.model.yml b/ql/lib/ext/generated/reusable-workflows/ferretdb_ferretdb.model.yml new file mode 100644 index 00000000000..579e295213b --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/ferretdb_ferretdb.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["ferretdb/ferretdb/.github/workflows/_integration.yml", "*", "inputs.task", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/filecoin-project_venus.model.yml b/ql/lib/ext/generated/reusable-workflows/filecoin-project_venus.model.yml new file mode 100644 index 00000000000..bc8133b907c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/filecoin-project_venus.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["filecoin-project/venus/.github/workflows/common_go.yml", "*", "inputs.test_timeout", "code-injection", "generated"] + - ["filecoin-project/venus/.github/workflows/common_go.yml", "*", "inputs.log_level", "code-injection", "generated"] + - ["filecoin-project/venus/.github/workflows/common_build_upload.yml", "*", "inputs.bin_name", "code-injection", "generated"] + - ["filecoin-project/venus/.github/workflows/common_build_upload.yml", "*", "inputs.has_ffi", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/firebase_firebase-unity-sdk.model.yml b/ql/lib/ext/generated/reusable-workflows/firebase_firebase-unity-sdk.model.yml new file mode 100644 index 00000000000..232c6abb3f3 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/firebase_firebase-unity-sdk.model.yml @@ -0,0 +1,19 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["firebase/firebase-unity-sdk/.github/workflows/update_versions.yml", "*", "inputs.triggered_by_callable", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/update_versions.yml", "*", "inputs.package_version_number", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/update_versions.yml", "*", "inputs.base_branch", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/update_versions.yml", "*", "inputs.cpp_release_version", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/package.yml", "*", "inputs.platforms", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/package.yml", "*", "inputs.runIntegrationTests", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/package.yml", "*", "inputs.apis", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/package.yml", "*", "inputs.working_branch", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/package.yml", "*", "inputs.release_label", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/package.yml", "*", "inputs.create_new_branch", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/build_windows.yml", "*", "inputs.apis", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/build_tvos.yml", "*", "inputs.apis", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/build_macos.yml", "*", "inputs.apis", "code-injection", "generated"] + - ["firebase/firebase-unity-sdk/.github/workflows/build_linux.yml", "*", "inputs.apis", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/flarum_framework.model.yml b/ql/lib/ext/generated/reusable-workflows/flarum_framework.model.yml new file mode 100644 index 00000000000..8a7d3c60c45 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/flarum_framework.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["flarum/framework/.github/workflows/REUSABLE_backend.yml", "*", "inputs.monorepo_tests", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/fluent_fluent-bit.model.yml b/ql/lib/ext/generated/reusable-workflows/fluent_fluent-bit.model.yml new file mode 100644 index 00000000000..a1e523d92ce --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/fluent_fluent-bit.model.yml @@ -0,0 +1,13 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["fluent/fluent-bit/.github/workflows/call-windows-unit-tests.yaml", "*", "inputs.unstable", "code-injection", "generated"] + - ["fluent/fluent-bit/lib/wasm-micro-runtime-WAMR-1.3.0/.github/workflows/reuse_latest_release_binaries.yml", "*", "inputs.the_path", "code-injection", "generated"] + - ["fluent/fluent-bit/lib/wasm-micro-runtime-WAMR-1.3.0/.github/workflows/reuse_latest_release_binaries.yml", "*", "inputs.last_commit", "code-injection", "generated"] + - ["fluent/fluent-bit/lib/wasm-micro-runtime-WAMR-1.3.0/.github/workflows/reuse_latest_release_binaries.yml", "*", "inputs.binary_name_stem", "code-injection", "generated"] + - ["fluent/fluent-bit/lib/wasm-micro-runtime-WAMR-1.3.0/.github/workflows/build_wamrc.yml", "*", "inputs.ver_num", "code-injection", "generated"] + - ["fluent/fluent-bit/lib/wasm-micro-runtime-WAMR-1.3.0/.github/workflows/build_wamrc.yml", "*", "inputs.runner", "code-injection", "generated"] + - ["fluent/fluent-bit/lib/wasm-micro-runtime-WAMR-1.3.0/.github/workflows/build_wamr_vscode_ext.yml", "*", "inputs.ver_num", "code-injection", "generated"] + - ["fluent/fluent-bit/lib/wasm-micro-runtime-WAMR-1.3.0/.github/workflows/build_wamr_sdk.yml", "*", "inputs.ver_num", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/flux-iac_tofu-controller.model.yml b/ql/lib/ext/generated/reusable-workflows/flux-iac_tofu-controller.model.yml new file mode 100644 index 00000000000..22729c980de --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/flux-iac_tofu-controller.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["flux-iac/tofu-controller/.github/workflows/targeted-test.yaml", "*", "inputs.pattern", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/flyteorg_flyte.model.yml b/ql/lib/ext/generated/reusable-workflows/flyteorg_flyte.model.yml new file mode 100644 index 00000000000..e242d38bdbe --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/flyteorg_flyte.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["flyteorg/flyte/.github/workflows/publish.yml", "*", "inputs.before-build", "code-injection", "generated"] + - ["flyteorg/flyte/.github/workflows/integration.yml", "*", "inputs.component", "code-injection", "generated"] + - ["flyteorg/flyte/.github/workflows/component_docker_build.yml", "*", "inputs.component", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/foundatiofx_foundatio.model.yml b/ql/lib/ext/generated/reusable-workflows/foundatiofx_foundatio.model.yml new file mode 100644 index 00000000000..f9c6658f5b8 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/foundatiofx_foundatio.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["foundatiofx/foundatio/.github/workflows/build-workflow.yml", "*", "inputs.org", "code-injection", "generated"] + - ["foundatiofx/foundatio/.github/workflows/build-workflow.yml", "*", "inputs.solution", "code-injection", "generated"] + - ["foundatiofx/foundatio/.github/workflows/build-workflow.yml", "*", "inputs.compose-command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/freecad_freecad.model.yml b/ql/lib/ext/generated/reusable-workflows/freecad_freecad.model.yml new file mode 100644 index 00000000000..798c6bcc37a --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/freecad_freecad.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["freecad/freecad/.github/workflows/sub_wrapup.yml", "*", "inputs.previousSteps", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/getpelican_pelican.model.yml b/ql/lib/ext/generated/reusable-workflows/getpelican_pelican.model.yml new file mode 100644 index 00000000000..687db46824a --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/getpelican_pelican.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["getpelican/pelican/.github/workflows/github_pages.yml", "*", "inputs.output-path", "code-injection", "generated"] + - ["getpelican/pelican/.github/workflows/github_pages.yml", "*", "inputs.settings", "code-injection", "generated"] + - ["getpelican/pelican/.github/workflows/github_pages.yml", "*", "inputs.requirements", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/getporter_porter.model.yml b/ql/lib/ext/generated/reusable-workflows/getporter_porter.model.yml new file mode 100644 index 00000000000..8a13569af7c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/getporter_porter.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["getporter/porter/.github/workflows/build_pipelinesrelease_template.yml", "*", "inputs.registry", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-dart.model.yml b/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-dart.model.yml new file mode 100644 index 00000000000..453eb862b94 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-dart.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["getsentry/sentry-dart/.github/workflows/analyze.yml", "*", "inputs.panaThreshold", "code-injection", "generated"] + - ["getsentry/sentry-dart/.github/workflows/analyze.yml", "*", "inputs.sdk", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-unity.model.yml b/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-unity.model.yml new file mode 100644 index 00000000000..37074688f17 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-unity.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["getsentry/sentry-unity/.github/workflows/sdk.yml", "*", "inputs.target", "code-injection", "generated"] + - ["getsentry/sentry-unity/.github/workflows/android-smoke-test.yml", "*", "inputs.api-level", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/gitpod-io_gitpod.model.yml b/ql/lib/ext/generated/reusable-workflows/gitpod-io_gitpod.model.yml new file mode 100644 index 00000000000..2e1835cadca --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/gitpod-io_gitpod.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["gitpod-io/gitpod/.github/workflows/jetbrains-auto-update-template.yml", "*", "inputs.productId", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/gittools_gitversion.model.yml b/ql/lib/ext/generated/reusable-workflows/gittools_gitversion.model.yml new file mode 100644 index 00000000000..924f5eb157c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/gittools_gitversion.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["gittools/gitversion/.github/workflows/_artifacts_linux.yml", "*", "inputs.arch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_magic-modules.model.yml b/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_magic-modules.model.yml new file mode 100644 index 00000000000..1244f76cbf1 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_magic-modules.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["googlecloudplatform/magic-modules/.github/workflows/build-downstream.yml", "*", "inputs.repo", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_nodejs-docs-samples.model.yml b/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_nodejs-docs-samples.model.yml new file mode 100644 index 00000000000..94c6c81d33e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_nodejs-docs-samples.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["googlecloudplatform/nodejs-docs-samples/.github/workflows/test.yaml", "*", "inputs.path", "code-injection", "generated"] + - ["googlecloudplatform/nodejs-docs-samples/.github/workflows/test.yaml", "*", "inputs.name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/gravitational_teleport.model.yml b/ql/lib/ext/generated/reusable-workflows/gravitational_teleport.model.yml new file mode 100644 index 00000000000..c5f5fc4b29d --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/gravitational_teleport.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["gravitational/teleport/.github/workflows/update-ami-ids.yaml", "*", "inputs.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/gravitl_netmaker.model.yml b/ql/lib/ext/generated/reusable-workflows/gravitl_netmaker.model.yml new file mode 100644 index 00000000000..506dd2b9fee --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/gravitl_netmaker.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["gravitl/netmaker/.github/workflows/publish-docker.yml", "*", "inputs.tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/h2oai_wave.model.yml b/ql/lib/ext/generated/reusable-workflows/h2oai_wave.model.yml new file mode 100644 index 00000000000..4a81c585259 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/h2oai_wave.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["h2oai/wave/.github/workflows/wave-bundle-docker-build-publish.yaml", "*", "inputs.build-version", "code-injection", "generated"] + - ["h2oai/wave/.github/workflows/wave-bundle-docker-build-publish.yaml", "*", "inputs.wave-app-name", "code-injection", "generated"] + - ["h2oai/wave/.github/workflows/wave-bundle-docker-build-publish.yaml", "*", "inputs.working-directory", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hadashia_vcontainer.model.yml b/ql/lib/ext/generated/reusable-workflows/hadashia_vcontainer.model.yml new file mode 100644 index 00000000000..d62c86e1129 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/hadashia_vcontainer.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["hadashia/vcontainer/.github/workflows/update-version-number.yaml", "*", "inputs.dry-run", "code-injection", "generated"] + - ["hadashia/vcontainer/.github/workflows/update-version-number.yaml", "*", "inputs.tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hashicorp_boundary.model.yml b/ql/lib/ext/generated/reusable-workflows/hashicorp_boundary.model.yml new file mode 100644 index 00000000000..8aedf9000a0 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_boundary.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["hashicorp/boundary/.github/workflows/test-cli-ui_oss.yml", "*", "inputs.artifact-name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hashicorp_consul.model.yml b/ql/lib/ext/generated/reusable-workflows/hashicorp_consul.model.yml new file mode 100644 index 00000000000..b14f14538b8 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_consul.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["hashicorp/consul/.github/workflows/reusable-unit.yml", "*", "inputs.package-names-command", "code-injection", "generated"] + - ["hashicorp/consul/.github/workflows/reusable-unit.yml", "*", "inputs.go-test-flags", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-cdk.model.yml b/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-cdk.model.yml new file mode 100644 index 00000000000..3129cac8979 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-cdk.model.yml @@ -0,0 +1,15 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["hashicorp/terraform-cdk/.github/workflows/unit.yml", "*", "inputs.package", "code-injection", "generated"] + - ["hashicorp/terraform-cdk/.github/workflows/registry-docs-pr-based.yml", "*", "inputs.gitUser", "code-injection", "generated"] + - ["hashicorp/terraform-cdk/.github/workflows/registry-docs-pr-based.yml", "*", "inputs.gitEmail", "code-injection", "generated"] + - ["hashicorp/terraform-cdk/.github/workflows/registry-docs-pr-based.yml", "*", "inputs.providerFqn", "code-injection", "generated"] + - ["hashicorp/terraform-cdk/.github/workflows/registry-docs-pr-based.yml", "*", "inputs.parallelConversionsPerDocument", "code-injection", "generated"] + - ["hashicorp/terraform-cdk/.github/workflows/registry-docs-pr-based.yml", "*", "inputs.parallelFileConversions", "code-injection", "generated"] + - ["hashicorp/terraform-cdk/.github/workflows/registry-docs-pr-based.yml", "*", "inputs.languages", "code-injection", "generated"] + - ["hashicorp/terraform-cdk/.github/workflows/registry-docs-pr-based.yml", "*", "inputs.cdktfRegistryDocsVersion", "code-injection", "generated"] + - ["hashicorp/terraform-cdk/.github/workflows/registry-docs-pr-based.yml", "*", "inputs.files", "code-injection", "generated"] + - ["hashicorp/terraform-cdk/.github/workflows/registry-docs-pr-based.yml", "*", "inputs.maxRunners", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-provider-tfe.model.yml b/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-provider-tfe.model.yml new file mode 100644 index 00000000000..a23f69909c7 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-provider-tfe.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["hashicorp/terraform-provider-tfe/.github/workflows/jira-issue-sync.yml", "*", "inputs.issue-extra-fields", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform.model.yml b/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform.model.yml new file mode 100644 index 00000000000..cd91f58c7ec --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["hashicorp/terraform/.github/workflows/build-terraform-cli.yml", "*", "inputs.product-version", "code-injection", "generated"] + - ["hashicorp/terraform/.github/workflows/build-terraform-cli.yml", "*", "inputs.package-name", "code-injection", "generated"] + - ["hashicorp/terraform/.github/workflows/build-terraform-cli.yml", "*", "inputs.goarch", "code-injection", "generated"] + - ["hashicorp/terraform/.github/workflows/build-terraform-cli.yml", "*", "inputs.goos", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hashicorp_vault.model.yml b/ql/lib/ext/generated/reusable-workflows/hashicorp_vault.model.yml new file mode 100644 index 00000000000..f9b7785cab9 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_vault.model.yml @@ -0,0 +1,16 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["hashicorp/vault/.github/workflows/test-run-enos-scenario-matrix.yml", "*", "inputs.sample-max", "code-injection", "generated"] + - ["hashicorp/vault/.github/workflows/test-run-enos-scenario-matrix.yml", "*", "inputs.sample-name", "code-injection", "generated"] + - ["hashicorp/vault/.github/workflows/test-run-enos-scenario-matrix.yml", "*", "inputs.vault-edition", "code-injection", "generated"] + - ["hashicorp/vault/.github/workflows/test-run-enos-scenario-matrix.yml", "*", "inputs.vault-version", "code-injection", "generated"] + - ["hashicorp/vault/.github/workflows/test-run-acc-tests-for-path.yml", "*", "inputs.name", "code-injection", "generated"] + - ["hashicorp/vault/.github/workflows/test-run-acc-tests-for-path.yml", "*", "inputs.path", "code-injection", "generated"] + - ["hashicorp/vault/.github/workflows/test-go.yml", "*", "inputs.name", "code-injection", "generated"] + - ["hashicorp/vault/.github/workflows/test-go.yml", "*", "inputs.go-arch", "code-injection", "generated"] + - ["hashicorp/vault/.github/workflows/test-go.yml", "*", "inputs.binary-tests", "code-injection", "generated"] + - ["hashicorp/vault/.github/workflows/test-go.yml", "*", "inputs.total-runners", "code-injection", "generated"] + - ["hashicorp/vault/.github/workflows/test-enos-scenario-ui.yml", "*", "inputs.storage_backend", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/heroku_cli.model.yml b/ql/lib/ext/generated/reusable-workflows/heroku_cli.model.yml new file mode 100644 index 00000000000..ad0943c3040 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/heroku_cli.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["heroku/cli/.github/workflows/publish-npm.yml", "*", "inputs.isStableRelease", "code-injection", "generated"] + - ["heroku/cli/.github/workflows/promote.yml", "*", "inputs.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hitobito_hitobito.model.yml b/ql/lib/ext/generated/reusable-workflows/hitobito_hitobito.model.yml new file mode 100644 index 00000000000..e263590260f --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/hitobito_hitobito.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["hitobito/hitobito/.github/workflows/sbom.yml", "*", "inputs.project_name", "code-injection", "generated"] + - ["hitobito/hitobito/.github/workflows/sbom.yml", "*", "inputs.dependency_track_url", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/home-assistant_operating-system.model.yml b/ql/lib/ext/generated/reusable-workflows/home-assistant_operating-system.model.yml new file mode 100644 index 00000000000..00b45b50f88 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/home-assistant_operating-system.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["home-assistant/operating-system/.github/workflows/test.yaml", "*", "inputs.version", "code-injection", "generated"] + - ["home-assistant/operating-system/.github/workflows/artifacts-index.yaml", "*", "inputs.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/homuler_mediapipeunityplugin.model.yml b/ql/lib/ext/generated/reusable-workflows/homuler_mediapipeunityplugin.model.yml new file mode 100644 index 00000000000..a5f35f3b737 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/homuler_mediapipeunityplugin.model.yml @@ -0,0 +1,11 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["homuler/mediapipeunityplugin/.github/workflows/package.yml", "*", "inputs.windowsBuildArgs", "code-injection", "generated"] + - ["homuler/mediapipeunityplugin/.github/workflows/package.yml", "*", "inputs.bazelBuildArgs", "code-injection", "generated"] + - ["homuler/mediapipeunityplugin/.github/workflows/package.yml", "*", "inputs.iosBuildArgs", "code-injection", "generated"] + - ["homuler/mediapipeunityplugin/.github/workflows/package.yml", "*", "inputs.macosBuildArgs", "code-injection", "generated"] + - ["homuler/mediapipeunityplugin/.github/workflows/package.yml", "*", "inputs.androidBuildArgs", "code-injection", "generated"] + - ["homuler/mediapipeunityplugin/.github/workflows/package.yml", "*", "inputs.linuxBuildArgs", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/huggingface_doc-builder.model.yml b/ql/lib/ext/generated/reusable-workflows/huggingface_doc-builder.model.yml new file mode 100644 index 00000000000..d0559519627 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/huggingface_doc-builder.model.yml @@ -0,0 +1,14 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["huggingface/doc-builder/.github/workflows/upload_pr_documentation.yml", "*", "inputs.package_name", "code-injection", "generated"] + - ["huggingface/doc-builder/.github/workflows/upload_pr_documentation.yml", "*", "inputs.repo_owner", "code-injection", "generated"] + - ["huggingface/doc-builder/.github/workflows/upload_pr_documentation.yml", "*", "inputs.hub_base_path", "code-injection", "generated"] + - ["huggingface/doc-builder/.github/workflows/build_pr_documentation.yml", "*", "inputs.pr_number", "code-injection", "generated"] + - ["huggingface/doc-builder/.github/workflows/build_pr_documentation.yml", "*", "inputs.commit_sha", "code-injection", "generated"] + - ["huggingface/doc-builder/.github/workflows/build_pr_documentation.yml", "*", "inputs.languages", "code-injection", "generated"] + - ["huggingface/doc-builder/.github/workflows/build_pr_documentation.yml", "*", "inputs.version_tag_suffix", "code-injection", "generated"] + - ["huggingface/doc-builder/.github/workflows/build_pr_documentation.yml", "*", "inputs.additional_args", "code-injection", "generated"] + - ["huggingface/doc-builder/.github/workflows/build_pr_documentation.yml", "*", "inputs.repo_owner", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/huggingface_transformers.model.yml b/ql/lib/ext/generated/reusable-workflows/huggingface_transformers.model.yml new file mode 100644 index 00000000000..ec7b51abd8e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/huggingface_transformers.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["huggingface/transformers/.github/workflows/slack-report.yml", "*", "inputs.folder_slices", "code-injection", "generated"] + - ["huggingface/transformers/.github/workflows/slack-report.yml", "*", "inputs.setup_status", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hyperion-project_hyperion.ng.model.yml b/ql/lib/ext/generated/reusable-workflows/hyperion-project_hyperion.ng.model.yml new file mode 100644 index 00000000000..92fd43bda75 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/hyperion-project_hyperion.ng.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["hyperion-project/hyperion.ng/.github/workflows/qt5_6.yml", "*", "inputs.pull_request_number", "code-injection", "generated"] + - ["hyperion-project/hyperion.ng/.github/workflows/qt5_6.yml", "*", "inputs.qt_version", "code-injection", "generated"] + - ["hyperion-project/hyperion.ng/.github/workflows/qt5_6.yml", "*", "inputs.event_name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/ibm_sarama.model.yml b/ql/lib/ext/generated/reusable-workflows/ibm_sarama.model.yml new file mode 100644 index 00000000000..ca550e4ddd7 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/ibm_sarama.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["ibm/sarama/.github/workflows/fvt.yml", "*", "inputs.kafka-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/icloud-photos-downloader_icloud_photos_downloader.model.yml b/ql/lib/ext/generated/reusable-workflows/icloud-photos-downloader_icloud_photos_downloader.model.yml new file mode 100644 index 00000000000..580ac8bef0b --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/icloud-photos-downloader_icloud_photos_downloader.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["icloud-photos-downloader/icloud_photos_downloader/.github/workflows/build-package.yml", "*", "inputs.icloudpd_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/immich-app_immich.model.yml b/ql/lib/ext/generated/reusable-workflows/immich-app_immich.model.yml new file mode 100644 index 00000000000..463536e9693 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/immich-app_immich.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["immich-app/immich/.github/workflows/build-mobile.yml", "*", "inputs.ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/inria_spoon.model.yml b/ql/lib/ext/generated/reusable-workflows/inria_spoon.model.yml new file mode 100644 index 00000000000..57bf30dc0cc --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/inria_spoon.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["inria/spoon/.github/workflows/jreleaser.yml", "*", "inputs.release-script-to-run", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/intel_intel-device-plugins-for-kubernetes.model.yml b/ql/lib/ext/generated/reusable-workflows/intel_intel-device-plugins-for-kubernetes.model.yml new file mode 100644 index 00000000000..b7e49d46e1c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/intel_intel-device-plugins-for-kubernetes.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["intel/intel-device-plugins-for-kubernetes/.github/workflows/lib-publish.yaml", "*", "inputs.image_tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/inverse-inc_packetfence.model.yml b/ql/lib/ext/generated/reusable-workflows/inverse-inc_packetfence.model.yml new file mode 100644 index 00000000000..89257a02fcd --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/inverse-inc_packetfence.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["inverse-inc/packetfence/.github/workflows/reusable_upload_packages.yml", "*", "inputs._PACKAGE_NAME", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/ispc_ispc.model.yml b/ql/lib/ext/generated/reusable-workflows/ispc_ispc.model.yml new file mode 100644 index 00000000000..a645511766b --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/ispc_ispc.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["ispc/ispc/.github/workflows/reusable.rebuild.yml", "*", "inputs.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/jetbrains_intellij-platform-gradle-plugin.model.yml b/ql/lib/ext/generated/reusable-workflows/jetbrains_intellij-platform-gradle-plugin.model.yml new file mode 100644 index 00000000000..1a7784c9f01 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/jetbrains_intellij-platform-gradle-plugin.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["jetbrains/intellij-platform-gradle-plugin/.github/workflows/reusable-single-unitTest.yml", "*", "inputs.gradleVersion", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/jupyter_docker-stacks.model.yml b/ql/lib/ext/generated/reusable-workflows/jupyter_docker-stacks.model.yml new file mode 100644 index 00000000000..ffb7a7d7d10 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/jupyter_docker-stacks.model.yml @@ -0,0 +1,13 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["jupyter/docker-stacks/.github/workflows/docker-tag-push.yml", "*", "inputs.image", "code-injection", "generated"] + - ["jupyter/docker-stacks/.github/workflows/docker-tag-push.yml", "*", "inputs.variant", "code-injection", "generated"] + - ["jupyter/docker-stacks/.github/workflows/docker-tag-push.yml", "*", "inputs.platform", "code-injection", "generated"] + - ["jupyter/docker-stacks/.github/workflows/docker-merge-tags.yml", "*", "inputs.variant", "code-injection", "generated"] + - ["jupyter/docker-stacks/.github/workflows/docker-merge-tags.yml", "*", "inputs.image", "code-injection", "generated"] + - ["jupyter/docker-stacks/.github/workflows/docker-build-test-upload.yml", "*", "inputs.variant", "code-injection", "generated"] + - ["jupyter/docker-stacks/.github/workflows/docker-build-test-upload.yml", "*", "inputs.image", "code-injection", "generated"] + - ["jupyter/docker-stacks/.github/workflows/docker-build-test-upload.yml", "*", "inputs.platform", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/kairos-io_kairos.model.yml b/ql/lib/ext/generated/reusable-workflows/kairos-io_kairos.model.yml new file mode 100644 index 00000000000..4ae93a83cd8 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/kairos-io_kairos.model.yml @@ -0,0 +1,23 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["kairos-io/kairos/.github/workflows/reusable-zfs-test.yaml", "*", "inputs.flavor", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-upgrade-with-cli-test.yaml", "*", "inputs.flavor_release", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-upgrade-with-cli-test.yaml", "*", "inputs.flavor", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-upgrade-latest-test.yaml", "*", "inputs.family", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-upgrade-latest-test.yaml", "*", "inputs.flavor_release", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-upgrade-latest-test.yaml", "*", "inputs.flavor", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-qemu-reset-test.yaml", "*", "inputs.flavor", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-qemu-netboot-test.yaml", "*", "inputs.base_image", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-qemu-netboot-test.yaml", "*", "inputs.family", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-qemu-netboot-test.yaml", "*", "inputs.model", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-qemu-netboot-test.yaml", "*", "inputs.flavor_release", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-qemu-netboot-test.yaml", "*", "inputs.variant", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-qemu-netboot-test.yaml", "*", "inputs.flavor", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-qemu-bundles-test.yaml", "*", "inputs.flavor", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-qemu-acceptance-test.yaml", "*", "inputs.port", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-qemu-acceptance-test.yaml", "*", "inputs.flavor", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-provider-upgrade-latest-test.yaml", "*", "inputs.flavor_release", "code-injection", "generated"] + - ["kairos-io/kairos/.github/workflows/reusable-provider-upgrade-latest-test.yaml", "*", "inputs.flavor", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/kanidm_kanidm.model.yml b/ql/lib/ext/generated/reusable-workflows/kanidm_kanidm.model.yml new file mode 100644 index 00000000000..a63ddd5da67 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/kanidm_kanidm.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["kanidm/kanidm/.github/workflows/kanidm_individual_book.yml", "*", "inputs.tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/kata-containers_kata-containers.model.yml b/ql/lib/ext/generated/reusable-workflows/kata-containers_kata-containers.model.yml new file mode 100644 index 00000000000..e73d0d81875 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/kata-containers_kata-containers.model.yml @@ -0,0 +1,20 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["kata-containers/kata-containers/.github/workflows/release-s390x.yaml", "*", "inputs.target-arch", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/release-ppc64le.yaml", "*", "inputs.target-arch", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/release-arm64.yaml", "*", "inputs.target-arch", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/release-amd64.yaml", "*", "inputs.target-arch", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/publish-kata-deploy-payload-s390x.yaml", "*", "inputs.tag", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/publish-kata-deploy-payload-s390x.yaml", "*", "inputs.repo", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/publish-kata-deploy-payload-s390x.yaml", "*", "inputs.registry", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/publish-kata-deploy-payload-ppc64le.yaml", "*", "inputs.tag", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/publish-kata-deploy-payload-ppc64le.yaml", "*", "inputs.repo", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/publish-kata-deploy-payload-ppc64le.yaml", "*", "inputs.registry", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/publish-kata-deploy-payload-arm64.yaml", "*", "inputs.tag", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/publish-kata-deploy-payload-arm64.yaml", "*", "inputs.repo", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/publish-kata-deploy-payload-arm64.yaml", "*", "inputs.registry", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/publish-kata-deploy-payload-amd64.yaml", "*", "inputs.tag", "code-injection", "generated"] + - ["kata-containers/kata-containers/.github/workflows/publish-kata-deploy-payload-amd64.yaml", "*", "inputs.repo", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/kiali_kiali.model.yml b/ql/lib/ext/generated/reusable-workflows/kiali_kiali.model.yml new file mode 100644 index 00000000000..3a911989874 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/kiali_kiali.model.yml @@ -0,0 +1,16 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["kiali/kiali/.github/workflows/test-images-creator.yml", "*", "inputs.build_mode", "code-injection", "generated"] + - ["kiali/kiali/.github/workflows/test-images-creator.yml", "*", "inputs.release_branch", "code-injection", "generated"] + - ["kiali/kiali/.github/workflows/test-images-creator.yml", "*", "inputs.images_tag", "code-injection", "generated"] + - ["kiali/kiali/.github/workflows/test-images-creator.yml", "*", "inputs.quay_org", "code-injection", "generated"] + - ["kiali/kiali/.github/workflows/integration-tests-frontend.yml", "*", "inputs.istio_version", "code-injection", "generated"] + - ["kiali/kiali/.github/workflows/integration-tests-frontend-tempo.yml", "*", "inputs.istio_version", "code-injection", "generated"] + - ["kiali/kiali/.github/workflows/integration-tests-frontend-multicluster-primary-remote.yml", "*", "inputs.istio_version", "code-injection", "generated"] + - ["kiali/kiali/.github/workflows/integration-tests-frontend-multicluster-multi-primary.yml", "*", "inputs.istio_version", "code-injection", "generated"] + - ["kiali/kiali/.github/workflows/integration-tests-backend.yml", "*", "inputs.istio_version", "code-injection", "generated"] + - ["kiali/kiali/.github/workflows/integration-tests-backend-multicluster-external-controlplane.yml", "*", "inputs.istio_version", "code-injection", "generated"] + - ["kiali/kiali/.github/workflows/build-frontend.yml", "*", "inputs.target_branch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/kotest_kotest.model.yml b/ql/lib/ext/generated/reusable-workflows/kotest_kotest.model.yml new file mode 100644 index 00000000000..3c525970ecc --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/kotest_kotest.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["kotest/kotest/.github/workflows/run-gradle.yml", "*", "inputs.task", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/kubernetes_ingress-nginx.model.yml b/ql/lib/ext/generated/reusable-workflows/kubernetes_ingress-nginx.model.yml new file mode 100644 index 00000000000..187b3d2fd0a --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/kubernetes_ingress-nginx.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["kubernetes/ingress-nginx/.github/workflows/zz-tmpl-k8s-e2e.yaml", "*", "inputs.k8s-version", "code-injection", "generated"] + - ["kubernetes/ingress-nginx/.github/workflows/zz-tmpl-images.yaml", "*", "inputs.name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/kubescape_kubescape.model.yml b/ql/lib/ext/generated/reusable-workflows/kubescape_kubescape.model.yml new file mode 100644 index 00000000000..3e11359c6b3 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/kubescape_kubescape.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["kubescape/kubescape/.github/workflows/d-publish-image.yaml", "*", "inputs.image_tag", "code-injection", "generated"] + - ["kubescape/kubescape/.github/workflows/d-publish-image.yaml", "*", "inputs.image_name", "code-injection", "generated"] + - ["kubescape/kubescape/.github/workflows/d-publish-image.yaml", "*", "inputs.client", "code-injection", "generated"] + - ["kubescape/kubescape/.github/workflows/a-pr-scanner.yaml", "*", "inputs.UNIT_TESTS_PATH", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/kubeshop_botkube.model.yml b/ql/lib/ext/generated/reusable-workflows/kubeshop_botkube.model.yml new file mode 100644 index 00000000000..50bbdaf8153 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/kubeshop_botkube.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["kubeshop/botkube/.github/workflows/process-chart.yml", "*", "inputs.next-version", "code-injection", "generated"] + - ["kubeshop/botkube/.github/workflows/process-chart.yml", "*", "inputs.release-branch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/kumahq_kuma.model.yml b/ql/lib/ext/generated/reusable-workflows/kumahq_kuma.model.yml new file mode 100644 index 00000000000..9f30976bbad --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/kumahq_kuma.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["kumahq/kuma/.github/workflows/_build_publish.yaml", "*", "inputs.VERSION_NAME", "code-injection", "generated"] + - ["kumahq/kuma/.github/workflows/_build_publish.yaml", "*", "inputs.REGISTRY", "code-injection", "generated"] + - ["kumahq/kuma/.github/workflows/_test.yaml", "*", "inputs.FULL_MATRIX", "code-injection", "generated"] + - ["kumahq/kuma/.github/workflows/_e2e.yaml", "*", "inputs.matrix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/labring_sealos.model.yml b/ql/lib/ext/generated/reusable-workflows/labring_sealos.model.yml new file mode 100644 index 00000000000..81a419fec0d --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/labring_sealos.model.yml @@ -0,0 +1,15 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["labring/sealos/.github/workflows/services.yml", "*", "inputs.push_image_tag", "code-injection", "generated"] + - ["labring/sealos/.github/workflows/services.yml", "*", "inputs.push_image", "code-injection", "generated"] + - ["labring/sealos/.github/workflows/objectstorage.yaml", "*", "inputs.build_from", "code-injection", "generated"] + - ["labring/sealos/.github/workflows/objectstorage.yaml", "*", "inputs.push_image_tag", "code-injection", "generated"] + - ["labring/sealos/.github/workflows/objectstorage.yaml", "*", "inputs.push_image", "code-injection", "generated"] + - ["labring/sealos/.github/workflows/import-patch-image.yml", "*", "inputs.arch", "code-injection", "generated"] + - ["labring/sealos/.github/workflows/frontend.yml", "*", "inputs.push_image_tag", "code-injection", "generated"] + - ["labring/sealos/.github/workflows/frontend.yml", "*", "inputs.push_image", "code-injection", "generated"] + - ["labring/sealos/.github/workflows/controllers.yml", "*", "inputs.push_image_tag", "code-injection", "generated"] + - ["labring/sealos/.github/workflows/controllers.yml", "*", "inputs.push_image", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/laion-ai_open-assistant.model.yml b/ql/lib/ext/generated/reusable-workflows/laion-ai_open-assistant.model.yml new file mode 100644 index 00000000000..35fd748afbe --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/laion-ai_open-assistant.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["laion-ai/open-assistant/.github/workflows/docker-build.yaml", "*", "inputs.context", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/learningequality_kolibri.model.yml b/ql/lib/ext/generated/reusable-workflows/learningequality_kolibri.model.yml new file mode 100644 index 00000000000..192b1b60843 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/learningequality_kolibri.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["learningequality/kolibri/.github/workflows/upload_github_release_asset.yml", "*", "inputs.release_id", "code-injection", "generated"] + - ["learningequality/kolibri/.github/workflows/upload_github_release_asset.yml", "*", "inputs.filename", "code-injection", "generated"] + - ["learningequality/kolibri/.github/workflows/pypi_upload.yml", "*", "inputs.tar-file-name", "code-injection", "generated"] + - ["learningequality/kolibri/.github/workflows/pypi_upload.yml", "*", "inputs.whl-file-name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/lensesio_stream-reactor.model.yml b/ql/lib/ext/generated/reusable-workflows/lensesio_stream-reactor.model.yml new file mode 100644 index 00000000000..5a397f743a3 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/lensesio_stream-reactor.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["lensesio/stream-reactor/.github/workflows/build.yml", "*", "inputs.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/leptos-rs_leptos.model.yml b/ql/lib/ext/generated/reusable-workflows/leptos-rs_leptos.model.yml new file mode 100644 index 00000000000..97f40ee7c07 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/leptos-rs_leptos.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["leptos-rs/leptos/.github/workflows/run-cargo-make-task.yml", "*", "inputs.directory", "code-injection", "generated"] + - ["leptos-rs/leptos/.github/workflows/run-cargo-make-task.yml", "*", "inputs.cargo_make_task", "code-injection", "generated"] + - ["leptos-rs/leptos/.github/workflows/get-changed-examples-matrix.yml", "*", "inputs.example_changed", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/lightning-ai_pytorch-lightning.model.yml b/ql/lib/ext/generated/reusable-workflows/lightning-ai_pytorch-lightning.model.yml new file mode 100644 index 00000000000..293939322e2 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/lightning-ai_pytorch-lightning.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["lightning-ai/pytorch-lightning/.github/workflows/_legacy-checkpoints.yml", "*", "inputs.push_to_s3", "code-injection", "generated"] + - ["lightning-ai/pytorch-lightning/.github/workflows/_legacy-checkpoints.yml", "*", "inputs.pl_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/liquibase_liquibase.model.yml b/ql/lib/ext/generated/reusable-workflows/liquibase_liquibase.model.yml new file mode 100644 index 00000000000..c3aa198743d --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/liquibase_liquibase.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["liquibase/liquibase/.github/workflows/build-azure-uber-jar.yml", "*", "inputs.liquibase-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/litestar-org_litestar.model.yml b/ql/lib/ext/generated/reusable-workflows/litestar-org_litestar.model.yml new file mode 100644 index 00000000000..1ea78b01cd6 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/litestar-org_litestar.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["litestar-org/litestar/.github/workflows/test.yml", "*", "inputs.python-version", "code-injection", "generated"] + - ["litestar-org/litestar/.github/workflows/notify-released-issues.yml", "*", "inputs.release_tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/llvm_circt.model.yml b/ql/lib/ext/generated/reusable-workflows/llvm_circt.model.yml new file mode 100644 index 00000000000..23bd3adc5a4 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/llvm_circt.model.yml @@ -0,0 +1,13 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["llvm/circt/.github/workflows/unifiedBuildTestAndInstall.yml", "*", "inputs.package_name_prefix", "code-injection", "generated"] + - ["llvm/circt/.github/workflows/unifiedBuildTestAndInstall.yml", "*", "inputs.install", "code-injection", "generated"] + - ["llvm/circt/.github/workflows/unifiedBuildTestAndInstall.yml", "*", "inputs.llvm_force_enable_stats", "code-injection", "generated"] + - ["llvm/circt/.github/workflows/unifiedBuildTestAndInstall.yml", "*", "inputs.llvm_enable_assertions", "code-injection", "generated"] + - ["llvm/circt/.github/workflows/unifiedBuildTestAndInstall.yml", "*", "inputs.build_shared_libs", "code-injection", "generated"] + - ["llvm/circt/.github/workflows/unifiedBuildTestAndInstall.yml", "*", "inputs.cmake_build_type", "code-injection", "generated"] + - ["llvm/circt/.github/workflows/unifiedBuildTestAndInstall.yml", "*", "inputs.cmake_cxx_compiler", "code-injection", "generated"] + - ["llvm/circt/.github/workflows/unifiedBuildTestAndInstall.yml", "*", "inputs.cmake_c_compiler", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/lnbits_lnbits.model.yml b/ql/lib/ext/generated/reusable-workflows/lnbits_lnbits.model.yml new file mode 100644 index 00000000000..77c7570ec0e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/lnbits_lnbits.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["lnbits/lnbits/.github/workflows/make.yml", "*", "inputs.make", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/lutris_lutris.model.yml b/ql/lib/ext/generated/reusable-workflows/lutris_lutris.model.yml new file mode 100644 index 00000000000..46cc5092355 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/lutris_lutris.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["lutris/lutris/.github/workflows/publish-ppa.yml", "*", "inputs.PPA_URI", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mailu_mailu.model.yml b/ql/lib/ext/generated/reusable-workflows/mailu_mailu.model.yml new file mode 100644 index 00000000000..78a5584d04b --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/mailu_mailu.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["mailu/mailu/.github/workflows/build_test_deploy.yml", "*", "inputs.pinned_mailu_version", "code-injection", "generated"] + - ["mailu/mailu/.github/workflows/build_test_deploy.yml", "*", "inputs.mailu_version", "code-injection", "generated"] + - ["mailu/mailu/.github/workflows/build_test_deploy.yml", "*", "inputs.docker_org", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mamba-org_mamba.model.yml b/ql/lib/ext/generated/reusable-workflows/mamba-org_mamba.model.yml new file mode 100644 index 00000000000..1c3e5b565be --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/mamba-org_mamba.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["mamba-org/mamba/.github/workflows/windows_impl.yml", "*", "inputs.build_type", "code-injection", "generated"] + - ["mamba-org/mamba/.github/workflows/unix_impl.yml", "*", "inputs.build_type", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/manticoresoftware_manticoresearch.model.yml b/ql/lib/ext/generated/reusable-workflows/manticoresoftware_manticoresearch.model.yml new file mode 100644 index 00000000000..7e8d8061fc5 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/manticoresoftware_manticoresearch.model.yml @@ -0,0 +1,14 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["manticoresoftware/manticoresearch/.github/workflows/win_test_template.yml", "*", "inputs.CTEST_END", "code-injection", "generated"] + - ["manticoresoftware/manticoresearch/.github/workflows/win_test_template.yml", "*", "inputs.CTEST_START", "code-injection", "generated"] + - ["manticoresoftware/manticoresearch/.github/workflows/test_template.yml", "*", "inputs.xml_command", "code-injection", "generated"] + - ["manticoresoftware/manticoresearch/.github/workflows/test_template.yml", "*", "inputs.artifact_name", "code-injection", "generated"] + - ["manticoresoftware/manticoresearch/.github/workflows/build_template.yml", "*", "inputs.cmake_command", "code-injection", "generated"] + - ["manticoresoftware/manticoresearch/.github/workflows/build_template.yml", "*", "inputs.artifact_name", "code-injection", "generated"] + - ["manticoresoftware/manticoresearch/.github/workflows/build_template.yml", "*", "inputs.CTEST_CONFIGURATION_TYPE", "code-injection", "generated"] + - ["manticoresoftware/manticoresearch/.github/workflows/build_template.yml", "*", "inputs.arch", "code-injection", "generated"] + - ["manticoresoftware/manticoresearch/.github/workflows/build_template.yml", "*", "inputs.DISTR", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/marcelotduarte_cx_freeze.model.yml b/ql/lib/ext/generated/reusable-workflows/marcelotduarte_cx_freeze.model.yml new file mode 100644 index 00000000000..21e3fdb8874 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/marcelotduarte_cx_freeze.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["marcelotduarte/cx_freeze/.github/workflows/build-wheel.yml", "*", "inputs.branch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/materialdesigninxaml_materialdesigninxamltoolkit.model.yml b/ql/lib/ext/generated/reusable-workflows/materialdesigninxaml_materialdesigninxamltoolkit.model.yml new file mode 100644 index 00000000000..67e49a5716c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/materialdesigninxaml_materialdesigninxamltoolkit.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["materialdesigninxaml/materialdesigninxamltoolkit/.github/workflows/build_artifacts.yml", "*", "inputs.mdix-mahapps-version", "code-injection", "generated"] + - ["materialdesigninxaml/materialdesigninxamltoolkit/.github/workflows/build_artifacts.yml", "*", "inputs.mdix-colors-version", "code-injection", "generated"] + - ["materialdesigninxaml/materialdesigninxamltoolkit/.github/workflows/build_artifacts.yml", "*", "inputs.mdix-version", "code-injection", "generated"] + - ["materialdesigninxaml/materialdesigninxamltoolkit/.github/workflows/build_artifacts.yml", "*", "inputs.build-configuration", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/matter-labs_zksync-era.model.yml b/ql/lib/ext/generated/reusable-workflows/matter-labs_zksync-era.model.yml new file mode 100644 index 00000000000..2f30003359c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/matter-labs_zksync-era.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["matter-labs/zksync-era/.github/workflows/ci-core-reusable.yml", "*", "inputs.compilers", "code-injection", "generated"] + - ["matter-labs/zksync-era/.github/workflows/build-prover-template.yml", "*", "inputs.image_tag_suffix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mattermost_desktop.model.yml b/ql/lib/ext/generated/reusable-workflows/mattermost_desktop.model.yml new file mode 100644 index 00000000000..ed9091f37ae --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/mattermost_desktop.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["mattermost/desktop/.github/workflows/e2e-functional-template.yml", "*", "inputs.nightly", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mattermost_mattermost.model.yml b/ql/lib/ext/generated/reusable-workflows/mattermost_mattermost.model.yml new file mode 100644 index 00000000000..d940c6a98b0 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/mattermost_mattermost.model.yml @@ -0,0 +1,10 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["mattermost/mattermost/.github/workflows/server-test-template.yml", "*", "inputs.name", "code-injection", "generated"] + - ["mattermost/mattermost/.github/workflows/server-test-template.yml", "*", "inputs.drivername", "code-injection", "generated"] + - ["mattermost/mattermost/.github/workflows/server-test-template.yml", "*", "inputs.datasource", "code-injection", "generated"] + - ["mattermost/mattermost/.github/workflows/mmctl-test-template.yml", "*", "inputs.datasource", "code-injection", "generated"] + - ["mattermost/mattermost/.github/workflows/esrupgrade-common.yml", "*", "inputs.db-dump-url", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mealie-recipes_mealie.model.yml b/ql/lib/ext/generated/reusable-workflows/mealie-recipes_mealie.model.yml new file mode 100644 index 00000000000..57b56667fbe --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/mealie-recipes_mealie.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["mealie-recipes/mealie/.github/workflows/partial-builder.yml", "*", "inputs.tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/meshery_meshery.model.yml b/ql/lib/ext/generated/reusable-workflows/meshery_meshery.model.yml new file mode 100644 index 00000000000..4ffee539cd4 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/meshery_meshery.model.yml @@ -0,0 +1,16 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["meshery/meshery/.github/workflows/test_adaptersv2.yaml", "*", "inputs.adapter_version", "code-injection", "generated"] + - ["meshery/meshery/.github/workflows/test_adaptersv2.yaml", "*", "inputs.sm_version", "code-injection", "generated"] + - ["meshery/meshery/.github/workflows/test_adaptersv2.yaml", "*", "inputs.expected_resources_namespaces", "code-injection", "generated"] + - ["meshery/meshery/.github/workflows/test_adaptersv2.yaml", "*", "inputs.expected_resources_types", "code-injection", "generated"] + - ["meshery/meshery/.github/workflows/test_adaptersv2.yaml", "*", "inputs.expected_resources", "code-injection", "generated"] + - ["meshery/meshery/.github/workflows/test_adaptersv2.yaml", "*", "inputs.adapter_name", "code-injection", "generated"] + - ["meshery/meshery/.github/workflows/test_adaptersv2.yaml", "*", "inputs.patternfile_name", "code-injection", "generated"] + - ["meshery/meshery/.github/workflows/test_adaptersv2.yaml", "*", "inputs.service_url", "code-injection", "generated"] + - ["meshery/meshery/.github/workflows/test_adaptersv2.yaml", "*", "inputs.deployment_url", "code-injection", "generated"] + - ["meshery/meshery/.github/workflows/test_adaptersv2.yaml", "*", "inputs.provider", "code-injection", "generated"] + - ["meshery/meshery/.github/workflows/test_adapters.yaml", "*", "inputs.adapter_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/meshtastic_firmware.model.yml b/ql/lib/ext/generated/reusable-workflows/meshtastic_firmware.model.yml new file mode 100644 index 00000000000..bfe525b2c0e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/meshtastic_firmware.model.yml @@ -0,0 +1,10 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["meshtastic/firmware/.github/workflows/build_rpi2040.yml", "*", "inputs.board", "code-injection", "generated"] + - ["meshtastic/firmware/.github/workflows/build_nrf52.yml", "*", "inputs.board", "code-injection", "generated"] + - ["meshtastic/firmware/.github/workflows/build_esp32_s3.yml", "*", "inputs.board", "code-injection", "generated"] + - ["meshtastic/firmware/.github/workflows/build_esp32_c3.yml", "*", "inputs.board", "code-injection", "generated"] + - ["meshtastic/firmware/.github/workflows/build_esp32.yml", "*", "inputs.board", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/microcks_microcks.model.yml b/ql/lib/ext/generated/reusable-workflows/microcks_microcks.model.yml new file mode 100644 index 00000000000..647bd0ae193 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/microcks_microcks.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["microcks/microcks/.github/workflows/package-native.yml", "*", "inputs.image-tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_applicationinsights-java.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_applicationinsights-java.model.yml new file mode 100644 index 00000000000..b09fcb7f102 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_applicationinsights-java.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["microsoft/applicationinsights-java/.github/workflows/reusable-scheduled-job-notification.yml", "*", "inputs.success", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_chat-copilot.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_chat-copilot.model.yml new file mode 100644 index 00000000000..f83101f511c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_chat-copilot.model.yml @@ -0,0 +1,11 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["microsoft/chat-copilot/.github/workflows/copilot-run-integration-tests.yml", "*", "inputs.BACKEND_HOST", "code-injection", "generated"] + - ["microsoft/chat-copilot/.github/workflows/copilot-deploy-plugins.yml", "*", "inputs.DEPLOYMENT_NAME", "code-injection", "generated"] + - ["microsoft/chat-copilot/.github/workflows/copilot-deploy-plugins.yml", "*", "inputs.ARTIFACT_NAME", "code-injection", "generated"] + - ["microsoft/chat-copilot/.github/workflows/copilot-deploy-memorypipeline.yml", "*", "inputs.DEPLOYMENT_NAME", "code-injection", "generated"] + - ["microsoft/chat-copilot/.github/workflows/copilot-deploy-backend.yml", "*", "inputs.DEPLOYMENT_NAME", "code-injection", "generated"] + - ["microsoft/chat-copilot/.github/workflows/copilot-deploy-backend.yml", "*", "inputs.ARTIFACT_NAME", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_msquic.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_msquic.model.yml new file mode 100644 index 00000000000..7a60c93516d --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_msquic.model.yml @@ -0,0 +1,18 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["microsoft/msquic/.github/workflows/build-reuse-winkernel.yml", "*", "inputs.arch", "code-injection", "generated"] + - ["microsoft/msquic/.github/workflows/build-reuse-winkernel.yml", "*", "inputs.tls", "code-injection", "generated"] + - ["microsoft/msquic/.github/workflows/build-reuse-winkernel.yml", "*", "inputs.config", "code-injection", "generated"] + - ["microsoft/msquic/.github/workflows/build-reuse-win.yml", "*", "inputs.sanitize", "code-injection", "generated"] + - ["microsoft/msquic/.github/workflows/build-reuse-win.yml", "*", "inputs.plat", "code-injection", "generated"] + - ["microsoft/msquic/.github/workflows/build-reuse-win.yml", "*", "inputs.arch", "code-injection", "generated"] + - ["microsoft/msquic/.github/workflows/build-reuse-win.yml", "*", "inputs.static", "code-injection", "generated"] + - ["microsoft/msquic/.github/workflows/build-reuse-win.yml", "*", "inputs.tls", "code-injection", "generated"] + - ["microsoft/msquic/.github/workflows/build-reuse-win.yml", "*", "inputs.config", "code-injection", "generated"] + - ["microsoft/msquic/.github/workflows/build-reuse-unix.yml", "*", "inputs.sanitize", "code-injection", "generated"] + - ["microsoft/msquic/.github/workflows/build-reuse-unix.yml", "*", "inputs.codecheck", "code-injection", "generated"] + - ["microsoft/msquic/.github/workflows/build-reuse-unix.yml", "*", "inputs.systemcrypto", "code-injection", "generated"] + - ["microsoft/msquic/.github/workflows/build-reuse-unix.yml", "*", "inputs.plat", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_oryx.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_oryx.model.yml new file mode 100644 index 00000000000..14d7e741dac --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_oryx.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["microsoft/oryx/.github/workflows/automationTemplate.yaml", "*", "inputs.platformName", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_pr-metrics.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_pr-metrics.model.yml new file mode 100644 index 00000000000..bb0e3a6a2b6 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_pr-metrics.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["microsoft/pr-metrics/.github/workflows/release-phase-1-internal.yml", "*", "inputs.patch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_react-native-windows-samples.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_react-native-windows-samples.model.yml new file mode 100644 index 00000000000..aa8f4e6b518 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_react-native-windows-samples.model.yml @@ -0,0 +1,13 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["microsoft/react-native-windows-samples/.github/workflows/template-upgradesample.yml", "*", "inputs.extraRunWindowsArgs", "code-injection", "generated"] + - ["microsoft/react-native-windows-samples/.github/workflows/template-upgradesample.yml", "*", "inputs.platform", "code-injection", "generated"] + - ["microsoft/react-native-windows-samples/.github/workflows/template-upgradesample.yml", "*", "inputs.extraInitWindowsArgs", "code-injection", "generated"] + - ["microsoft/react-native-windows-samples/.github/workflows/template-upgradesample.yml", "*", "inputs.reactNativeWindowsVersion", "code-injection", "generated"] + - ["microsoft/react-native-windows-samples/.github/workflows/template-upgradesample.yml", "*", "inputs.sampleName", "code-injection", "generated"] + - ["microsoft/react-native-windows-samples/.github/workflows/template-buildsample.yml", "*", "inputs.extraRunWindowsArgs", "code-injection", "generated"] + - ["microsoft/react-native-windows-samples/.github/workflows/template-buildsample.yml", "*", "inputs.platform", "code-injection", "generated"] + - ["microsoft/react-native-windows-samples/.github/workflows/template-buildsample.yml", "*", "inputs.sampleName", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_vscode-cpptools.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_vscode-cpptools.model.yml new file mode 100644 index 00000000000..c9af1a40ddc --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_vscode-cpptools.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["microsoft/vscode-cpptools/.github/workflows/job-compile-and-test.yml", "*", "inputs.yarn-args", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/moby_buildkit.model.yml b/ql/lib/ext/generated/reusable-workflows/moby_buildkit.model.yml new file mode 100644 index 00000000000..863bc645d98 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/moby_buildkit.model.yml @@ -0,0 +1,10 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["moby/buildkit/.github/workflows/.test.yml", "*", "inputs.env", "code-injection", "generated"] + - ["moby/buildkit/.github/workflows/.test.yml", "*", "inputs.includes", "code-injection", "generated"] + - ["moby/buildkit/.github/workflows/.test.yml", "*", "inputs.tags", "code-injection", "generated"] + - ["moby/buildkit/.github/workflows/.test.yml", "*", "inputs.kinds", "code-injection", "generated"] + - ["moby/buildkit/.github/workflows/.test.yml", "*", "inputs.pkgs", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/moby_moby.model.yml b/ql/lib/ext/generated/reusable-workflows/moby_moby.model.yml new file mode 100644 index 00000000000..6e898a4e452 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/moby_moby.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["moby/moby/.github/workflows/.windows.yml", "*", "inputs.storage", "code-injection", "generated"] + - ["moby/moby/.github/workflows/.windows.yml", "*", "inputs.os", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mosaicml_composer.model.yml b/ql/lib/ext/generated/reusable-workflows/mosaicml_composer.model.yml new file mode 100644 index 00000000000..a08a96a897e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/mosaicml_composer.model.yml @@ -0,0 +1,11 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["mosaicml/composer/.github/workflows/docker-configure-build-push.yaml", "*", "inputs.context", "code-injection", "generated"] + - ["mosaicml/composer/.github/workflows/docker-configure-build-push.yaml", "*", "inputs.tags", "code-injection", "generated"] + - ["mosaicml/composer/.github/workflows/docker-configure-build-push.yaml", "*", "inputs.image-name", "code-injection", "generated"] + - ["mosaicml/composer/.github/workflows/docker-configure-build-push.yaml", "*", "inputs.image-uuid", "code-injection", "generated"] + - ["mosaicml/composer/.github/workflows/docker-configure-build-push.yaml", "*", "inputs.staging-repo", "code-injection", "generated"] + - ["mosaicml/composer/.github/workflows/docker-configure-build-push.yaml", "*", "inputs.staging", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/msys2_setup-msys2.model.yml b/ql/lib/ext/generated/reusable-workflows/msys2_setup-msys2.model.yml new file mode 100644 index 00000000000..f7aafb13455 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/msys2_setup-msys2.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["msys2/setup-msys2/.github/workflows/PKGBUILD.yml", "*", "inputs.test", "code-injection", "generated"] + - ["msys2/setup-msys2/.github/workflows/PKGBUILD.yml", "*", "inputs.path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mudler_localai.model.yml b/ql/lib/ext/generated/reusable-workflows/mudler_localai.model.yml new file mode 100644 index 00000000000..6107ae0e57c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/mudler_localai.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["mudler/localai/.github/workflows/image_build.yml", "*", "inputs.latest-image-aio", "code-injection", "generated"] + - ["mudler/localai/.github/workflows/image_build.yml", "*", "inputs.latest-image", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mustardchef_wsabuilds.model.yml b/ql/lib/ext/generated/reusable-workflows/mustardchef_wsabuilds.model.yml new file mode 100644 index 00000000000..74e0182cc4f --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/mustardchef_wsabuilds.model.yml @@ -0,0 +1,15 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["mustardchef/wsabuilds/.github/workflows/buildarm64.yml", "*", "inputs.amazonflag", "code-injection", "generated"] + - ["mustardchef/wsabuilds/.github/workflows/buildarm64.yml", "*", "inputs.magiskver", "code-injection", "generated"] + - ["mustardchef/wsabuilds/.github/workflows/buildarm64.yml", "*", "inputs.root", "code-injection", "generated"] + - ["mustardchef/wsabuilds/.github/workflows/buildarm64.yml", "*", "inputs.gapps", "code-injection", "generated"] + - ["mustardchef/wsabuilds/.github/workflows/buildarm64.yml", "*", "inputs.arch", "code-injection", "generated"] + - ["mustardchef/wsabuilds/.github/workflows/build.yml", "*", "inputs.amazonflag", "code-injection", "generated"] + - ["mustardchef/wsabuilds/.github/workflows/build.yml", "*", "inputs.magiskver", "code-injection", "generated"] + - ["mustardchef/wsabuilds/.github/workflows/build.yml", "*", "inputs.root", "code-injection", "generated"] + - ["mustardchef/wsabuilds/.github/workflows/build.yml", "*", "inputs.gapps", "code-injection", "generated"] + - ["mustardchef/wsabuilds/.github/workflows/build.yml", "*", "inputs.arch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/n8n-io_n8n.model.yml b/ql/lib/ext/generated/reusable-workflows/n8n-io_n8n.model.yml new file mode 100644 index 00000000000..4bbd06a86f5 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/n8n-io_n8n.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["n8n-io/n8n/.github/workflows/e2e-reusable.yml", "*", "inputs.pr_number", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/napari_napari.model.yml b/ql/lib/ext/generated/reusable-workflows/napari_napari.model.yml new file mode 100644 index 00000000000..59bdab8f39b --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/napari_napari.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["napari/napari/.github/workflows/reusable_run_tox_test.yml", "*", "inputs.qt_backend", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/nasa_fprime.model.yml b/ql/lib/ext/generated/reusable-workflows/nasa_fprime.model.yml new file mode 100644 index 00000000000..6988e25d41c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/nasa_fprime.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["nasa/fprime/.github/workflows/reusable-project-builder.yml", "*", "inputs.target_platform", "code-injection", "generated"] + - ["nasa/fprime/.github/workflows/reusable-project-builder.yml", "*", "inputs.fprime_location", "code-injection", "generated"] + - ["nasa/fprime/.github/workflows/reusable-get-pr-branch.yml", "*", "inputs.default_target_ref", "code-injection", "generated"] + - ["nasa/fprime/.github/workflows/reusable-get-pr-branch.yml", "*", "inputs.target_repository", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/nautobot_nautobot.model.yml b/ql/lib/ext/generated/reusable-workflows/nautobot_nautobot.model.yml new file mode 100644 index 00000000000..3c025f59b78 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/nautobot_nautobot.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["nautobot/nautobot/.github/workflows/plugin_upstream_testing_base.yml", "*", "inputs.invoke_context_name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/nektos_act.model.yml b/ql/lib/ext/generated/reusable-workflows/nektos_act.model.yml new file mode 100644 index 00000000000..5de0d170d40 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/nektos_act.model.yml @@ -0,0 +1,13 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["nektos/act/pkg/runner/testdata/workflow_call_inputs/workflow_call_inputs.yml", "*", "inputs.with_default", "code-injection", "generated"] + - ["nektos/act/pkg/runner/testdata/workflow_call_inputs/workflow_call_inputs.yml", "*", "inputs.required", "code-injection", "generated"] + - ["nektos/act/pkg/runner/testdata/.github/workflows/local-reusable-workflow.yml", "*", "inputs.string_required", "code-injection", "generated"] + - ["nektos/act/pkg/runner/testdata/.github/workflows/local-reusable-workflow.yml", "*", "inputs.number_optional", "code-injection", "generated"] + - ["nektos/act/pkg/runner/testdata/.github/workflows/local-reusable-workflow.yml", "*", "inputs.number_required", "code-injection", "generated"] + - ["nektos/act/pkg/runner/testdata/.github/workflows/local-reusable-workflow.yml", "*", "inputs.bool_optional", "code-injection", "generated"] + - ["nektos/act/pkg/runner/testdata/.github/workflows/local-reusable-workflow.yml", "*", "inputs.bool_required", "code-injection", "generated"] + - ["nektos/act/pkg/runner/testdata/.github/workflows/local-reusable-workflow.yml", "*", "inputs.string_optional", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/neovim_neovim.model.yml b/ql/lib/ext/generated/reusable-workflows/neovim_neovim.model.yml new file mode 100644 index 00000000000..19d38d1241d --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/neovim_neovim.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["neovim/neovim/.github/workflows/test_windows.yml", "*", "inputs.build_flags", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/nethermindeth_nethermind.model.yml b/ql/lib/ext/generated/reusable-workflows/nethermindeth_nethermind.model.yml new file mode 100644 index 00000000000..b1c787677a6 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/nethermindeth_nethermind.model.yml @@ -0,0 +1,11 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["nethermindeth/nethermind/.github/workflows/run-a-single-node-from-branch.yml", "*", "inputs.custom_run_id", "code-injection", "generated"] + - ["nethermindeth/nethermind/.github/workflows/run-a-single-node-from-branch.yml", "*", "inputs.non_validator_mode", "code-injection", "generated"] + - ["nethermindeth/nethermind/.github/workflows/run-a-single-node-from-branch.yml", "*", "inputs.additional_optimism_options", "code-injection", "generated"] + - ["nethermindeth/nethermind/.github/workflows/run-a-single-node-from-branch.yml", "*", "inputs.network", "code-injection", "generated"] + - ["nethermindeth/nethermind/.github/workflows/run-a-single-node-from-branch.yml", "*", "inputs.additional_options", "code-injection", "generated"] + - ["nethermindeth/nethermind/.github/workflows/run-a-single-node-from-branch.yml", "*", "inputs.cl_client", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-dotnet-agent.model.yml b/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-dotnet-agent.model.yml new file mode 100644 index 00000000000..249c734f55b --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-dotnet-agent.model.yml @@ -0,0 +1,10 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["newrelic/newrelic-dotnet-agent/.github/workflows/publish_release_notes.yml", "*", "inputs.agent_version", "code-injection", "generated"] + - ["newrelic/newrelic-dotnet-agent/.github/workflows/post_deploy_agent.yml", "*", "inputs.test_mode", "code-injection", "generated"] + - ["newrelic/newrelic-dotnet-agent/.github/workflows/multiverse_run.yml", "*", "inputs.agentVersion", "code-injection", "generated"] + - ["newrelic/newrelic-dotnet-agent/.github/workflows/build_download_site_index_files.yml", "*", "inputs.dry-run", "code-injection", "generated"] + - ["newrelic/newrelic-dotnet-agent/.github/workflows/build_download_site_index_files.yml", "*", "inputs.prefix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-java-agent.model.yml b/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-java-agent.model.yml new file mode 100644 index 00000000000..46951b5436d --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-java-agent.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["newrelic/newrelic-java-agent/.github/workflows/X-Reusable-VerifyInstrumentation.yml", "*", "inputs.page", "code-injection", "generated"] + - ["newrelic/newrelic-java-agent/.github/workflows/GHA-Unit-Tests.yaml", "*", "inputs.agent-ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/newrelic_node-newrelic.model.yml b/ql/lib/ext/generated/reusable-workflows/newrelic_node-newrelic.model.yml new file mode 100644 index 00000000000..cd1d0f318ef --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/newrelic_node-newrelic.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["newrelic/node-newrelic/.github/workflows/release-creation.yml", "*", "inputs.changelog_file", "code-injection", "generated"] + - ["newrelic/node-newrelic/.github/workflows/release-creation.yml", "*", "inputs.workflows", "code-injection", "generated"] + - ["newrelic/node-newrelic/.github/workflows/prep-release.yml", "*", "inputs.changelog_file", "code-injection", "generated"] + - ["newrelic/node-newrelic/.github/workflows/prep-release.yml", "*", "inputs.release_type", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/nexus-mods_nexusmods.app.model.yml b/ql/lib/ext/generated/reusable-workflows/nexus-mods_nexusmods.app.model.yml new file mode 100644 index 00000000000..4055874a790 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/nexus-mods_nexusmods.app.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["nexus-mods/nexusmods.app/.github/workflows/build-windows-pupnet.yaml", "*", "inputs.AppVersion", "code-injection", "generated"] + - ["nexus-mods/nexusmods.app/.github/workflows/build-windows-pupnet.yaml", "*", "inputs.PupNetVersion", "code-injection", "generated"] + - ["nexus-mods/nexusmods.app/.github/workflows/build-linux-pupnet.yaml", "*", "inputs.AppVersion", "code-injection", "generated"] + - ["nexus-mods/nexusmods.app/.github/workflows/build-linux-pupnet.yaml", "*", "inputs.PupNetVersion", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/nginxinc_kubernetes-ingress.model.yml b/ql/lib/ext/generated/reusable-workflows/nginxinc_kubernetes-ingress.model.yml new file mode 100644 index 00000000000..bccd7271b08 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/nginxinc_kubernetes-ingress.model.yml @@ -0,0 +1,16 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["nginxinc/kubernetes-ingress/.github/workflows/retag-images.yml", "*", "inputs.target_tag", "code-injection", "generated"] + - ["nginxinc/kubernetes-ingress/.github/workflows/retag-images.yml", "*", "inputs.source_tag", "code-injection", "generated"] + - ["nginxinc/kubernetes-ingress/.github/workflows/retag-images.yml", "*", "inputs.dry_run", "code-injection", "generated"] + - ["nginxinc/kubernetes-ingress/.github/workflows/plus-release.yml", "*", "inputs.target_tag", "code-injection", "generated"] + - ["nginxinc/kubernetes-ingress/.github/workflows/plus-release.yml", "*", "inputs.source_tag", "code-injection", "generated"] + - ["nginxinc/kubernetes-ingress/.github/workflows/plus-release.yml", "*", "inputs.dry_run", "code-injection", "generated"] + - ["nginxinc/kubernetes-ingress/.github/workflows/plus-release.yml", "*", "inputs.short_target_tag", "code-injection", "generated"] + - ["nginxinc/kubernetes-ingress/.github/workflows/oss-release.yml", "*", "inputs.short_target_tag", "code-injection", "generated"] + - ["nginxinc/kubernetes-ingress/.github/workflows/oss-release.yml", "*", "inputs.target_tag", "code-injection", "generated"] + - ["nginxinc/kubernetes-ingress/.github/workflows/oss-release.yml", "*", "inputs.source_tag", "code-injection", "generated"] + - ["nginxinc/kubernetes-ingress/.github/workflows/oss-release.yml", "*", "inputs.dry_run", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/nocodb_nocodb.model.yml b/ql/lib/ext/generated/reusable-workflows/nocodb_nocodb.model.yml new file mode 100644 index 00000000000..56528159143 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/nocodb_nocodb.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["nocodb/nocodb/.github/workflows/playwright-test-workflow.yml", "*", "inputs.shard", "code-injection", "generated"] + - ["nocodb/nocodb/.github/workflows/playwright-test-workflow.yml", "*", "inputs.db", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/novuhq_novu.model.yml b/ql/lib/ext/generated/reusable-workflows/novuhq_novu.model.yml new file mode 100644 index 00000000000..c4a9b07ed99 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/novuhq_novu.model.yml @@ -0,0 +1,20 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["novuhq/novu/.github/workflows/reusable-workers-service-deploy.yml", "*", "inputs.docker_image", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-workers-service-deploy.yml", "*", "inputs.terraform_workspace", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-widget-deploy.yml", "*", "inputs.react_app_environment", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-widget-deploy.yml", "*", "inputs.react_app_sentry_dsn", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-widget-deploy.yml", "*", "inputs.react_app_webhook_url", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-widget-deploy.yml", "*", "inputs.react_app_ws_url", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-widget-deploy.yml", "*", "inputs.react_app_api_url", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-web-deploy.yml", "*", "inputs.react_app_hubspot_embed", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-web-deploy.yml", "*", "inputs.react_app_mail_server_domain", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-web-deploy.yml", "*", "inputs.react_app_environment", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-web-deploy.yml", "*", "inputs.react_app_sentry_dsn", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-web-deploy.yml", "*", "inputs.react_app_widget_embed_path", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-web-deploy.yml", "*", "inputs.react_app_webhook_url", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-web-deploy.yml", "*", "inputs.react_app_ws_url", "code-injection", "generated"] + - ["novuhq/novu/.github/workflows/reusable-web-deploy.yml", "*", "inputs.react_app_api_url", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_abbrev-js.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_abbrev-js.model.yml new file mode 100644 index 00000000000..db4f26083a0 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_abbrev-js.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/abbrev-js/.github/workflows/release-integration.yml", "*", "inputs.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_cli.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_cli.model.yml new file mode 100644 index 00000000000..c12a079e2e2 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_cli.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/cli/.github/workflows/node-integration.yml", "*", "inputs.npmVersion", "code-injection", "generated"] + - ["npm/cli/.github/workflows/node-integration.yml", "*", "inputs.nodeVersion", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_fs-minipass.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_fs-minipass.model.yml new file mode 100644 index 00000000000..3b7122a7a13 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_fs-minipass.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/fs-minipass/.github/workflows/release-integration.yml", "*", "inputs.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_hosted-git-info.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_hosted-git-info.model.yml new file mode 100644 index 00000000000..3e80edaaaff --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_hosted-git-info.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/hosted-git-info/.github/workflows/release-integration.yml", "*", "inputs.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_ini.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_ini.model.yml new file mode 100644 index 00000000000..99717acf024 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_ini.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/ini/.github/workflows/release-integration.yml", "*", "inputs.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_json-parse-even-better-errors.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_json-parse-even-better-errors.model.yml new file mode 100644 index 00000000000..d9a066c2b22 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_json-parse-even-better-errors.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/json-parse-even-better-errors/.github/workflows/release-integration.yml", "*", "inputs.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_minify-registry-metadata.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_minify-registry-metadata.model.yml new file mode 100644 index 00000000000..83e68740ac0 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_minify-registry-metadata.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/minify-registry-metadata/.github/workflows/release-integration.yml", "*", "inputs.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_mute-stream.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_mute-stream.model.yml new file mode 100644 index 00000000000..45f05ea8826 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_mute-stream.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/mute-stream/.github/workflows/release-integration.yml", "*", "inputs.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_node-semver.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_node-semver.model.yml new file mode 100644 index 00000000000..1cd25da918f --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_node-semver.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/node-semver/.github/workflows/release-integration.yml", "*", "inputs.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_node-which.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_node-which.model.yml new file mode 100644 index 00000000000..2d5a077f1f4 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_node-which.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/node-which/.github/workflows/release-integration.yml", "*", "inputs.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_nopt.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_nopt.model.yml new file mode 100644 index 00000000000..98571dfc5d9 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_nopt.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/nopt/.github/workflows/release-integration.yml", "*", "inputs.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_normalize-package-data.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_normalize-package-data.model.yml new file mode 100644 index 00000000000..8cbd1927fe0 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_normalize-package-data.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/normalize-package-data/.github/workflows/release-integration.yml", "*", "inputs.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_write-file-atomic.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_write-file-atomic.model.yml new file mode 100644 index 00000000000..6d3466f0927 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/npm_write-file-atomic.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["npm/write-file-atomic/.github/workflows/release-integration.yml", "*", "inputs.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/onflow_cadence.model.yml b/ql/lib/ext/generated/reusable-workflows/onflow_cadence.model.yml new file mode 100644 index 00000000000..c7178a298ef --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/onflow_cadence.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["onflow/cadence/.github/workflows/compatibility-check-template.yml", "*", "inputs.base-branch", "code-injection", "generated"] + - ["onflow/cadence/.github/workflows/compatibility-check-template.yml", "*", "inputs.repo", "code-injection", "generated"] + - ["onflow/cadence/.github/workflows/compatibility-check-template.yml", "*", "inputs.current-branch", "code-injection", "generated"] + - ["onflow/cadence/.github/workflows/compatibility-check-template.yml", "*", "inputs.chain", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/open-goal_jak-project.model.yml b/ql/lib/ext/generated/reusable-workflows/open-goal_jak-project.model.yml new file mode 100644 index 00000000000..08feb2033ff --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/open-goal_jak-project.model.yml @@ -0,0 +1,11 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["open-goal/jak-project/.github/workflows/windows-build-msvc.yaml", "*", "inputs.cmakePreset", "code-injection", "generated"] + - ["open-goal/jak-project/.github/workflows/windows-build-clang.yaml", "*", "inputs.cmakePreset", "code-injection", "generated"] + - ["open-goal/jak-project/.github/workflows/macos-build.yaml", "*", "inputs.cmakePreset", "code-injection", "generated"] + - ["open-goal/jak-project/.github/workflows/macos-build-arm.yaml", "*", "inputs.cmakePreset", "code-injection", "generated"] + - ["open-goal/jak-project/.github/workflows/linux-build-gcc.yaml", "*", "inputs.cmakePreset", "code-injection", "generated"] + - ["open-goal/jak-project/.github/workflows/linux-build-clang.yaml", "*", "inputs.cmakePreset", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-demo.model.yml b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-demo.model.yml new file mode 100644 index 00000000000..3483cc13b9e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-demo.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["open-telemetry/opentelemetry-demo/.github/workflows/build-images.yml", "*", "inputs.push", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet-contrib.model.yml b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet-contrib.model.yml new file mode 100644 index 00000000000..45350e121a0 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet-contrib.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["open-telemetry/opentelemetry-dotnet-contrib/.github/workflows/Component.Package.yml", "*", "inputs.project-name", "code-injection", "generated"] + - ["open-telemetry/opentelemetry-dotnet-contrib/.github/workflows/Component.BuildTest.yml", "*", "inputs.project-name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet.model.yml b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet.model.yml new file mode 100644 index 00000000000..9665157b3ad --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["open-telemetry/opentelemetry-dotnet/.github/workflows/Component.BuildTest.yml", "*", "inputs.project-name", "code-injection", "generated"] + - ["open-telemetry/opentelemetry-dotnet/.github/workflows/Component.BuildTest.yml", "*", "inputs.project-build-commands", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-java-instrumentation.model.yml b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-java-instrumentation.model.yml new file mode 100644 index 00000000000..9ef65a67c03 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-java-instrumentation.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["open-telemetry/opentelemetry-java-instrumentation/.github/workflows/reusable-workflow-notification.yml", "*", "inputs.success", "code-injection", "generated"] + - ["open-telemetry/opentelemetry-java-instrumentation/.github/workflows/reusable-smoke-test-images.yml", "*", "inputs.project", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-js-contrib.model.yml b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-js-contrib.model.yml new file mode 100644 index 00000000000..eade5ecdae1 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-js-contrib.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["open-telemetry/opentelemetry-js-contrib/.github/workflows/test-all-versions.yml", "*", "inputs.npm-workspace-args", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-operator.model.yml b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-operator.model.yml new file mode 100644 index 00000000000..1478244cc9c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-operator.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["open-telemetry/opentelemetry-operator/.github/workflows/reusable-publish-autoinstrumentation-e2e-images.yaml", "*", "inputs.language", "code-injection", "generated"] + - ["open-telemetry/opentelemetry-operator/.github/workflows/reusable-operator-hub-release.yaml", "*", "inputs.org", "code-injection", "generated"] + - ["open-telemetry/opentelemetry-operator/.github/workflows/reusable-operator-hub-release.yaml", "*", "inputs.repo", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/openbao_openbao.model.yml b/ql/lib/ext/generated/reusable-workflows/openbao_openbao.model.yml new file mode 100644 index 00000000000..8bb0915294c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/openbao_openbao.model.yml @@ -0,0 +1,11 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["openbao/openbao/.github/workflows/test-run-acc-tests-for-path.yml", "*", "inputs.path", "code-injection", "generated"] + - ["openbao/openbao/.github/workflows/test-run-acc-tests-for-path.yml", "*", "inputs.name", "code-injection", "generated"] + - ["openbao/openbao/.github/workflows/test-go.yml", "*", "inputs.name", "code-injection", "generated"] + - ["openbao/openbao/.github/workflows/test-go.yml", "*", "inputs.go-arch", "code-injection", "generated"] + - ["openbao/openbao/.github/workflows/test-go.yml", "*", "inputs.binary-tests", "code-injection", "generated"] + - ["openbao/openbao/.github/workflows/test-go.yml", "*", "inputs.total-runners", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/openhab_openhab-docs.model.yml b/ql/lib/ext/generated/reusable-workflows/openhab_openhab-docs.model.yml new file mode 100644 index 00000000000..cba6c4fbe5a --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/openhab_openhab-docs.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["openhab/openhab-docs/.github/workflows/fetch_external_docs_reusable.yml", "*", "inputs.doc_base_name", "code-injection", "generated"] + - ["openhab/openhab-docs/.github/workflows/fetch_external_docs_reusable.yml", "*", "inputs.base_file", "code-injection", "generated"] + - ["openhab/openhab-docs/.github/workflows/fetch_external_docs_reusable.yml", "*", "inputs.doc_base_file", "code-injection", "generated"] + - ["openhab/openhab-docs/.github/workflows/fetch_external_docs_reusable.yml", "*", "inputs.base_folder", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/openmined_pysyft.model.yml b/ql/lib/ext/generated/reusable-workflows/openmined_pysyft.model.yml new file mode 100644 index 00000000000..448d48f661d --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/openmined_pysyft.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["openmined/pysyft/.github/workflows/cd-post-release-tests.yml", "*", "inputs.release_platform", "code-injection", "generated"] + - ["openmined/pysyft/.github/workflows/cd-post-release-tests.yml", "*", "inputs.syft_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/opentofu_opentofu.model.yml b/ql/lib/ext/generated/reusable-workflows/opentofu_opentofu.model.yml new file mode 100644 index 00000000000..50eb3b1af36 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/opentofu_opentofu.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["opentofu/opentofu/.github/workflows/build-opentofu-oss.yml", "*", "inputs.package-name", "code-injection", "generated"] + - ["opentofu/opentofu/.github/workflows/build-opentofu-oss.yml", "*", "inputs.product-version", "code-injection", "generated"] + - ["opentofu/opentofu/.github/workflows/build-opentofu-oss.yml", "*", "inputs.goarch", "code-injection", "generated"] + - ["opentofu/opentofu/.github/workflows/build-opentofu-oss.yml", "*", "inputs.goos", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/openttd_openttd.model.yml b/ql/lib/ext/generated/reusable-workflows/openttd_openttd.model.yml new file mode 100644 index 00000000000..780fa92d20c --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/openttd_openttd.model.yml @@ -0,0 +1,17 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["openttd/openttd/.github/workflows/release-windows.yml", "*", "inputs.survey_key", "code-injection", "generated"] + - ["openttd/openttd/.github/workflows/upload-steam.yml", "*", "inputs.trigger_type", "code-injection", "generated"] + - ["openttd/openttd/.github/workflows/upload-cdn.yml", "*", "inputs.version", "code-injection", "generated"] + - ["openttd/openttd/.github/workflows/release-macos.yml", "*", "inputs.survey_key", "code-injection", "generated"] + - ["openttd/openttd/.github/workflows/release-linux.yml", "*", "inputs.survey_key", "code-injection", "generated"] + - ["openttd/openttd/.github/workflows/release-docs.yml", "*", "inputs.version", "code-injection", "generated"] + - ["openttd/openttd/.github/workflows/ci-windows.yml", "*", "inputs.arch", "code-injection", "generated"] + - ["openttd/openttd/.github/workflows/ci-macos.yml", "*", "inputs.full_arch", "code-injection", "generated"] + - ["openttd/openttd/.github/workflows/ci-macos.yml", "*", "inputs.extra-cmake-parameters", "code-injection", "generated"] + - ["openttd/openttd/.github/workflows/ci-macos.yml", "*", "inputs.arch", "code-injection", "generated"] + - ["openttd/openttd/.github/workflows/ci-linux.yml", "*", "inputs.extra-cmake-parameters", "code-injection", "generated"] + - ["openttd/openttd/.github/workflows/ci-linux.yml", "*", "inputs.libraries", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/openvinotoolkit_openvino.model.yml b/ql/lib/ext/generated/reusable-workflows/openvinotoolkit_openvino.model.yml new file mode 100644 index 00000000000..275d46772a2 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/openvinotoolkit_openvino.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["openvinotoolkit/openvino/.github/workflows/job_tensorflow_models_tests.yml", "*", "inputs.model_scope", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/openxla_iree.model.yml b/ql/lib/ext/generated/reusable-workflows/openxla_iree.model.yml new file mode 100644 index 00000000000..271c80c575e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/openxla_iree.model.yml @@ -0,0 +1,12 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["openxla/iree/.github/workflows/pkgci_regression_test_nvidiagpu_vulkan.yml", "*", "inputs.artifact_run_id", "code-injection", "generated"] + - ["openxla/iree/.github/workflows/pkgci_regression_test_nvidiagpu_cuda.yml", "*", "inputs.artifact_run_id", "code-injection", "generated"] + - ["openxla/iree/.github/workflows/pkgci_test_tensorflow_cpu.yml", "*", "inputs.artifact_run_id", "code-injection", "generated"] + - ["openxla/iree/.github/workflows/pkgci_regression_test_cpu.yml", "*", "inputs.artifact_run_id", "code-injection", "generated"] + - ["openxla/iree/.github/workflows/pkgci_regression_test_amdgpu_vulkan.yml", "*", "inputs.artifact_run_id", "code-injection", "generated"] + - ["openxla/iree/.github/workflows/pkgci_regression_test_amdgpu_rocm.yml", "*", "inputs.artifact_run_id", "code-injection", "generated"] + - ["openxla/iree/.github/workflows/pkgci_build_packages.yml", "*", "inputs.package_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/openzfs_zfs.model.yml b/ql/lib/ext/generated/reusable-workflows/openzfs_zfs.model.yml new file mode 100644 index 00000000000..0f4ad0a7ca7 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/openzfs_zfs.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["openzfs/zfs/.github/workflows/zfs-linux-tests.yml", "*", "inputs.os", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/operator-framework_java-operator-sdk.model.yml b/ql/lib/ext/generated/reusable-workflows/operator-framework_java-operator-sdk.model.yml new file mode 100644 index 00000000000..c38ae925860 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/operator-framework_java-operator-sdk.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["operator-framework/java-operator-sdk/.github/workflows/integration-tests.yml", "*", "inputs.http-client", "code-injection", "generated"] + - ["operator-framework/java-operator-sdk/.github/workflows/integration-tests.yml", "*", "inputs.kube-version", "code-injection", "generated"] + - ["operator-framework/java-operator-sdk/.github/workflows/integration-tests.yml", "*", "inputs.java-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/orange-opensource_hurl.model.yml b/ql/lib/ext/generated/reusable-workflows/orange-opensource_hurl.model.yml new file mode 100644 index 00000000000..fd4697ac1c4 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/orange-opensource_hurl.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["orange-opensource/hurl/.github/workflows/update-branch-version.yml", "*", "inputs.new_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/paolosalvatori_servicebusexplorer.model.yml b/ql/lib/ext/generated/reusable-workflows/paolosalvatori_servicebusexplorer.model.yml new file mode 100644 index 00000000000..90c4c20b585 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/paolosalvatori_servicebusexplorer.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["paolosalvatori/servicebusexplorer/.github/workflows/publish.yml", "*", "inputs.release-version", "code-injection", "generated"] + - ["paolosalvatori/servicebusexplorer/.github/workflows/build-test.yml", "*", "inputs.release-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/parcel-bundler_parcel.model.yml b/ql/lib/ext/generated/reusable-workflows/parcel-bundler_parcel.model.yml new file mode 100644 index 00000000000..51d99171a54 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/parcel-bundler_parcel.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["parcel-bundler/parcel/.github/workflows/release.yml", "*", "inputs.release-command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pardeike_harmony.model.yml b/ql/lib/ext/generated/reusable-workflows/pardeike_harmony.model.yml new file mode 100644 index 00000000000..8e74c9b811d --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/pardeike_harmony.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["pardeike/harmony/.github/workflows/test-build.yml", "*", "inputs.build_configuration", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pcsx2_pcsx2.model.yml b/ql/lib/ext/generated/reusable-workflows/pcsx2_pcsx2.model.yml new file mode 100644 index 00000000000..cd7de6d5786 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/pcsx2_pcsx2.model.yml @@ -0,0 +1,12 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["pcsx2/pcsx2/.github/workflows/windows_build_qt.yml", "*", "inputs.configuration", "code-injection", "generated"] + - ["pcsx2/pcsx2/.github/workflows/windows_build_qt.yml", "*", "inputs.platform", "code-injection", "generated"] + - ["pcsx2/pcsx2/.github/workflows/windows_build_qt.yml", "*", "inputs.cmakeFlags", "code-injection", "generated"] + - ["pcsx2/pcsx2/.github/workflows/windows_build_qt.yml", "*", "inputs.patchesUrl", "code-injection", "generated"] + - ["pcsx2/pcsx2/.github/workflows/macos_build.yml", "*", "inputs.patchesUrl", "code-injection", "generated"] + - ["pcsx2/pcsx2/.github/workflows/linux_build_qt.yml", "*", "inputs.patchesUrl", "code-injection", "generated"] + - ["pcsx2/pcsx2/.github/workflows/linux_build_flatpak.yml", "*", "inputs.patchesUrl", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pennylaneai_pennylane.model.yml b/ql/lib/ext/generated/reusable-workflows/pennylaneai_pennylane.model.yml new file mode 100644 index 00000000000..ecea4012c75 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/pennylaneai_pennylane.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["pennylaneai/pennylane/.github/workflows/unit-test.yml", "*", "inputs.pytest_test_directory", "code-injection", "generated"] + - ["pennylaneai/pennylane/.github/workflows/unit-test.yml", "*", "inputs.job_name", "code-injection", "generated"] + - ["pennylaneai/pennylane/.github/workflows/interface-unit-tests.yml", "*", "inputs.run_lightened_ci", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pinecone-io_pinecone-python-client.model.yml b/ql/lib/ext/generated/reusable-workflows/pinecone-io_pinecone-python-client.model.yml new file mode 100644 index 00000000000..f8ee5402a92 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/pinecone-io_pinecone-python-client.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["pinecone-io/pinecone-python-client/.github/workflows/publish-to-pypi.yaml", "*", "inputs.prereleaseSuffix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pixie-io_pixie.model.yml b/ql/lib/ext/generated/reusable-workflows/pixie-io_pixie.model.yml new file mode 100644 index 00000000000..aa76014db32 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/pixie-io_pixie.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["pixie-io/pixie/.github/workflows/perf_common.yaml", "*", "inputs.tags", "code-injection", "generated"] + - ["pixie-io/pixie/.github/workflows/perf_common.yaml", "*", "inputs.suites", "code-injection", "generated"] + - ["pixie-io/pixie/.github/workflows/get_image.yaml", "*", "inputs.image-base-name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/plantuml_plantuml.model.yml b/ql/lib/ext/generated/reusable-workflows/plantuml_plantuml.model.yml new file mode 100644 index 00000000000..e52ce3c8318 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/plantuml_plantuml.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["plantuml/plantuml/.github/workflows/native-image.yml", "*", "inputs.release-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/powerdns_pdns.model.yml b/ql/lib/ext/generated/reusable-workflows/powerdns_pdns.model.yml new file mode 100644 index 00000000000..31f24a27268 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/powerdns_pdns.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["powerdns/pdns/.github/workflows/build-packages.yml", "*", "inputs.os", "code-injection", "generated"] + - ["powerdns/pdns/.github/workflows/build-packages.yml", "*", "inputs.product", "code-injection", "generated"] + - ["powerdns/pdns/.github/workflows/build-packages.yml", "*", "inputs.is_release", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/preactjs_preact.model.yml b/ql/lib/ext/generated/reusable-workflows/preactjs_preact.model.yml new file mode 100644 index 00000000000..4ace66c79c3 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/preactjs_preact.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["preactjs/preact/.github/workflows/run-bench.yml", "*", "inputs.benchmark", "code-injection", "generated"] + - ["preactjs/preact/.github/workflows/run-bench.yml", "*", "inputs.trace", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/prismlauncher_prismlauncher.model.yml b/ql/lib/ext/generated/reusable-workflows/prismlauncher_prismlauncher.model.yml new file mode 100644 index 00000000000..44518d6a348 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/prismlauncher_prismlauncher.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["prismlauncher/prismlauncher/.github/workflows/build.yml", "*", "inputs.build_type", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/product-os_flowzone.model.yml b/ql/lib/ext/generated/reusable-workflows/product-os_flowzone.model.yml new file mode 100644 index 00000000000..c0edbfae484 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/product-os_flowzone.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["product-os/flowzone/.github/workflows/flowzone.yml", "*", "inputs.ok_to_test_label", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/project-oak_oak.model.yml b/ql/lib/ext/generated/reusable-workflows/project-oak_oak.model.yml new file mode 100644 index 00000000000..a28ffce30f7 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/project-oak_oak.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["project-oak/oak/.github/workflows/reusable_provenance.yaml", "*", "inputs.ent-public-key", "code-injection", "generated"] + - ["project-oak/oak/.github/workflows/reusable_provenance.yaml", "*", "inputs.build-config-path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/prql_prql.model.yml b/ql/lib/ext/generated/reusable-workflows/prql_prql.model.yml new file mode 100644 index 00000000000..afe2daa172e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/prql_prql.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["prql/prql/.github/workflows/test-rust.yaml", "*", "inputs.target", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pulumi_pulumi.model.yml b/ql/lib/ext/generated/reusable-workflows/pulumi_pulumi.model.yml new file mode 100644 index 00000000000..a07044c0ccc --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/pulumi_pulumi.model.yml @@ -0,0 +1,10 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["pulumi/pulumi/.github/workflows/ci-run-test.yml", "*", "inputs.test-command", "code-injection", "generated"] + - ["pulumi/pulumi/.github/workflows/ci-run-test.yml", "*", "inputs.test-name", "code-injection", "generated"] + - ["pulumi/pulumi/.github/workflows/ci-dev-release.yml", "*", "inputs.version", "code-injection", "generated"] + - ["pulumi/pulumi/.github/workflows/ci-build-binaries.yml", "*", "inputs.arch", "code-injection", "generated"] + - ["pulumi/pulumi/.github/workflows/ci-build-binaries.yml", "*", "inputs.os", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/puppetlabs_puppetlabs-puppetdb.model.yml b/ql/lib/ext/generated/reusable-workflows/puppetlabs_puppetlabs-puppetdb.model.yml new file mode 100644 index 00000000000..250307e3acd --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/puppetlabs_puppetlabs-puppetdb.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["puppetlabs/puppetlabs-puppetdb/.github/workflows/module_spec.yml", "*", "inputs.ignore_dependency_check", "code-injection", "generated"] + - ["puppetlabs/puppetlabs-puppetdb/.github/workflows/module_acceptance.yml", "*", "inputs.debug", "code-injection", "generated"] + - ["puppetlabs/puppetlabs-puppetdb/.github/workflows/matrix.yml", "*", "inputs.flags", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pyo3_maturin.model.yml b/ql/lib/ext/generated/reusable-workflows/pyo3_maturin.model.yml new file mode 100644 index 00000000000..e968f209706 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/pyo3_maturin.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["pyo3/maturin/.github/workflows/downstream.yml", "*", "inputs.manifest-dir", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pyo3_pyo3.model.yml b/ql/lib/ext/generated/reusable-workflows/pyo3_pyo3.model.yml new file mode 100644 index 00000000000..438f637a9a0 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/pyo3_pyo3.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["pyo3/pyo3/.github/workflows/build.yml", "*", "inputs.extra-features", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/python_cpython.model.yml b/ql/lib/ext/generated/reusable-workflows/python_cpython.model.yml new file mode 100644 index 00000000000..7e7b82b25f5 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/python_cpython.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["python/cpython/.github/workflows/reusable-ubuntu.yml", "*", "inputs.options", "code-injection", "generated"] + - ["python/cpython/.github/workflows/reusable-tsan.yml", "*", "inputs.options", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pytorch_botorch.model.yml b/ql/lib/ext/generated/reusable-workflows/pytorch_botorch.model.yml new file mode 100644 index 00000000000..e3c3b19e441 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/pytorch_botorch.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["pytorch/botorch/.github/workflows/reusable_website.yml", "*", "inputs.release_tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pytorch_xla.model.yml b/ql/lib/ext/generated/reusable-workflows/pytorch_xla.model.yml new file mode 100644 index 00000000000..704adb3f121 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/pytorch_xla.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["pytorch/xla/.github/workflows/_test.yml", "*", "inputs.test-script", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/quarto-dev_quarto-cli.model.yml b/ql/lib/ext/generated/reusable-workflows/quarto-dev_quarto-cli.model.yml new file mode 100644 index 00000000000..5300a7d145e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/quarto-dev_quarto-cli.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["quarto-dev/quarto-cli/.github/workflows/test-smokes.yml", "*", "inputs.buckets", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/rancher_dashboard.model.yml b/ql/lib/ext/generated/reusable-workflows/rancher_dashboard.model.yml new file mode 100644 index 00000000000..f82254bd22b --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/rancher_dashboard.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["rancher/dashboard/.github/workflows/build-extension-charts.yml", "*", "inputs.tagged_release", "code-injection", "generated"] + - ["rancher/dashboard/.github/workflows/build-extension-charts.yml", "*", "inputs.target_branch", "code-injection", "generated"] + - ["rancher/dashboard/.github/workflows/build-extension-catalog.yml", "*", "inputs.tagged_release", "code-injection", "generated"] + - ["rancher/dashboard/.github/workflows/build-extension-catalog.yml", "*", "inputs.registry_target", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/rasterio_rasterio.model.yml b/ql/lib/ext/generated/reusable-workflows/rasterio_rasterio.model.yml new file mode 100644 index 00000000000..80a26a9e65f --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/rasterio_rasterio.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["rasterio/rasterio/.github/workflows/test_gdal_build.yaml", "*", "inputs.gdal_ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/redisearch_redisearch.model.yml b/ql/lib/ext/generated/reusable-workflows/redisearch_redisearch.model.yml new file mode 100644 index 00000000000..eb5e7835565 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/redisearch_redisearch.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["redisearch/redisearch/.github/workflows/flow-build-artifacts.yml", "*", "inputs.architecture", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/remix-run_remix.model.yml b/ql/lib/ext/generated/reusable-workflows/remix-run_remix.model.yml new file mode 100644 index 00000000000..cd2629f49bc --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/remix-run_remix.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["remix-run/remix/.github/workflows/stacks.yml", "*", "inputs.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/rmcrackan_libation.model.yml b/ql/lib/ext/generated/reusable-workflows/rmcrackan_libation.model.yml new file mode 100644 index 00000000000..77ad5d6a6d3 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/rmcrackan_libation.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["rmcrackan/libation/.github/workflows/build-windows.yml", "*", "inputs.version_override", "code-injection", "generated"] + - ["rmcrackan/libation/.github/workflows/build-linux.yml", "*", "inputs.architecture", "code-injection", "generated"] + - ["rmcrackan/libation/.github/workflows/build-linux.yml", "*", "inputs.OS", "code-injection", "generated"] + - ["rmcrackan/libation/.github/workflows/build-linux.yml", "*", "inputs.version_override", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/rocketchat_rocket.chat.model.yml b/ql/lib/ext/generated/reusable-workflows/rocketchat_rocket.chat.model.yml new file mode 100644 index 00000000000..a881a1a5fd3 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/rocketchat_rocket.chat.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["rocketchat/rocket.chat/.github/workflows/ci-test-e2e.yml", "*", "inputs.total-shard", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/ruby_ruby.wasm.model.yml b/ql/lib/ext/generated/reusable-workflows/ruby_ruby.wasm.model.yml new file mode 100644 index 00000000000..693d3abc03e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/ruby_ruby.wasm.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["ruby/ruby.wasm/.github/workflows/build.yml", "*", "inputs.prerel_name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/rustdesk_rustdesk.model.yml b/ql/lib/ext/generated/reusable-workflows/rustdesk_rustdesk.model.yml new file mode 100644 index 00000000000..119cbe465e6 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/rustdesk_rustdesk.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["rustdesk/rustdesk/.github/workflows/third-party-RustDeskTempTopMostWindow.yml", "*", "inputs.target_version", "code-injection", "generated"] + - ["rustdesk/rustdesk/.github/workflows/third-party-RustDeskTempTopMostWindow.yml", "*", "inputs.configuration", "code-injection", "generated"] + - ["rustdesk/rustdesk/.github/workflows/third-party-RustDeskTempTopMostWindow.yml", "*", "inputs.platform", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/saadeghi_daisyui.model.yml b/ql/lib/ext/generated/reusable-workflows/saadeghi_daisyui.model.yml new file mode 100644 index 00000000000..2d35b933923 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/saadeghi_daisyui.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["saadeghi/daisyui/.github/workflows/write-release-notes.yml", "*", "inputs.daisyuiversion", "code-injection", "generated"] + - ["saadeghi/daisyui/.github/workflows/deploy-docs.yml", "*", "inputs.daisyuiversion", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/sagemath_sage.model.yml b/ql/lib/ext/generated/reusable-workflows/sagemath_sage.model.yml new file mode 100644 index 00000000000..7ca34fc3e44 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/sagemath_sage.model.yml @@ -0,0 +1,12 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["sagemath/sage/.github/workflows/macos.yml", "*", "inputs.stage", "code-injection", "generated"] + - ["sagemath/sage/.github/workflows/macos.yml", "*", "inputs.targets_optional", "code-injection", "generated"] + - ["sagemath/sage/.github/workflows/macos.yml", "*", "inputs.targets", "code-injection", "generated"] + - ["sagemath/sage/.github/workflows/macos.yml", "*", "inputs.targets_pre", "code-injection", "generated"] + - ["sagemath/sage/.github/workflows/docker_hub.yml", "*", "inputs.dockerhub_repository", "code-injection", "generated"] + - ["sagemath/sage/.github/workflows/docker.yml", "*", "inputs.timeout", "code-injection", "generated"] + - ["sagemath/sage/.github/workflows/docker.yml", "*", "inputs.docker_push_repository", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/schemastore_schemastore.model.yml b/ql/lib/ext/generated/reusable-workflows/schemastore_schemastore.model.yml new file mode 100644 index 00000000000..d3cc8e73b70 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/schemastore_schemastore.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["schemastore/schemastore/src/test/github-workflow/reusable-workflow.yaml", "*", "inputs.constraints", "code-injection", "generated"] + - ["schemastore/schemastore/src/negative_test/github-workflow/reusable-workflow-input-must-declare-type.yaml", "*", "inputs.constraints", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/scikit-learn_scikit-learn.model.yml b/ql/lib/ext/generated/reusable-workflows/scikit-learn_scikit-learn.model.yml new file mode 100644 index 00000000000..a9f8401aab2 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/scikit-learn_scikit-learn.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["scikit-learn/scikit-learn/.github/workflows/update_tracking_issue.yml", "*", "inputs.job_status", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/seleniumhq_selenium.model.yml b/ql/lib/ext/generated/reusable-workflows/seleniumhq_selenium.model.yml new file mode 100644 index 00000000000..acf43426e56 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/seleniumhq_selenium.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["seleniumhq/selenium/.github/workflows/bazel.yml", "*", "inputs.run", "code-injection", "generated"] + - ["seleniumhq/selenium/.github/workflows/bazel.yml", "*", "inputs.ruby-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-packager.model.yml b/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-packager.model.yml new file mode 100644 index 00000000000..3c9178a9125 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-packager.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["shaka-project/shaka-packager/.github/workflows/publish-npm.yaml", "*", "inputs.latest", "code-injection", "generated"] + - ["shaka-project/shaka-packager/.github/workflows/publish-npm.yaml", "*", "inputs.tag", "code-injection", "generated"] + - ["shaka-project/shaka-packager/.github/workflows/build.yaml", "*", "inputs.self_hosted", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-player.model.yml b/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-player.model.yml new file mode 100644 index 00000000000..24603c25a77 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-player.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["shaka-project/shaka-player/.github/workflows/selenium-lab-tests.yaml", "*", "inputs.ignore_test_status", "code-injection", "generated"] + - ["shaka-project/shaka-player/.github/workflows/selenium-lab-tests.yaml", "*", "inputs.test_filter", "code-injection", "generated"] + - ["shaka-project/shaka-player/.github/workflows/selenium-lab-tests.yaml", "*", "inputs.browser_filter", "code-injection", "generated"] + - ["shaka-project/shaka-player/.github/workflows/selenium-lab-tests.yaml", "*", "inputs.pr", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/shimataro_ssh-key-action.model.yml b/ql/lib/ext/generated/reusable-workflows/shimataro_ssh-key-action.model.yml new file mode 100644 index 00000000000..29f01c24bed --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/shimataro_ssh-key-action.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["shimataro/ssh-key-action/.github/workflows/reusable-verify.yml", "*", "inputs.package_installation_command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/softfever_orcaslicer.model.yml b/ql/lib/ext/generated/reusable-workflows/softfever_orcaslicer.model.yml new file mode 100644 index 00000000000..acad489dbe5 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/softfever_orcaslicer.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["softfever/orcaslicer/.github/workflows/build_orca.yml", "*", "inputs.arch", "code-injection", "generated"] + - ["softfever/orcaslicer/.github/workflows/build_deps.yml", "*", "inputs.arch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/software-mansion_react-native-reanimated.model.yml b/ql/lib/ext/generated/reusable-workflows/software-mansion_react-native-reanimated.model.yml new file mode 100644 index 00000000000..e15b6d33042 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/software-mansion_react-native-reanimated.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["software-mansion/react-native-reanimated/.github/workflows/build-npm-package-action.yml", "*", "inputs.option", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/solana-labs_solana.model.yml b/ql/lib/ext/generated/reusable-workflows/solana-labs_solana.model.yml new file mode 100644 index 00000000000..12c9f97b7a4 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/solana-labs_solana.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["solana-labs/solana/.github/workflows/release-artifacts.yml", "*", "inputs.commit", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/sonarr_sonarr.model.yml b/ql/lib/ext/generated/reusable-workflows/sonarr_sonarr.model.yml new file mode 100644 index 00000000000..685944420aa --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/sonarr_sonarr.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["sonarr/sonarr/.github/workflows/deploy.yml", "*", "inputs.version", "code-injection", "generated"] + - ["sonarr/sonarr/.github/workflows/deploy.yml", "*", "inputs.branch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/speedb-io_speedb.model.yml b/ql/lib/ext/generated/reusable-workflows/speedb-io_speedb.model.yml new file mode 100644 index 00000000000..884c3d154ad --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/speedb-io_speedb.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["speedb-io/speedb/.github/workflows/build_ubuntu_arm.yml", "*", "inputs.verSion", "code-injection", "generated"] + - ["speedb-io/speedb/.github/workflows/build_macos_ARM.yml", "*", "inputs.verSion", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/spring-cloud_spring-cloud-dataflow.model.yml b/ql/lib/ext/generated/reusable-workflows/spring-cloud_spring-cloud-dataflow.model.yml new file mode 100644 index 00000000000..799958a7fee --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/spring-cloud_spring-cloud-dataflow.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["spring-cloud/spring-cloud-dataflow/.github/workflows/build-images.yml", "*", "inputs.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/sqlfluff_sqlfluff.model.yml b/ql/lib/ext/generated/reusable-workflows/sqlfluff_sqlfluff.model.yml new file mode 100644 index 00000000000..32d3e59e1f8 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/sqlfluff_sqlfluff.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["sqlfluff/sqlfluff/.github/workflows/ci-test-python.yml", "*", "inputs.marks", "code-injection", "generated"] + - ["sqlfluff/sqlfluff/.github/workflows/ci-test-python.yml", "*", "inputs.python-version", "code-injection", "generated"] + - ["sqlfluff/sqlfluff/.github/workflows/ci-test-dbt.yml", "*", "inputs.dbt-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/stdlib-js_stdlib.model.yml b/ql/lib/ext/generated/reusable-workflows/stdlib-js_stdlib.model.yml new file mode 100644 index 00000000000..f2893eb2407 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/stdlib-js_stdlib.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["stdlib-js/stdlib/.github/workflows/update_pr_copyright_years.yml", "*", "inputs.pull_request_number", "code-injection", "generated"] + - ["stdlib-js/stdlib/.github/workflows/lint_autofix.yml", "*", "inputs.pull_request_number", "code-injection", "generated"] + - ["stdlib-js/stdlib/.github/workflows/check_required_files.yml", "*", "inputs.user", "code-injection", "generated"] + - ["stdlib-js/stdlib/.github/workflows/check_required_files.yml", "*", "inputs.pull_request_number", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/stereokit_stereokit.model.yml b/ql/lib/ext/generated/reusable-workflows/stereokit_stereokit.model.yml new file mode 100644 index 00000000000..ea3b2029f82 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/stereokit_stereokit.model.yml @@ -0,0 +1,10 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["stereokit/stereokit/.github/workflows/build.yml", "*", "inputs.patch", "code-injection", "generated"] + - ["stereokit/stereokit/.github/workflows/build.yml", "*", "inputs.minor", "code-injection", "generated"] + - ["stereokit/stereokit/.github/workflows/build.yml", "*", "inputs.major", "code-injection", "generated"] + - ["stereokit/stereokit/.github/workflows/build.yml", "*", "inputs.preName", "code-injection", "generated"] + - ["stereokit/stereokit/.github/workflows/build.yml", "*", "inputs.pre", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/streetsidesoftware_cspell.model.yml b/ql/lib/ext/generated/reusable-workflows/streetsidesoftware_cspell.model.yml new file mode 100644 index 00000000000..74bdcb807c8 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/streetsidesoftware_cspell.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["streetsidesoftware/cspell/.github/workflows/reuseable-pr-from-artifact.yml", "*", "inputs.patch_path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/supabase_auth.model.yml b/ql/lib/ext/generated/reusable-workflows/supabase_auth.model.yml new file mode 100644 index 00000000000..4c0442abd2b --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/supabase_auth.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["supabase/auth/.github/workflows/publish.yml", "*", "inputs.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/supabase_cli.model.yml b/ql/lib/ext/generated/reusable-workflows/supabase_cli.model.yml new file mode 100644 index 00000000000..39c81d39066 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/supabase_cli.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["supabase/cli/.github/workflows/mirror-image.yml", "*", "inputs.image", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/tencent_hippy.model.yml b/ql/lib/ext/generated/reusable-workflows/tencent_hippy.model.yml new file mode 100644 index 00000000000..82f5ba4be74 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/tencent_hippy.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["tencent/hippy/.github/workflows/reuse_get_workflow_output.yml", "*", "inputs.workflow_run", "code-injection", "generated"] + - ["tencent/hippy/.github/workflows/reuse_classify_commits.yml", "*", "inputs.pull_request_number", "code-injection", "generated"] + - ["tencent/hippy/.github/workflows/reuse_approve_checks_run.yml", "*", "inputs.pull_request_head_sha", "code-injection", "generated"] + - ["tencent/hippy/.github/workflows/reuse_approve_checks_run.yml", "*", "inputs.pull_request_number", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/tgstation_tgstation.model.yml b/ql/lib/ext/generated/reusable-workflows/tgstation_tgstation.model.yml new file mode 100644 index 00000000000..ffb08a8fa2e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/tgstation_tgstation.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["tgstation/tgstation/.github/workflows/run_integration_tests.yml", "*", "inputs.map", "code-injection", "generated"] + - ["tgstation/tgstation/.github/workflows/run_integration_tests.yml", "*", "inputs.minor", "code-injection", "generated"] + - ["tgstation/tgstation/.github/workflows/run_integration_tests.yml", "*", "inputs.major", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/thesofproject_sof.model.yml b/ql/lib/ext/generated/reusable-workflows/thesofproject_sof.model.yml new file mode 100644 index 00000000000..4012908e7e9 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/thesofproject_sof.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["thesofproject/sof/.github/workflows/ipc_fuzzer.yml", "*", "inputs.fuzzing_duration_s", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/tiann_kernelsu.model.yml b/ql/lib/ext/generated/reusable-workflows/tiann_kernelsu.model.yml new file mode 100644 index 00000000000..a1af8280ebc --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/tiann_kernelsu.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["tiann/kernelsu/.github/workflows/ksud.yml", "*", "inputs.target", "code-injection", "generated"] + - ["tiann/kernelsu/.github/workflows/avd-kernel.yml", "*", "inputs.manifest_name", "code-injection", "generated"] + - ["tiann/kernelsu/.github/workflows/wsa-kernel.yml", "*", "inputs.arch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/tiledb-inc_tiledb.model.yml b/ql/lib/ext/generated/reusable-workflows/tiledb-inc_tiledb.model.yml new file mode 100644 index 00000000000..84de5681fea --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/tiledb-inc_tiledb.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["tiledb-inc/tiledb/.github/workflows/ci-linux_mac.yml", "*", "inputs.asan", "code-injection", "generated"] + - ["tiledb-inc/tiledb/.github/workflows/append-release-cmake.yml", "*", "inputs.ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/toeverything_affine.model.yml b/ql/lib/ext/generated/reusable-workflows/toeverything_affine.model.yml new file mode 100644 index 00000000000..c9e8b5c23c0 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/toeverything_affine.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["toeverything/affine/.github/workflows/build-server-image.yml", "*", "inputs.flavor", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/tracel-ai_burn.model.yml b/ql/lib/ext/generated/reusable-workflows/tracel-ai_burn.model.yml new file mode 100644 index 00000000000..80dde7f2fc0 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/tracel-ai_burn.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["tracel-ai/burn/.github/workflows/publish-template.yml", "*", "inputs.crate", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/tribler_tribler.model.yml b/ql/lib/ext/generated/reusable-workflows/tribler_tribler.model.yml new file mode 100644 index 00000000000..1ffaa4e1cd0 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/tribler_tribler.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["tribler/tribler/.github/workflows/pytest_custom_ipv8.yml", "*", "inputs.ipv8-git-ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/ubisoft_sharpmake.model.yml b/ql/lib/ext/generated/reusable-workflows/ubisoft_sharpmake.model.yml new file mode 100644 index 00000000000..48b35d83c70 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/ubisoft_sharpmake.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["ubisoft/sharpmake/.github/workflows/build.yml", "*", "inputs.framework", "code-injection", "generated"] + - ["ubisoft/sharpmake/.github/workflows/build.yml", "*", "inputs.configuration", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/unity-technologies_ml-agents.model.yml b/ql/lib/ext/generated/reusable-workflows/unity-technologies_ml-agents.model.yml new file mode 100644 index 00000000000..e1a0c8a9fcf --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/unity-technologies_ml-agents.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["unity-technologies/ml-agents/.github/workflows/pytest.yml", "*", "inputs.pytest_markers", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/urbit_urbit.model.yml b/ql/lib/ext/generated/reusable-workflows/urbit_urbit.model.yml new file mode 100644 index 00000000000..71cd3fed3ed --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/urbit_urbit.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["urbit/urbit/.github/workflows/shared.yml", "*", "inputs.pace", "code-injection", "generated"] + - ["urbit/urbit/.github/workflows/shared.yml", "*", "inputs.next", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/uyuni-project_uyuni.model.yml b/ql/lib/ext/generated/reusable-workflows/uyuni-project_uyuni.model.yml new file mode 100644 index 00000000000..47f53f495f8 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/uyuni-project_uyuni.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["uyuni-project/uyuni/.github/workflows/acceptance_tests_common.yml", "*", "inputs.server_id", "code-injection", "generated"] + - ["uyuni-project/uyuni/.github/workflows/acceptance_tests_common.yml", "*", "inputs.secondary_tests", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/vert-x3_vertx-hazelcast.model.yml b/ql/lib/ext/generated/reusable-workflows/vert-x3_vertx-hazelcast.model.yml new file mode 100644 index 00000000000..1b592aa91cc --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/vert-x3_vertx-hazelcast.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["vert-x3/vertx-hazelcast/.github/workflows/it.yml", "*", "inputs.hz", "code-injection", "generated"] + - ["vert-x3/vertx-hazelcast/.github/workflows/ci.yml", "*", "inputs.hz", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/vkcom_vkui.model.yml b/ql/lib/ext/generated/reusable-workflows/vkcom_vkui.model.yml new file mode 100644 index 00000000000..db4e957a87a --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/vkcom_vkui.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["vkcom/vkui/.github/workflows/reusable_workflow_test.yml", "*", "inputs.workspace", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/walletconnect_web3modal.model.yml b/ql/lib/ext/generated/reusable-workflows/walletconnect_web3modal.model.yml new file mode 100644 index 00000000000..c3642c84f63 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/walletconnect_web3modal.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["walletconnect/web3modal/.github/workflows/ui_tests.yml", "*", "inputs.command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/warzone2100_warzone2100.model.yml b/ql/lib/ext/generated/reusable-workflows/warzone2100_warzone2100.model.yml new file mode 100644 index 00000000000..3e6691f0e8f --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/warzone2100_warzone2100.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["warzone2100/warzone2100/.github/workflows/publish_web_build.yml", "*", "inputs.architecture", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/wasmedge_wasmedge.model.yml b/ql/lib/ext/generated/reusable-workflows/wasmedge_wasmedge.model.yml new file mode 100644 index 00000000000..733c2e20a71 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/wasmedge_wasmedge.model.yml @@ -0,0 +1,10 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["wasmedge/wasmedge/.github/workflows/reusable-create-source-tarball.yml", "*", "inputs.version", "code-injection", "generated"] + - ["wasmedge/wasmedge/.github/workflows/reusable-build-on-windows.yml", "*", "inputs.version", "code-injection", "generated"] + - ["wasmedge/wasmedge/.github/workflows/reusable-build-on-windows-msvc.yml", "*", "inputs.version", "code-injection", "generated"] + - ["wasmedge/wasmedge/.github/workflows/reusable-build-on-ubuntu.yml", "*", "inputs.version", "code-injection", "generated"] + - ["wasmedge/wasmedge/.github/workflows/reusable-build-on-manylinux.yml", "*", "inputs.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/web-infra-dev_rspack.model.yml b/ql/lib/ext/generated/reusable-workflows/web-infra-dev_rspack.model.yml new file mode 100644 index 00000000000..cb80f74e4e8 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/web-infra-dev_rspack.model.yml @@ -0,0 +1,7 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["web-infra-dev/rspack/.github/workflows/reusable-build.yml", "*", "inputs.profile", "code-injection", "generated"] + - ["web-infra-dev/rspack/.github/workflows/reusable-build.yml", "*", "inputs.target", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/werf_werf.model.yml b/ql/lib/ext/generated/reusable-workflows/werf_werf.model.yml new file mode 100644 index 00000000000..0f78ea086a6 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/werf_werf.model.yml @@ -0,0 +1,21 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["werf/werf/.github/workflows/_test_unit.yml", "*", "inputs.excludePackages", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_unit.yml", "*", "inputs.packages", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_unit.yml", "*", "inputs.coverage", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_integration_regular.yml", "*", "inputs.excludePackages", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_integration_regular.yml", "*", "inputs.packages", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_integration_regular.yml", "*", "inputs.coverage", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_integration_per-k8s-version.yml", "*", "inputs.coverage", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_integration_per-k8s-version-and-container-registry.yml", "*", "inputs.coverage", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_integration_per-container-registry.yml", "*", "inputs.coverage", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_e2e_regular.yml", "*", "inputs.excludePackages", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_e2e_regular.yml", "*", "inputs.scope", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_e2e_regular.yml", "*", "inputs.packages", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_e2e_regular.yml", "*", "inputs.coverage", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_e2e_per-k8s-version.yml", "*", "inputs.excludePackages", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_e2e_per-k8s-version.yml", "*", "inputs.scope", "code-injection", "generated"] + - ["werf/werf/.github/workflows/_test_e2e_per-k8s-version.yml", "*", "inputs.packages", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/widdix_aws-cf-templates.model.yml b/ql/lib/ext/generated/reusable-workflows/widdix_aws-cf-templates.model.yml new file mode 100644 index 00000000000..e2bf8f96fa9 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/widdix_aws-cf-templates.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["widdix/aws-cf-templates/.github/workflows/acceptance-test-run.yml", "*", "inputs.tests", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/wildfly_wildfly.model.yml b/ql/lib/ext/generated/reusable-workflows/wildfly_wildfly.model.yml new file mode 100644 index 00000000000..4a8500a147e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/wildfly_wildfly.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["wildfly/wildfly/.github/workflows/shared-wildfly-build-and-test.yml", "*", "inputs.build-arguments", "code-injection", "generated"] + - ["wildfly/wildfly/.github/workflows/shared-wildfly-build-and-test.yml", "*", "inputs.test-arguments", "code-injection", "generated"] + - ["wildfly/wildfly/.github/workflows/shared-wildfly-build-and-test.yml", "*", "inputs.maven-repo-path", "code-injection", "generated"] + - ["wildfly/wildfly/.github/workflows/shared-wildfly-build.yml", "*", "inputs.git-log-number", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/yt-dlp_yt-dlp.model.yml b/ql/lib/ext/generated/reusable-workflows/yt-dlp_yt-dlp.model.yml new file mode 100644 index 00000000000..3e362cebc58 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/yt-dlp_yt-dlp.model.yml @@ -0,0 +1,11 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["yt-dlp/yt-dlp/.github/workflows/release.yml", "*", "inputs.target", "code-injection", "generated"] + - ["yt-dlp/yt-dlp/.github/workflows/release.yml", "*", "inputs.source", "code-injection", "generated"] + - ["yt-dlp/yt-dlp/.github/workflows/release.yml", "*", "inputs.prerelease", "code-injection", "generated"] + - ["yt-dlp/yt-dlp/.github/workflows/release.yml", "*", "inputs.version", "code-injection", "generated"] + - ["yt-dlp/yt-dlp/.github/workflows/build.yml", "*", "inputs.version", "code-injection", "generated"] + - ["yt-dlp/yt-dlp/.github/workflows/build.yml", "*", "inputs.channel", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/zenml-io_zenml.model.yml b/ql/lib/ext/generated/reusable-workflows/zenml-io_zenml.model.yml new file mode 100644 index 00000000000..9e5f6e3541e --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/zenml-io_zenml.model.yml @@ -0,0 +1,8 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["zenml-io/zenml/.github/workflows/publish_docker_image.yml", "*", "inputs.config_file", "code-injection", "generated"] + - ["zenml-io/zenml/.github/workflows/integration-test-slow.yml", "*", "inputs.test_environment", "code-injection", "generated"] + - ["zenml-io/zenml/.github/workflows/integration-test-fast.yml", "*", "inputs.test_environment", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/zephyrproject-rtos_zephyr.model.yml b/ql/lib/ext/generated/reusable-workflows/zephyrproject-rtos_zephyr.model.yml new file mode 100644 index 00000000000..89fbb5dbf70 --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/zephyrproject-rtos_zephyr.model.yml @@ -0,0 +1,6 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["zephyrproject-rtos/zephyr/.github/workflows/ready-to-merge.yml", "*", "inputs.needs_context", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/zitadel_zitadel.model.yml b/ql/lib/ext/generated/reusable-workflows/zitadel_zitadel.model.yml new file mode 100644 index 00000000000..26f9f659a2d --- /dev/null +++ b/ql/lib/ext/generated/reusable-workflows/zitadel_zitadel.model.yml @@ -0,0 +1,9 @@ +extensions: + - addsTo: + pack: githubsecuritylab/actions-all + extensible: sinkModel + data: + - ["zitadel/zitadel/.github/workflows/release.yml", "*", "inputs.image_name", "code-injection", "generated"] + - ["zitadel/zitadel/.github/workflows/release.yml", "*", "inputs.build_image_name", "code-injection", "generated"] + - ["zitadel/zitadel/.github/workflows/container.yml", "*", "inputs.build_image_name", "code-injection", "generated"] + - ["zitadel/zitadel/.github/workflows/compile.yml", "*", "inputs.version", "code-injection", "generated"] \ No newline at end of file