From a5c6df3070810e34500a5986b275ee1559cca432 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alvaro=20Mu=C3=B1oz?= Date: Mon, 3 Jun 2024 18:13:01 +0200 Subject: [PATCH] Move from yaml to js extractor --- .!79690!.DS_Store | 0 ql/lib/codeql-pack.lock.yml | 22 +++-- .../codeql/actions/dataflow/ExternalFlow.qll | 18 ++--- .../internal/ExternalFlowExtensions.qll | 6 +- ql/lib/ext/8398a7_action-slack.model.yml | 2 +- ...rSource_sonarcloud-github-action.model.yml | 2 +- ql/lib/ext/actions_github-script.model.yml | 2 +- ...ahmadnassri_action-changed-files.model.yml | 2 +- ql/lib/ext/akhileshns_heroku-deploy.model.yml | 4 +- ...nnn_action-semantic-pull-request.model.yml | 2 +- ql/lib/ext/anchore_sbom-action.model.yml | 2 +- ql/lib/ext/anchore_scan-action.model.yml | 2 +- .../ext/andresz1_size-limit-action.model.yml | 2 +- .../android-actions_setup-android.model.yml | 2 +- ...le-actions_import-codesign-certs.model.yml | 2 +- ql/lib/ext/asdf-vm_actions.model.yml | 2 +- ...taylor_read-json-property-action.model.yml | 2 +- ...ley-taylor_regex-property-action.model.yml | 2 +- .../aszc_change-string-case-action.model.yml | 2 +- ...ctions_configure-aws-credentials.model.yml | 2 +- .../axel-op_googlejavaformat-action.model.yml | 2 +- ql/lib/ext/azure_powershell.model.yml | 2 +- ql/lib/ext/bahmutov_npm-install.model.yml | 2 +- .../blackducksoftware_github-action.model.yml | 2 +- ql/lib/ext/bobheadxi_deployments.model.yml | 2 +- .../bufbuild_buf-breaking-action.model.yml | 4 +- ql/lib/ext/bufbuild_buf-lint-action.model.yml | 4 +- .../ext/bufbuild_buf-setup-action.model.yml | 2 +- ql/lib/ext/cachix_cachix-action.model.yml | 4 +- ql/lib/ext/changesets_action.model.yml | 2 +- .../ext/cloudflare_wrangler-action.model.yml | 2 +- ql/lib/ext/coursier_cache-action.model.yml | 2 +- .../crazy-max_ghaction-chocolatey.model.yml | 2 +- .../crazy-max_ghaction-import-gpg.model.yml | 2 +- .../csexton_release-asset-action.model.yml | 2 +- ...cycjimmy_semantic-release-action.model.yml | 2 +- ql/lib/ext/cypress-io_github-action.model.yml | 2 +- .../ext/dailydotdev_action-devcard.model.yml | 2 +- ...me_reportgenerator-github-action.model.yml | 2 +- .../daspn_private-actions-checkout.model.yml | 2 +- .../dawidd6_action-ansible-playbook.model.yml | 2 +- ...dawidd6_action-download-artifact.model.yml | 2 +- ql/lib/ext/delaguardo_setup-clojure.model.yml | 2 +- ...tesystems_magic-nix-cache-action.model.yml | 2 +- ...er-practice_actions-setup-docker.model.yml | 2 +- ql/lib/ext/docker_build-push-action.model.yml | 2 +- ql/lib/ext/endbug_latest-tag.model.yml | 2 +- ql/lib/ext/expo_expo-github-action.model.yml | 2 +- ...seextended_action-hosting-deploy.model.yml | 2 +- .../frabert_replace-string-action.model.yml | 2 +- ...nzdiebold_github-env-vars-action.model.yml | 2 +- ql/lib/ext/gabrielbb_xvfb-action.model.yml | 2 +- ql/lib/ext/game-ci_unity-builder.model.yml | 2 +- .../ext/game-ci_unity-test-runner.model.yml | 2 +- ...autamkrishnar_blog-post-workflow.model.yml | 2 +- ...ctions_actions-runner-controller.model.yml | 2 +- .../composite-actions/adap_flower.model.yml | 2 +- .../agoric_agoric-sdk.model.yml | 2 +- .../airbnb_lottie-ios.model.yml | 2 +- .../airbytehq_airbyte.model.yml | 2 +- .../amazon-ion_ion-java.model.yml | 2 +- .../composite-actions/anchore_grype.model.yml | 2 +- .../composite-actions/anchore_syft.model.yml | 2 +- .../angular_dev-infra.model.yml | 2 +- .../ansible_ansible-lint.model.yml | 2 +- .../composite-actions/ansible_awx.model.yml | 2 +- .../apache_arrow-datafusion.model.yml | 2 +- .../apache_arrow-rs.model.yml | 2 +- .../composite-actions/apache_arrow.model.yml | 2 +- .../apache_bookkeeper.model.yml | 2 +- .../composite-actions/apache_brpc.model.yml | 2 +- .../apache_camel-k.model.yml | 2 +- .../composite-actions/apache_camel.model.yml | 2 +- .../composite-actions/apache_flink.model.yml | 2 +- .../apache_incubator-kie-tools.model.yml | 2 +- .../composite-actions/apache_nuttx.model.yml | 2 +- .../apache_opendal.model.yml | 2 +- .../composite-actions/apache_pekko.model.yml | 2 +- .../apache_pulsar-helm-chart.model.yml | 2 +- .../apache_superset.model.yml | 2 +- .../appflowy-io_appflowy.model.yml | 2 +- .../aptos-labs_aptos-core.model.yml | 2 +- .../archivesspace_archivesspace.model.yml | 2 +- .../armadaproject_armada.model.yml | 2 +- .../composite-actions/armbian_build.model.yml | 2 +- .../auth0_auth0-java.model.yml | 2 +- .../auth0_auth0.net.model.yml | 2 +- .../auth0_auth0.swift.model.yml | 2 +- .../autogluon_autogluon.model.yml | 2 +- .../composite-actions/avaiga_taipy.model.yml | 2 +- .../aws-amplify_amplify-cli.model.yml | 2 +- ...ertools_powertools-lambda-python.model.yml | 2 +- .../aws_amazon-vpc-cni-k8s.model.yml | 2 +- .../aws_karpenter-provider-aws.model.yml | 2 +- .../awslabs_amazon-eks-ami.model.yml | 2 +- .../awslabs_aws-lambda-rust-runtime.model.yml | 2 +- .../azerothcore_azerothcore-wotlk.model.yml | 2 +- .../azure_azure-datafactory.model.yml | 2 +- .../badges_shields.model.yml | 2 +- .../balena-io_etcher.model.yml | 2 +- .../balena-os_balena-engine.model.yml | 2 +- .../ben-manes_caffeine.model.yml | 2 +- .../composite-actions/bokeh_bokeh.model.yml | 2 +- .../botpress_botpress.model.yml | 2 +- ...intree_braintree-android-drop-in.model.yml | 2 +- .../braintree_braintree_android.model.yml | 2 +- .../broadinstitute_gatk.model.yml | 2 +- .../canonical_multipass.model.yml | 2 +- .../chia-network_actions.model.yml | 2 +- .../chia-network_chia-blockchain.model.yml | 2 +- .../chipsalliance_chisel.model.yml | 2 +- .../chocobozzz_peertube.model.yml | 2 +- .../cilium_cilium-cli.model.yml | 2 +- .../composite-actions/cilium_cilium.model.yml | 2 +- .../citusdata_citus.model.yml | 2 +- .../clerk_javascript.model.yml | 2 +- .../cloud-custodian_cloud-custodian.model.yml | 2 +- .../cloudflare_workers-sdk.model.yml | 2 +- ...cloudfoundry_cloud_controller_ng.model.yml | 2 +- .../composite-actions/coder_coder.model.yml | 2 +- .../composite-actions/coil-kt_coil.model.yml | 2 +- .../commaai_openpilot.model.yml | 2 +- .../conan-io_conan-center-index.model.yml | 2 +- .../corretto_corretto-8.model.yml | 2 +- .../cosmos_cosmos-sdk.model.yml | 2 +- .../composite-actions/coturn_coturn.model.yml | 2 +- .../crunchydata_postgres-operator.model.yml | 2 +- .../composite-actions/cvc5_cvc5.model.yml | 2 +- .../composite-actions/d2l-ai_d2l-en.model.yml | 2 +- ...build-check-deploy-gradle-action.model.yml | 2 +- .../datadog_dd-trace-dotnet.model.yml | 2 +- .../datadog_dd-trace-go.model.yml | 2 +- .../datadog_dd-trace-js.model.yml | 2 +- .../datafuselabs_databend.model.yml | 2 +- .../davatorium_rofi.model.yml | 2 +- .../debezium_debezium.model.yml | 2 +- .../defenseunicorns_zarf.model.yml | 2 +- ...lifiees_demarches-simplifiees.fr.model.yml | 2 +- ...of-veterans-affairs_vets-website.model.yml | 2 +- .../devexpress_devextreme.model.yml | 2 +- .../diggerhq_digger.model.yml | 2 +- .../diku-dk_futhark.model.yml | 2 +- .../discourse_.github.model.yml | 2 +- .../dnsjava_dnsjava.model.yml | 2 +- .../dotintent_react-native-ble-plx.model.yml | 2 +- .../dotnet_docs-tools.model.yml | 2 +- .../dotnet_dotnet-monitor.model.yml | 2 +- .../dragonflydb_dragonfly.model.yml | 2 +- .../drawpile_drawpile.model.yml | 2 +- .../eksctl-io_eksctl.model.yml | 2 +- .../elastic_apm-agent-dotnet.model.yml | 2 +- .../elastic_apm-agent-java.model.yml | 2 +- .../elastic_apm-server.model copy.yml | 2 +- .../elementor_elementor.model.yml | 2 +- .../composite-actions/emberjs_data.model.yml | 2 +- .../composite-actions/emqx_emqx.model.yml | 2 +- .../eonasdan_tempus-dominus.model.yml | 2 +- .../composite-actions/erlang_otp.model.yml | 2 +- .../esphome_esphome.model.yml | 2 +- .../composite-actions/expensify_app.model.yml | 2 +- .../composite-actions/expo_expo.model.yml | 2 +- .../expo_vscode-expo.model.yml | 2 +- ...xternal-secrets_external-secrets.model.yml | 2 +- .../facebook_buck2.model.yml | 2 +- .../composite-actions/facebook_flow.model.yml | 2 +- .../composite-actions/facebook_yoga.model.yml | 2 +- .../facebookresearch_xformers.model.yml | 2 +- .../fastly_compute-actions.model.yml | 2 +- .../composite-actions/felangel_bloc.model.yml | 2 +- .../firebase_firebase-ios-sdk.model.yml | 2 +- .../flagsmith_flagsmith.model.yml | 2 +- .../flaxengine_flaxengine.model.yml | 2 +- ...pperdevices_flipperzero-firmware.model.yml | 2 +- .../composite-actions/fluxcd_flux2.model.yml | 2 +- .../forcedotcom_salesforcedx-vscode.model.yml | 2 +- .../fossasia_visdom.model.yml | 2 +- .../freckle_stack-action.model.yml | 2 +- .../freeradius_freeradius-server.model.yml | 2 +- .../composite-actions/gaphor_gaphor.model.yml | 2 +- .../getsentry_action-release.model.yml | 2 +- .../github_codeql-action.model.yml | 2 +- .../composite-actions/github_ruby.model.yml | 2 +- .../gittools_gitversion.model.yml | 2 +- .../go-spatial_tegola.model.yml | 2 +- .../goauthentik_authentik.model.yml | 2 +- .../godotengine_godot.model.yml | 2 +- .../composite-actions/google_dagger.model.yml | 2 +- .../googleapis_java-cloud-bom.model.yml | 2 +- .../googleapis_sdk-platform-java.model.yml | 2 +- ...ecloudplatform_dataflowtemplates.model.yml | 4 +- ...ooglecloudplatform_magic-modules.model.yml | 2 +- .../gravitational_teleport.model.yml | 2 +- .../grote_transportr.model.yml | 2 +- .../hashicorp_nomad.model.yml | 2 +- .../hashicorp_terraform.model.yml | 2 +- .../hashicorp_vault.model.yml | 4 +- .../home-assistant_android.model.yml | 2 +- .../homebrew_actions.model.yml | 2 +- ...erledger_aries-cloudagent-python.model.yml | 2 +- .../hyperledger_fabric-samples.model.yml | 2 +- .../igniterealtime_openfire.model.yml | 2 +- .../infracost_actions.model.yml | 2 +- ...nspektor-gadget_inspektor-gadget.model.yml | 2 +- .../intel-analytics_ipex-llm.model.yml | 2 +- .../ionic-team_ionic-framework.model.yml | 2 +- .../ionic-team_ionicons.model.yml | 2 +- .../ionic-team_stencil.model.yml | 2 +- .../composite-actions/ipfs_aegir.model.yml | 2 +- .../jetbrains_jetbrainsruntime.model.yml | 2 +- .../jhipster_generator-jhipster.model.yml | 4 +- .../jsocol_django-ratelimit.model.yml | 2 +- .../juicedata_juicefs.model.yml | 2 +- .../jupyter_docker-stacks.model.yml | 2 +- .../keycloak_keycloak.model.yml | 2 +- .../composite-actions/kserve_kserve.model.yml | 2 +- .../kubeflow_katib.model.yml | 2 +- .../kubeflow_training-operator.model.yml | 2 +- .../kubernetes-sigs_karpenter.model.yml | 2 +- .../kubernetes-sigs_kwok.model.yml | 2 +- .../kubescape_kubescape.model.yml | 2 +- .../kubeshop_botkube.model.yml | 2 +- .../kyverno_kyverno.model.yml | 2 +- .../composite-actions/lancedb_lance.model.yml | 2 +- .../launchdarkly_ios-client-sdk.model.yml | 2 +- .../layer5labs_meshmap-snapshot.model.yml | 2 +- .../ldc-developers_ldc.model.yml | 2 +- .../ledgerhq_ledger-live.model.yml | 2 +- .../composite-actions/lerna_lerna.model.yml | 2 +- .../composite-actions/lf-edge_eve.model.yml | 2 +- .../libgit2_libgit2.model.yml | 2 +- .../lightning-ai_pytorch-lightning.model.yml | 2 +- .../lightning-ai_torchmetrics.model.yml | 2 +- .../linkerd_linkerd2.model.yml | 4 +- .../logseq_publish-spa.model.yml | 2 +- .../macvim-dev_macvim.model.yml | 2 +- .../mamba-org_mamba.model.yml | 2 +- .../maplibre_maplibre-native.model.yml | 2 +- .../mastodon_mastodon.model.yml | 2 +- .../mavlink_qgroundcontrol.model.yml | 2 +- .../mdanalysis_mdanalysis.model.yml | 2 +- .../medic_cht-core.model.yml | 2 +- .../medusajs_medusa.model.yml | 2 +- .../metabase_metabase.model.yml | 2 +- ...etamask_action-create-release-pr.model.yml | 2 +- .../metamask_action-npm-publish.model.yml | 2 +- .../microsoft_fluentui.model.yml | 2 +- .../microsoft_playwright.model.yml | 2 +- .../composite-actions/microsoft_wsl.model.yml | 2 +- .../milvus-io_milvus.model.yml | 2 +- .../composite-actions/mlflow_mlflow.model.yml | 2 +- .../modin-project_modin.model.yml | 2 +- .../mozilla_addons-server.model.yml | 2 +- .../mozilla_bedrock.model.yml | 2 +- .../mozilla_sccache.model.yml | 2 +- .../msys2_setup-msys2.model.yml | 2 +- .../mumble-voip_mumble.model.yml | 2 +- .../composite-actions/nasa_fprime.model.yml | 2 +- .../nats-io_nats-server.model.yml | 2 +- ..._optic-release-automation-action.model.yml | 2 +- .../composite-actions/nektos_act.model.yml | 2 +- ...4j-contrib_neo4j-apoc-procedures.model.yml | 2 +- .../neondatabase_neon.model.yml | 2 +- .../composite-actions/neovim_neovim.model.yml | 2 +- .../composite-actions/nhost_nhost.model.yml | 2 +- .../nix-community_nixos-wsl.model.yml | 2 +- .../composite-actions/novuhq_novu.model.yml | 4 +- .../composite-actions/nymtech_nym.model.yml | 2 +- .../obsproject_obs-studio.model.yml | 2 +- .../composite-actions/ocaml_dune.model.yml | 2 +- .../oneflow-inc_oneflow.model.yml | 2 +- ...metry_opentelemetry-ruby-contrib.model.yml | 2 +- ...pen-telemetry_opentelemetry-ruby.model.yml | 2 +- .../open-watcom_open-watcom-v2.model.yml | 2 +- .../openapitools_openapi-generator.model.yml | 2 +- .../composite-actions/openjdk_jdk.model.yml | 2 +- ...pensearch-project_opensearch-net.model.yml | 2 +- .../opensearch-project_security.model.yml | 2 +- .../opentrons_opentrons.model.yml | 2 +- .../openvinotoolkit_openvino.model.yml | 2 +- ...enzeppelin-contracts-upgradeable.model.yml | 2 +- ...nzeppelin_openzeppelin-contracts.model.yml | 2 +- .../composite-actions/oppia_oppia.model.yml | 2 +- .../composite-actions/oracle_graal.model.yml | 2 +- .../oracle_truffleruby.model.yml | 2 +- .../orhun_git-cliff.model.yml | 2 +- .../composite-actions/oven-sh_bun.model.yml | 2 +- .../owntracks_android.model.yml | 2 +- .../pandas-dev_pandas.model.yml | 2 +- .../pardeike_harmony.model.yml | 2 +- .../pennylaneai_pennylane.model.yml | 2 +- .../phalcon_cphalcon.model.yml | 2 +- .../philosowaffle_peloton-to-garmin.model.yml | 4 +- .../composite-actions/php_php-src.model.yml | 2 +- .../phpdocumentor_phpdocumentor.model.yml | 2 +- ...necone-io_pinecone-python-client.model.yml | 2 +- .../composite-actions/pixijs_pixijs.model.yml | 2 +- .../posthog_posthog.model.yml | 2 +- .../composite-actions/primer_react.model.yml | 2 +- .../project-chip_connectedhomeip.model.yml | 2 +- .../projectnessie_nessie.model.yml | 2 +- .../composite-actions/psf_black.model.yml | 2 +- .../pyca_cryptography.model.yml | 2 +- .../pyg-team_pytorch_geometric.model.yml | 2 +- .../python-poetry_poetry.model.yml | 2 +- .../composite-actions/python_mypy.model.yml | 2 +- .../quarto-dev_quarto-cli.model.yml | 2 +- .../composite-actions/quay_clair.model.yml | 2 +- .../quickwit-oss_quickwit.model.yml | 2 +- .../composite-actions/r-lib_actions.model.yml | 2 +- .../randombit_botan.model.yml | 2 +- .../raspberrypi_documentation.model.yml | 2 +- .../ray-project_kuberay.model.yml | 2 +- .../readthedocs_actions.model.yml | 2 +- .../reflex-dev_reflex.model.yml | 2 +- .../renovatebot_renovate.model.yml | 2 +- .../rethinkdb_rethinkdb.model.yml | 2 +- .../composite-actions/risc0_risc0.model.yml | 2 +- .../rocketchat_rocket.chat.model.yml | 2 +- .../composite-actions/rook_rook.model.yml | 2 +- .../composite-actions/roots_trellis.model.yml | 2 +- .../composite-actions/ruby_debug.model.yml | 2 +- .../composite-actions/ruby_ruby.model.yml | 2 +- .../composite-actions/rusefi_rusefi.model.yml | 2 +- .../saltstack_salt.model.yml | 2 +- .../composite-actions/saltstack_salt.yml | 2 +- .../sap_sapmachine.model.yml | 2 +- .../scala-native_scala-native.model.yml | 2 +- .../composite-actions/scitools_iris.model.yml | 2 +- .../scylladb_scylla-operator.model.yml | 2 +- .../shader-slang_slang.model.yml | 2 +- .../shaka-project_shaka-player.model.yml | 2 +- ...ode_react-webpack-rails-tutorial.model.yml | 2 +- .../simple-icons_simple-icons.model.yml | 2 +- .../slint-ui_slint.model.yml | 2 +- .../solidusio_solidus.model.yml | 2 +- .../composite-actions/solo-io_gloo.model.yml | 2 +- .../composite-actions/sonarr_sonarr.model.yml | 2 +- .../sonic-pi-net_sonic-pi.model.yml | 2 +- .../spacedriveapp_spacedrive.model.yml | 2 +- .../spockframework_spock.model.yml | 2 +- .../spring-io_initializr.model.yml | 2 +- .../spring-io_start.spring.io.model.yml | 2 +- .../spring-projects_spring-boot.model.yml | 2 +- ...spring-projects_spring-framework.model.yml | 2 +- .../spring-projects_spring-graphql.model.yml | 2 +- .../square_workflow-kotlin.model.yml | 2 +- .../stefanprodan_podinfo.model.yml | 2 +- .../composite-actions/stellar_go.model.yml | 2 +- .../streetsidesoftware_cspell.model.yml | 4 +- .../subquery_subql.model.yml | 2 +- .../swagger-api_swagger-codegen.model.yml | 2 +- .../swagger-api_swagger-parser.model.yml | 2 +- .../tarantool_tarantool.model.yml | 2 +- .../telepresenceio_telepresence.model.yml | 2 +- .../tensorflow_datasets.model.yml | 2 +- .../texstudio-org_texstudio.model.yml | 2 +- .../toeverything_affine.model.yml | 2 +- .../treeverse_lakefs.model.yml | 2 +- .../trezor_trezor-firmware.model.yml | 2 +- .../tribler_tribler.model.yml | 2 +- .../trunk-io_trunk-action.model.yml | 2 +- .../composite-actions/unidata_metpy.model.yml | 2 +- .../unstructured-io_unstructured.model.yml | 2 +- .../composite-actions/vercel_turbo.model.yml | 2 +- .../vesoft-inc_nebula.model.yml | 2 +- .../composite-actions/vkcom_vkui.model.yml | 2 +- .../vuetifyjs_vuetify.model.yml | 2 +- .../wagoodman_dive.model.yml | 2 +- ...lletconnect_walletconnectswiftv2.model.yml | 2 +- .../composite-actions/wazuh_wazuh.model.yml | 2 +- .../web-infra-dev_rspack.model.yml | 2 +- .../webassembly_wabt.model.yml | 2 +- .../composite-actions/wntrblm_nox.model.yml | 2 +- .../composite-actions/xrplf_rippled.model.yml | 2 +- .../composite-actions/zcash_zcash.model.yml | 2 +- .../zenml-io_zenml.model.yml | 2 +- .../composite-actions/zeroc-ice_ice.model.yml | 2 +- .../0xpolygon_polygon-edge.model.yml | 2 +- .../reusable-workflows/8vim_8vim.model.yml | 2 +- .../actions_reusable-workflows.model.yml | 2 +- .../reusable-workflows/adap_flower.model.yml | 2 +- .../aio-libs_multidict.model.yml | 2 +- .../aio-libs_yarl.model.yml | 2 +- .../airbytehq_airbyte.model.yml | 2 +- .../alphagov_collections.model.yml | 2 +- .../alphagov_frontend.model.yml | 2 +- .../alphagov_publishing-api.model.yml | 2 +- .../reusable-workflows/apache_druid.model.yml | 2 +- .../reusable-workflows/apache_flink.model.yml | 2 +- .../reusable-workflows/apache_spark.model.yml | 2 +- .../argilla-io_argilla.model.yml | 2 +- .../argoproj_argo-cd.model.yml | 2 +- .../argoproj_argo-rollouts.model.yml | 2 +- .../aws-amplify_amplify-ui.model.yml | 2 +- .../reusable-workflows/azure_apiops.model.yml | 2 +- .../azure_mlops-templates.model.yml | 2 +- .../bbq-beets_avocaddo-cmw.model.yml | 2 +- .../bbq-beets_mobile-ci-cd.model.yml | 2 +- .../bbq-beets_yujincat-action.model.yml | 2 +- .../bdunderscore_modular-avatar.model.yml | 2 +- .../benc-uk_workflow-dispatch.model.yml | 2 +- .../bridgecrewio_checkov.model.yml | 2 +- .../bugsnag_bugsnag-ruby.model.yml | 2 +- ...ecodealliance_wasm-micro-runtime.model.yml | 2 +- .../celo-org_celo-blockchain.model.yml | 2 +- .../cemu-project_cemu.model.yml | 2 +- .../cesiumgs_cesium-unreal.model.yml | 2 +- .../reusable-workflows/cgal_cgal.model.yml | 2 +- .../checkstyle_checkstyle.model.yml | 2 +- .../chia-network_actions.model.yml | 2 +- .../chipsalliance_chisel.model.yml | 2 +- .../clickhouse_clickhouse.model.yml | 2 +- .../cloudfoundry_cli.model.yml | 2 +- ...thub-action-matrix-outputs-write.model.yml | 2 +- .../cocotb_cocotb.model.yml | 2 +- .../codeigniter4_codeigniter4.model.yml | 2 +- .../com-lihaoyi_mill.model.yml | 2 +- .../cosmos_ibc-go.model.yml | 2 +- .../crowdsecurity_crowdsec.model.yml | 2 +- .../cryptomator_cryptomator.model.yml | 2 +- .../daeuniverse_dae.model.yml | 2 +- .../dafny-lang_dafny.model.yml | 2 +- .../dagger_dagger.model.yml | 2 +- .../dash-industry-forum_dash.js.model.yml | 2 +- .../datadog_dd-trace-go.model.yml | 2 +- .../datadog_dd-trace-py.model.yml | 2 +- .../datafuselabs_databend.model.yml | 2 +- .../dbt-labs_dbt-bigquery.model.yml | 2 +- .../dbt-labs_dbt-core.model.yml | 2 +- .../dbt-labs_dbt-snowflake.model.yml | 2 +- .../decidim_decidim.model.yml | 2 +- .../defectdojo_django-defectdojo.model.yml | 2 +- ...dependencytrack_dependency-track.model.yml | 2 +- .../devexpress_testcafe.model.yml | 2 +- .../dfhack_dfhack.model.yml | 2 +- .../docker_build-push-action.model.yml | 2 +- .../dragonwell-project_dragonwell11.model.yml | 2 +- .../earthly_earthly.model.yml | 2 +- .../eclipse-vertx_vert.x.model.yml | 2 +- .../eclipse-vertx_vertx-sql-client.model.yml | 2 +- .../elastic_elasticsearch-net.model.yml | 2 +- .../element-hq_element-desktop.model.yml | 4 +- .../envoyproxy_envoy.model.yml | 2 +- .../etcd-io_bbolt.model.yml | 2 +- .../reusable-workflows/etcd-io_etcd.model.yml | 2 +- .../eventstore_eventstore.model.yml | 2 +- .../expensify_app.model.yml | 2 +- ...xternal-secrets_external-secrets.model.yml | 2 +- .../facebook_create-react-app.model.yml | 2 +- .../facebookresearch_xformers.model.yml | 2 +- .../falcosecurity_falco.model.yml | 2 +- .../fastify_fastify.model.yml | 2 +- .../ferretdb_ferretdb.model.yml | 2 +- .../filecoin-project_venus.model.yml | 2 +- .../firebase_firebase-unity-sdk.model.yml | 2 +- .../flarum_framework.model.yml | 2 +- .../fluent_fluent-bit.model.yml | 2 +- .../flux-iac_tofu-controller.model.yml | 2 +- .../flyteorg_flyte.model.yml | 2 +- .../foundatiofx_foundatio.model.yml | 2 +- .../freecad_freecad.model.yml | 2 +- .../getpelican_pelican.model.yml | 2 +- .../getporter_porter.model.yml | 2 +- .../getsentry_sentry-dart.model.yml | 2 +- .../getsentry_sentry-unity.model.yml | 2 +- .../gitpod-io_gitpod.model.yml | 2 +- .../gittools_gitversion.model.yml | 2 +- ...ooglecloudplatform_magic-modules.model.yml | 2 +- ...loudplatform_nodejs-docs-samples.model.yml | 2 +- .../gravitational_teleport.model.yml | 2 +- .../gravitl_netmaker.model.yml | 2 +- .../reusable-workflows/h2oai_wave.model.yml | 2 +- .../hadashia_vcontainer.model.yml | 2 +- .../hashgraph_hedera-services.model.yml | 2 +- .../hashicorp_boundary.model.yml | 2 +- .../hashicorp_consul.model.yml | 2 +- .../hashicorp_terraform-cdk.model.yml | 2 +- ...hashicorp_terraform-provider-tfe.model.yml | 2 +- .../hashicorp_terraform.model.yml | 2 +- .../hashicorp_vault.model.yml | 4 +- .../reusable-workflows/heroku_cli.model.yml | 2 +- .../hitobito_hitobito.model.yml | 4 +- .../home-assistant_operating-system.model.yml | 2 +- .../homuler_mediapipeunityplugin.model.yml | 2 +- .../huggingface_doc-builder.model.yml | 2 +- .../huggingface_transformers.model.yml | 2 +- .../hyperion-project_hyperion.ng.model.yml | 2 +- .../reusable-workflows/ibm_sarama.model.yml | 2 +- ...nloader_icloud_photos_downloader.model.yml | 2 +- .../immich-app_immich.model.yml | 2 +- .../reusable-workflows/inria_spoon.model.yml | 2 +- ...el-device-plugins-for-kubernetes.model.yml | 2 +- .../inverse-inc_packetfence.model.yml | 2 +- .../reusable-workflows/ispc_ispc.model.yml | 2 +- ..._intellij-platform-gradle-plugin.model.yml | 2 +- .../jupyter_docker-stacks.model.yml | 2 +- .../kairos-io_kairos.model.yml | 2 +- .../kanidm_kanidm.model.yml | 2 +- .../kata-containers_kata-containers.model.yml | 2 +- .../reusable-workflows/kiali_kiali.model.yml | 2 +- .../kotest_kotest.model.yml | 2 +- .../kubernetes_ingress-nginx.model.yml | 2 +- .../kubescape_kubescape.model.yml | 2 +- .../kubeshop_botkube.model.yml | 4 +- .../reusable-workflows/kumahq_kuma.model.yml | 2 +- .../labring_sealos.model.yml | 2 +- .../laion-ai_open-assistant.model.yml | 2 +- .../learningequality_kolibri.model.yml | 2 +- .../lensesio_stream-reactor.model.yml | 2 +- .../leptos-rs_leptos.model.yml | 2 +- .../lightning-ai_pytorch-lightning.model.yml | 2 +- .../liquibase_liquibase.model.yml | 2 +- .../litestar-org_litestar.model.yml | 2 +- .../reusable-workflows/llvm_circt.model.yml | 2 +- .../lnbits_lnbits.model.yml | 2 +- .../lutris_lutris.model.yml | 2 +- .../reusable-workflows/mailu_mailu.model.yml | 2 +- .../mamba-org_mamba.model.yml | 2 +- ...anticoresoftware_manticoresearch.model.yml | 2 +- .../marcelotduarte_cx_freeze.model.yml | 2 +- ...xaml_materialdesigninxamltoolkit.model.yml | 2 +- .../matter-labs_zksync-era.model.yml | 2 +- .../mattermost_desktop.model.yml | 2 +- .../mattermost_mattermost.model.yml | 2 +- .../mealie-recipes_mealie.model.yml | 2 +- .../meshery_meshery.model.yml | 2 +- .../meshtastic_firmware.model.yml | 2 +- .../microcks_microcks.model.yml | 2 +- ...crosoft_applicationinsights-java.model.yml | 2 +- .../microsoft_chat-copilot.model.yml | 2 +- .../microsoft_msquic.model.yml | 2 +- .../microsoft_oryx.model.yml | 2 +- .../microsoft_pr-metrics.model.yml | 2 +- ...oft_react-native-windows-samples.model.yml | 2 +- .../microsoft_vscode-cpptools.model.yml | 2 +- .../moby_buildkit.model.yml | 2 +- .../reusable-workflows/moby_moby.model.yml | 2 +- .../mosaicml_composer.model.yml | 2 +- .../msys2_setup-msys2.model.yml | 2 +- .../mudler_localai.model.yml | 2 +- .../mustardchef_wsabuilds.model.yml | 2 +- .../reusable-workflows/n8n-io_n8n.model.yml | 2 +- .../napari_napari.model.yml | 2 +- .../reusable-workflows/nasa_fprime.model.yml | 2 +- .../nautobot_nautobot.model.yml | 2 +- .../reusable-workflows/nektos_act.model.yml | 2 +- .../neondatabase_neon.model.yml | 2 +- .../neovim_neovim.model.yml | 2 +- .../nethermindeth_nethermind.model.yml | 2 +- .../newrelic_newrelic-dotnet-agent.model.yml | 2 +- .../newrelic_newrelic-java-agent.model.yml | 2 +- .../newrelic_node-newrelic.model.yml | 2 +- .../nexus-mods_nexusmods.app.model.yml | 2 +- .../nginxinc_kubernetes-ingress.model.yml | 2 +- .../nocodb_nocodb.model.yml | 2 +- .../reusable-workflows/novuhq_novu.model.yml | 2 +- .../npm_abbrev-js.model.yml | 2 +- .../reusable-workflows/npm_cli.model.yml | 2 +- .../npm_fs-minipass.model.yml | 2 +- .../npm_hosted-git-info.model.yml | 2 +- .../reusable-workflows/npm_ini.model.yml | 2 +- ...pm_json-parse-even-better-errors.model.yml | 2 +- .../npm_minify-registry-metadata.model.yml | 2 +- .../npm_mute-stream.model.yml | 2 +- .../npm_node-semver.model.yml | 2 +- .../npm_node-which.model.yml | 2 +- .../reusable-workflows/npm_nopt.model.yml | 2 +- .../npm_normalize-package-data.model.yml | 2 +- .../npm_write-file-atomic.model.yml | 2 +- .../onflow_cadence.model.yml | 2 +- .../open-goal_jak-project.model.yml | 2 +- ...pen-telemetry_opentelemetry-demo.model.yml | 2 +- ...try_opentelemetry-dotnet-contrib.model.yml | 2 +- ...n-telemetry_opentelemetry-dotnet.model.yml | 2 +- ...entelemetry-java-instrumentation.model.yml | 2 +- ...lemetry_opentelemetry-js-contrib.model.yml | 2 +- ...telemetry_opentelemetry-operator.model.yml | 2 +- .../openbao_openbao.model.yml | 2 +- .../openhab_openhab-docs.model.yml | 2 +- .../openmined_pysyft.model.yml | 2 +- .../opentofu_opentofu.model.yml | 2 +- .../openttd_openttd.model.yml | 2 +- .../openvinotoolkit_openvino.model.yml | 2 +- .../reusable-workflows/openxla_iree.model.yml | 2 +- .../reusable-workflows/openzfs_zfs.model.yml | 2 +- ...ator-framework_java-operator-sdk.model.yml | 2 +- .../orange-opensource_hurl.model.yml | 2 +- ...aolosalvatori_servicebusexplorer.model.yml | 2 +- .../parcel-bundler_parcel.model.yml | 2 +- .../pardeike_harmony.model.yml | 2 +- .../reusable-workflows/pcsx2_pcsx2.model.yml | 2 +- .../pennylaneai_pennylane.model.yml | 2 +- ...necone-io_pinecone-python-client.model.yml | 2 +- .../pixie-io_pixie.model.yml | 2 +- .../plantuml_plantuml.model.yml | 2 +- .../powerdns_pdns.model.yml | 2 +- .../preactjs_preact.model.yml | 2 +- .../prismlauncher_prismlauncher.model.yml | 2 +- .../product-os_flowzone.model.yml | 2 +- .../project-oak_oak.model.yml | 2 +- .../reusable-workflows/prql_prql.model.yml | 2 +- .../pulumi_pulumi.model.yml | 2 +- .../puppeteer_puppeteer.model.yml | 2 +- .../puppetlabs_puppetlabs-puppetdb.model.yml | 2 +- .../reusable-workflows/pyo3_maturin.model.yml | 2 +- .../reusable-workflows/pyo3_pyo3.model.yml | 2 +- .../python_cpython.model.yml | 2 +- .../pytorch_botorch.model.yml | 2 +- .../reusable-workflows/pytorch_xla.model.yml | 2 +- .../quarto-dev_quarto-cli.model.yml | 2 +- .../rancher_dashboard.model.yml | 2 +- .../rasterio_rasterio.model.yml | 2 +- .../redisearch_redisearch.model.yml | 2 +- .../remix-run_remix.model.yml | 2 +- .../rmcrackan_libation.model.yml | 2 +- .../rocketchat_rocket.chat.model.yml | 2 +- .../ruby_ruby.wasm.model.yml | 2 +- .../rustdesk_rustdesk.model.yml | 2 +- .../saadeghi_daisyui.model.yml | 2 +- .../sagemath_sage.model.yml | 2 +- .../schemastore_schemastore.model.yml | 2 +- .../scikit-learn_scikit-learn.model.yml | 2 +- .../seleniumhq_selenium.model.yml | 2 +- .../shaka-project_shaka-packager.model.yml | 2 +- .../shaka-project_shaka-player.model.yml | 2 +- .../shimataro_ssh-key-action.model.yml | 2 +- .../softfever_orcaslicer.model.yml | 2 +- ...-mansion_react-native-reanimated.model.yml | 2 +- .../solana-labs_solana.model.yml | 2 +- .../sonarr_sonarr.model.yml | 2 +- .../speedb-io_speedb.model.yml | 2 +- ...ring-cloud_spring-cloud-dataflow.model.yml | 2 +- .../sqlfluff_sqlfluff.model.yml | 2 +- .../stdlib-js_stdlib.model.yml | 2 +- .../stereokit_stereokit.model.yml | 2 +- .../streetsidesoftware_cspell.model.yml | 4 +- .../supabase_auth.model.yml | 2 +- .../reusable-workflows/supabase_cli.model.yml | 2 +- .../tencent_hippy.model.yml | 4 +- .../tgstation_tgstation.model.yml | 2 +- .../thesofproject_sof.model.yml | 2 +- .../tiann_kernelsu.model.yml | 2 +- .../tiledb-inc_tiledb.model.yml | 2 +- .../toeverything_affine.model.yml | 2 +- .../tracel-ai_burn.model.yml | 2 +- .../tribler_tribler.model.yml | 2 +- .../ubisoft_sharpmake.model.yml | 2 +- .../unity-technologies_ml-agents.model.yml | 2 +- .../reusable-workflows/urbit_urbit.model.yml | 2 +- .../uyuni-project_uyuni.model.yml | 2 +- .../vert-x3_vertx-hazelcast.model.yml | 2 +- .../reusable-workflows/vkcom_vkui.model.yml | 2 +- .../walletconnect_web3modal.model.yml | 2 +- .../warzone2100_warzone2100.model.yml | 2 +- .../wasmedge_wasmedge.model.yml | 2 +- .../web-infra-dev_rspack.model.yml | 2 +- .../reusable-workflows/werf_werf.model.yml | 2 +- .../widdix_aws-cf-templates.model.yml | 2 +- .../wildfly_wildfly.model.yml | 2 +- .../yt-dlp_yt-dlp.model.yml | 2 +- .../zenml-io_zenml.model.yml | 2 +- .../zephyrproject-rtos_zephyr.model.yml | 2 +- .../zitadel_zitadel.model.yml | 4 +- ql/lib/ext/getsentry_action-release.model.yml | 2 +- ql/lib/ext/github_codeql-action.model.yml | 2 +- .../ext/go-semantic-release_action.model.yml | 2 +- .../golangci_golangci-lint-action.model.yml | 2 +- .../ext/gonuit_heroku-docker-deploy.model.yml | 2 +- .../goreleaser_goreleaser-action.model.yml | 2 +- ...te-or-update-pull-request-action.model.yml | 2 +- .../ext/gradle_gradle-build-action.model.yml | 2 +- ql/lib/ext/haya14busa_action-cond.model.yml | 2 +- ql/lib/ext/hexlet_project-action.model.yml | 2 +- ql/lib/ext/ilammy_msvc-dev-cmd.model.yml | 2 +- ql/lib/ext/ilammy_setup-nasm.model.yml | 2 +- ql/lib/ext/imjohnbo_issue-bot.model.yml | 2 +- ql/lib/ext/iterative_setup-cml.model.yml | 2 +- ql/lib/ext/iterative_setup-dvc.model.yml | 2 +- ...sives_github-pages-deploy-action.model.yml | 2 +- .../ext/jitterbit_get-changed-files.model.yml | 2 +- .../ext/johnnymorganz_stylua-action.model.yml | 2 +- ql/lib/ext/jsdaniell_create-json.model.yml | 2 +- .../ext/jurplel_install-qt-action.model.yml | 2 +- ql/lib/ext/jwalton_gh-ecr-push.model.yml | 4 +- ...han_pull-request-comment-trigger.model.yml | 2 +- ...leci-artifacts-redirector-action.model.yml | 2 +- ql/lib/ext/leafo_gh-actions-lua.model.yml | 2 +- .../ext/leafo_gh-actions-luarocks.model.yml | 2 +- .../lucasbento_auto-close-issues.model.yml | 2 +- ..._actions-find-and-replace-string.model.yml | 2 +- ql/lib/ext/magefile_mage-action.model.yml | 2 +- ql/lib/ext/maierj_fastlane-action.model.yml | 2 +- .../manusa_actions-setup-minikube.model.yml | 2 +- ql/lib/ext/marocchino_on_artifact.model.yml | 2 +- ql/lib/ext/mattdavis0351_actions.model.yml | 4 +- .../ext/meteorengineer_setup-meteor.model.yml | 2 +- ...tro-digital_setup-tools-for-waas.model.yml | 2 +- ql/lib/ext/microsoft_setup-msbuild.model.yml | 2 +- ...mishakav_pytest-coverage-comment.model.yml | 2 +- ...hers-excellent_docker-build-push.model.yml | 2 +- ql/lib/ext/msys2_setup-msys2.model.yml | 2 +- ql/lib/ext/mxschmitt_action-tmate.model.yml | 2 +- ql/lib/ext/mymindstorm_setup-emsdk.model.yml | 4 +- .../ext/nanasess_setup-chromedriver.model.yml | 2 +- ql/lib/ext/nanasess_setup-php.model.yml | 2 +- ql/lib/ext/nick-fields_retry.model.yml | 2 +- ql/lib/ext/octokit_graphql-action.model.yml | 2 +- ql/lib/ext/octokit_request-action.model.yml | 2 +- ql/lib/ext/olafurpg_setup-scala.model.yml | 2 +- .../paambaati_codeclimate-action.model.yml | 2 +- .../peter-evans_create-pull-request.model.yml | 2 +- ...-murray_issue-body-parser-action.model.yml | 2 +- .../ext/plasmicapp_plasmic-action.model.yml | 2 +- .../preactjs_compressed-size-action.model.yml | 2 +- ql/lib/ext/py-actions_flake8.model.yml | 2 +- ...py-actions_py-dependency-install.model.yml | 2 +- ql/lib/ext/pyo3_maturin-action.model.yml | 2 +- ...vecircus_android-emulator-runner.model.yml | 2 +- ...bers-in-action_download-artifact.model.yml | 2 +- ql/lib/ext/reggionick_s3-deploy.model.yml | 2 +- .../ext/renovatebot_github-action.model.yml | 2 +- .../ext/roots_issue-closer-action.model.yml | 2 +- ql/lib/ext/ros-tooling_setup-ros.model.yml | 2 +- ql/lib/ext/ruby_setup-ruby.model.yml | 4 +- ...ction-detect-and-tag-new-version.model.yml | 4 +- ql/lib/ext/sergeysova_jq-action.model.yml | 2 +- ...shallwefootball_upload-s3-action.model.yml | 2 +- .../shogo82148_actions-setup-perl.model.yml | 2 +- ...skitionek_notify-microsoft-teams.model.yml | 2 +- ql/lib/ext/snow-actions_eclint.model.yml | 2 +- .../ext/stackhawk_hawkscan-action.model.yml | 2 +- .../ext/step-security_harden-runner.model.yml | 2 +- .../suisei-cn_actions-download-file.model.yml | 2 +- ql/lib/ext/tibdex_backport.model.yml | 2 +- ql/lib/ext/timheuer_base64-to-file.model.yml | 2 +- ql/lib/ext/tj-actions_branch-names.model.yml | 2 +- .../ext/trilom_file-changes-action.model.yml | 2 +- ...ss_conventional-changelog-action.model.yml | 2 +- .../tryghost_action-deploy-theme.model.yml | 2 +- ql/lib/ext/tzkhan_pr-update-action.model.yml | 2 +- ql/lib/ext/veracode_veracode-sca.model.yml | 2 +- .../ext/wearerequired_lint-action.model.yml | 2 +- ql/lib/ext/webfactory_ssh-agent.model.yml | 2 +- .../xt0rted_slash-command-action.model.yml | 2 +- ql/lib/ext/zaproxy_action-baseline.model.yml | 2 +- ql/lib/ext/zaproxy_action-full-scan.model.yml | 2 +- ql/lib/qlpack.gbo | 13 --- ql/lib/qlpack.yml | 15 ++-- ql/lib/yaml.dbscheme | 80 ------------------- ql/lib/yaml.dbscheme.stats | 4 - ql/src/codeql-pack.lock.yml | 6 ++ ql/src/qlpack.yml | 7 +- ql/test/codeql-pack.lock.yml | 6 ++ ql/test/library-tests/test.ql | 4 +- ql/test/qlpack.yml | 6 +- 755 files changed, 819 insertions(+), 898 deletions(-) create mode 100644 .!79690!.DS_Store delete mode 100644 ql/lib/qlpack.gbo delete mode 100644 ql/lib/yaml.dbscheme delete mode 100644 ql/lib/yaml.dbscheme.stats diff --git a/.!79690!.DS_Store b/.!79690!.DS_Store new file mode 100644 index 00000000000..e69de29bb2d diff --git a/ql/lib/codeql-pack.lock.yml b/ql/lib/codeql-pack.lock.yml index 84a6ccba26d..c060ce97430 100644 --- a/ql/lib/codeql-pack.lock.yml +++ b/ql/lib/codeql-pack.lock.yml @@ -2,15 +2,25 @@ lockVersion: 1.0.0 dependencies: codeql/controlflow: - version: 0.1.8 + version: 0.1.16 codeql/dataflow: - version: 0.1.8 + version: 0.2.7 + codeql/javascript-all: + version: 0.9.1 + codeql/mad: + version: 0.2.16 + codeql/regex: + version: 0.2.16 codeql/ssa: - version: 0.2.8 + version: 0.2.16 + codeql/tutorial: + version: 0.2.16 codeql/typetracking: - version: 0.2.8 + version: 0.2.16 codeql/util: - version: 0.2.8 + version: 0.2.16 + codeql/xml: + version: 0.0.3 codeql/yaml: - version: 0.1.5 + version: 0.2.16 compiled: false diff --git a/ql/lib/codeql/actions/dataflow/ExternalFlow.qll b/ql/lib/codeql/actions/dataflow/ExternalFlow.qll index c46a3ee64a1..d0b84f918d5 100644 --- a/ql/lib/codeql/actions/dataflow/ExternalFlow.qll +++ b/ql/lib/codeql/actions/dataflow/ExternalFlow.qll @@ -55,8 +55,8 @@ predicate externallyTriggerableEventsDataModel(string event) { * - output arg: To node (prefixed with either `env.` or `output.`) * - provenance: verification of the model */ -predicate sourceModel(string action, string version, string output, string kind, string provenance) { - Extensions::sourceModel(action, version, output, kind, provenance) +predicate actionsSourceModel(string action, string version, string output, string kind, string provenance) { + Extensions::actionsSourceModel(action, version, output, kind, provenance) } /** @@ -69,10 +69,10 @@ predicate sourceModel(string action, string version, string output, string kind, * - kind: Either 'Taint' or 'Value' * - provenance: verification of the model */ -predicate summaryModel( +predicate actionsSummaryModel( string action, string version, string input, string output, string kind, string provenance ) { - Extensions::summaryModel(action, version, input, output, kind, provenance) + Extensions::actionsSummaryModel(action, version, input, output, kind, provenance) } /** @@ -84,13 +84,13 @@ predicate summaryModel( * - kind: sink kind * - provenance: verification of the model */ -predicate sinkModel(string action, string version, string input, string kind, string provenance) { - Extensions::sinkModel(action, version, input, kind, provenance) +predicate actionsSinkModel(string action, string version, string input, string kind, string provenance) { + Extensions::actionsSinkModel(action, version, input, kind, provenance) } predicate externallyDefinedSource(DataFlow::Node source, string sourceType, string fieldName) { exists(Uses uses, string action, string version, string kind | - sourceModel(action, version, fieldName, kind, _) and + actionsSourceModel(action, version, fieldName, kind, _) and uses.getCallee() = action.toLowerCase() and ( if version.trim() = "*" @@ -113,7 +113,7 @@ predicate externallyDefinedStoreStep( DataFlow::Node pred, DataFlow::Node succ, DataFlow::ContentSet c ) { exists(Uses uses, string action, string version, string input, string output | - summaryModel(action, version, input, output, "taint", _) and + actionsSummaryModel(action, version, input, output, "taint", _) and c = any(DataFlow::FieldContent ct | ct.getName() = output.replaceAll("output.", "")) and uses.getCallee() = action.toLowerCase() and ( @@ -135,7 +135,7 @@ predicate externallyDefinedStoreStep( predicate externallyDefinedSink(DataFlow::Node sink, string kind) { exists(Uses uses, string action, string version, string input | - sinkModel(action, version, input, kind, _) and + actionsSinkModel(action, version, input, kind, _) and uses.getCallee() = action.toLowerCase() and ( if input.trim().matches("env.%") diff --git a/ql/lib/codeql/actions/dataflow/internal/ExternalFlowExtensions.qll b/ql/lib/codeql/actions/dataflow/internal/ExternalFlowExtensions.qll index 6c64b72e6b4..05f71cfc0be 100644 --- a/ql/lib/codeql/actions/dataflow/internal/ExternalFlowExtensions.qll +++ b/ql/lib/codeql/actions/dataflow/internal/ExternalFlowExtensions.qll @@ -5,21 +5,21 @@ /** * Holds if a source model exists for the given parameters. */ -extensible predicate sourceModel( +extensible predicate actionsSourceModel( string action, string version, string output, string kind, string provenance ); /** * Holds if a summary model exists for the given parameters. */ -extensible predicate summaryModel( +extensible predicate actionsSummaryModel( string action, string version, string input, string output, string kind, string provenance ); /** * Holds if a sink model exists for the given parameters. */ -extensible predicate sinkModel( +extensible predicate actionsSinkModel( string action, string version, string input, string kind, string provenance ); diff --git a/ql/lib/ext/8398a7_action-slack.model.yml b/ql/lib/ext/8398a7_action-slack.model.yml index 67455900ec3..b897e8f2c5a 100644 --- a/ql/lib/ext/8398a7_action-slack.model.yml +++ b/ql/lib/ext/8398a7_action-slack.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["8398a7/action-slack", "*", "input.custom_payload", "code-injection", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/SonarSource_sonarcloud-github-action.model.yml b/ql/lib/ext/SonarSource_sonarcloud-github-action.model.yml index 0220f0d54d8..3a5b34880b9 100644 --- a/ql/lib/ext/SonarSource_sonarcloud-github-action.model.yml +++ b/ql/lib/ext/SonarSource_sonarcloud-github-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["SonarSource/sonarcloud-github-action", "*", "input.args", "secret-exfiltration", "manual"] diff --git a/ql/lib/ext/actions_github-script.model.yml b/ql/lib/ext/actions_github-script.model.yml index 9b36680af8f..20abd532872 100644 --- a/ql/lib/ext/actions_github-script.model.yml +++ b/ql/lib/ext/actions_github-script.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["actions/github-script", "*", "input.script", "code-injection", "manual"] diff --git a/ql/lib/ext/ahmadnassri_action-changed-files.model.yml b/ql/lib/ext/ahmadnassri_action-changed-files.model.yml index fe3c3e58b5f..dcc20433483 100644 --- a/ql/lib/ext/ahmadnassri_action-changed-files.model.yml +++ b/ql/lib/ext/ahmadnassri_action-changed-files.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["ahmadnassri/action-changed-files", "*", "output.files", "filename", "manual"] - ["ahmadnassri/action-changed-files", "*", "output.json", "json", "manual"] diff --git a/ql/lib/ext/akhileshns_heroku-deploy.model.yml b/ql/lib/ext/akhileshns_heroku-deploy.model.yml index 41b67c2a625..3afd9991e07 100644 --- a/ql/lib/ext/akhileshns_heroku-deploy.model.yml +++ b/ql/lib/ext/akhileshns_heroku-deploy.model.yml @@ -1,12 +1,12 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["akhileshns/heroku-deploy", "*", "input.branch", "output.status", "taint", "manual"] - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["akhileshns/heroku-deploy", "*", "input.heroku_app_name", "command-injection", "manual"] - ["akhileshns/heroku-deploy", "*", "input.buildpack", "command-injection", "manual"] diff --git a/ql/lib/ext/amannn_action-semantic-pull-request.model.yml b/ql/lib/ext/amannn_action-semantic-pull-request.model.yml index 4d12a293696..3deae2a9f19 100644 --- a/ql/lib/ext/amannn_action-semantic-pull-request.model.yml +++ b/ql/lib/ext/amannn_action-semantic-pull-request.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["amannn/action-semantic-pull-request", "*", "output.error_message", "text", "manual"] diff --git a/ql/lib/ext/anchore_sbom-action.model.yml b/ql/lib/ext/anchore_sbom-action.model.yml index 7cb2e10e926..7dd0459ab7f 100644 --- a/ql/lib/ext/anchore_sbom-action.model.yml +++ b/ql/lib/ext/anchore_sbom-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["anchore/sbom-action", "*", "input.syft-version", "command-injection", "manual"] - ["anchore/sbom-action", "*", "input.format", "command-injection", "manual"] diff --git a/ql/lib/ext/anchore_scan-action.model.yml b/ql/lib/ext/anchore_scan-action.model.yml index 83f09bc6bde..721042aafaf 100644 --- a/ql/lib/ext/anchore_scan-action.model.yml +++ b/ql/lib/ext/anchore_scan-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["anchore/scan-action", "*", "input.grype-version", "command-injection", "manual"] diff --git a/ql/lib/ext/andresz1_size-limit-action.model.yml b/ql/lib/ext/andresz1_size-limit-action.model.yml index bdd8a8f77c9..ee4dbaf2b55 100644 --- a/ql/lib/ext/andresz1_size-limit-action.model.yml +++ b/ql/lib/ext/andresz1_size-limit-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["andresz1/size-limit-action", "*", "input.package_manager", "command-injection", "manual"] - ["andresz1/size-limit-action", "*", "input.build_script", "command-injection", "manual"] diff --git a/ql/lib/ext/android-actions_setup-android.model.yml b/ql/lib/ext/android-actions_setup-android.model.yml index 7e5f5c9ee6a..76ae920d255 100644 --- a/ql/lib/ext/android-actions_setup-android.model.yml +++ b/ql/lib/ext/android-actions_setup-android.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["android-actions/setup-android", "*", "input.cmdline-tools-version", "output.ANDROID_COMMANDLINE_TOOLS_VERSION", "taint", "manual"] diff --git a/ql/lib/ext/apple-actions_import-codesign-certs.model.yml b/ql/lib/ext/apple-actions_import-codesign-certs.model.yml index 8daa9a9c2b3..46f667d75a0 100644 --- a/ql/lib/ext/apple-actions_import-codesign-certs.model.yml +++ b/ql/lib/ext/apple-actions_import-codesign-certs.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["apple-actions/import-codesign-certs", "*", "input.keychain-password", "output.keychain-password", "taint", "manual"] diff --git a/ql/lib/ext/asdf-vm_actions.model.yml b/ql/lib/ext/asdf-vm_actions.model.yml index 80502e487b8..4df6fe61a43 100644 --- a/ql/lib/ext/asdf-vm_actions.model.yml +++ b/ql/lib/ext/asdf-vm_actions.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["asdf-vm/actions", "*", "input.before_install", "command-injection", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/ashley-taylor_read-json-property-action.model.yml b/ql/lib/ext/ashley-taylor_read-json-property-action.model.yml index 2a26d31feac..aab329160ea 100644 --- a/ql/lib/ext/ashley-taylor_read-json-property-action.model.yml +++ b/ql/lib/ext/ashley-taylor_read-json-property-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["ashley-taylor/read-json-property-action", "*", "input.json", "output.value", "taint", "manual"] diff --git a/ql/lib/ext/ashley-taylor_regex-property-action.model.yml b/ql/lib/ext/ashley-taylor_regex-property-action.model.yml index 82e81f55816..610d188f065 100644 --- a/ql/lib/ext/ashley-taylor_regex-property-action.model.yml +++ b/ql/lib/ext/ashley-taylor_regex-property-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["ashley-taylor/regex-property-action", "*", "input.replacement", "output.value", "taint", "manual"] - ["ashley-taylor/regex-property-action", "*", "input.value", "output.value", "taint", "manual"] diff --git a/ql/lib/ext/aszc_change-string-case-action.model.yml b/ql/lib/ext/aszc_change-string-case-action.model.yml index 58554eb3f61..b571bded8ca 100644 --- a/ql/lib/ext/aszc_change-string-case-action.model.yml +++ b/ql/lib/ext/aszc_change-string-case-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["aszc/change-string-case-action", "*", "input.string", "output.capitalized", "taint", "manual"] - ["aszc/change-string-case-action", "*", "input.replace-with", "output.uppercase", "taint", "manual"] diff --git a/ql/lib/ext/aws-actions_configure-aws-credentials.model.yml b/ql/lib/ext/aws-actions_configure-aws-credentials.model.yml index ca99210b4c2..cd8f4f73e49 100644 --- a/ql/lib/ext/aws-actions_configure-aws-credentials.model.yml +++ b/ql/lib/ext/aws-actions_configure-aws-credentials.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["aws-actions/configure-aws-credentials", "*", "input.aws-access-key-id", "env.AWS_ACCESS_KEY_ID", "taint", "manual"] - ["aws-actions/configure-aws-credentials", "*", "input.aws-access-key-id", "secret.AWS_ACCESS_KEY_ID", "taint", "manual"] diff --git a/ql/lib/ext/axel-op_googlejavaformat-action.model.yml b/ql/lib/ext/axel-op_googlejavaformat-action.model.yml index 1563d95b0b1..6ebc3875e07 100644 --- a/ql/lib/ext/axel-op_googlejavaformat-action.model.yml +++ b/ql/lib/ext/axel-op_googlejavaformat-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["axel-op/googlejavaformat-action", "*", "input.commitMessage", "command-injection", "manual"] - ["axel-op/googlejavaformat-action", "*", "input.commit-message", "command-injection", "manual"] diff --git a/ql/lib/ext/azure_powershell.model.yml b/ql/lib/ext/azure_powershell.model.yml index 2bb6000355d..2b2dbd014b7 100644 --- a/ql/lib/ext/azure_powershell.model.yml +++ b/ql/lib/ext/azure_powershell.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["azure/powershell", "*", "input.azPSVersion", "command-injection", "manual"] diff --git a/ql/lib/ext/bahmutov_npm-install.model.yml b/ql/lib/ext/bahmutov_npm-install.model.yml index b0c3419abe9..78b7eb1394c 100644 --- a/ql/lib/ext/bahmutov_npm-install.model.yml +++ b/ql/lib/ext/bahmutov_npm-install.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["bahmutov/npm-install", "*", "input.install-command", "command-injection", "manual"] diff --git a/ql/lib/ext/blackducksoftware_github-action.model.yml b/ql/lib/ext/blackducksoftware_github-action.model.yml index cbe593690e4..0f146da2e0c 100644 --- a/ql/lib/ext/blackducksoftware_github-action.model.yml +++ b/ql/lib/ext/blackducksoftware_github-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["blackducksoftware/github-action", "*", "input.args", "command-injection", "manual"] - ["blackducksoftware/github-action", "*", "input.blackduck.url", "command-injection", "manual"] diff --git a/ql/lib/ext/bobheadxi_deployments.model.yml b/ql/lib/ext/bobheadxi_deployments.model.yml index f29355d4882..483a3bf5172 100644 --- a/ql/lib/ext/bobheadxi_deployments.model.yml +++ b/ql/lib/ext/bobheadxi_deployments.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["bobheadxi/deployments", "*", "input.env", "output.env", "taint", "manual"] diff --git a/ql/lib/ext/bufbuild_buf-breaking-action.model.yml b/ql/lib/ext/bufbuild_buf-breaking-action.model.yml index 8463ed9577b..e06e75f7a3b 100644 --- a/ql/lib/ext/bufbuild_buf-breaking-action.model.yml +++ b/ql/lib/ext/bufbuild_buf-breaking-action.model.yml @@ -1,12 +1,12 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["bufbuild/buf-breaking-action", "*", "input.buf_token", "env.BUF_TOKEN", "taint", "manual"] - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["bufbuild/buf-breaking-action", "*", "input.input", "command-injection", "manual"] - ["bufbuild/buf-breaking-action", "*", "input.against", "command-injection", "manual"] diff --git a/ql/lib/ext/bufbuild_buf-lint-action.model.yml b/ql/lib/ext/bufbuild_buf-lint-action.model.yml index f20a877c3d2..d0a88ff3167 100644 --- a/ql/lib/ext/bufbuild_buf-lint-action.model.yml +++ b/ql/lib/ext/bufbuild_buf-lint-action.model.yml @@ -1,11 +1,11 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["bufbuild/buf-lint-action", "*", "input.buf_token", "env.BUF_TOKEN", "taint", "manual"] - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["bufbuild/buf-lint-action", "*", "input.input", "command-injection", "manual"] diff --git a/ql/lib/ext/bufbuild_buf-setup-action.model.yml b/ql/lib/ext/bufbuild_buf-setup-action.model.yml index e0fe96ff915..a29f84a55b5 100644 --- a/ql/lib/ext/bufbuild_buf-setup-action.model.yml +++ b/ql/lib/ext/bufbuild_buf-setup-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["bufbuild/buf-setup-action", "*", "input.buf_domain", "command-injection", "manual"] - ["bufbuild/buf-setup-action", "*", "input.buf_user", "command-injection", "manual"] diff --git a/ql/lib/ext/cachix_cachix-action.model.yml b/ql/lib/ext/cachix_cachix-action.model.yml index a7489b68688..0e11fe45b42 100644 --- a/ql/lib/ext/cachix_cachix-action.model.yml +++ b/ql/lib/ext/cachix_cachix-action.model.yml @@ -1,12 +1,12 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["cachix/cachix-action", "*", "input.signingKey", "env.CACHIX_SIGNING_KEY", "taint", "manual"] - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cachix/cachix-action", "*", "input.installCommand", "command-injection", "manual"] - ["cachix/cachix-action", "*", "input.cachixBin", "command-injection", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/changesets_action.model.yml b/ql/lib/ext/changesets_action.model.yml index c0a18c36465..7e0970034a5 100644 --- a/ql/lib/ext/changesets_action.model.yml +++ b/ql/lib/ext/changesets_action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["changesets/action", "*", "input.publish", "command-injection", "manual"] - ["changesets/action", "*", "input.version", "command-injection", "manual"] diff --git a/ql/lib/ext/cloudflare_wrangler-action.model.yml b/ql/lib/ext/cloudflare_wrangler-action.model.yml index 79ed7a80437..2f62f211da9 100644 --- a/ql/lib/ext/cloudflare_wrangler-action.model.yml +++ b/ql/lib/ext/cloudflare_wrangler-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cloudflare/wrangler-action", "*", "input.preCommands", "command-injection", "manual"] - ["cloudflare/wrangler-action", "*", "input.postCommands", "command-injection", "manual"] diff --git a/ql/lib/ext/coursier_cache-action.model.yml b/ql/lib/ext/coursier_cache-action.model.yml index 550b5b854ed..f94ad242321 100644 --- a/ql/lib/ext/coursier_cache-action.model.yml +++ b/ql/lib/ext/coursier_cache-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["coursier/cache-action", "*", "input.path", "env.COURSIER_CACHE", "taint", "manual"] diff --git a/ql/lib/ext/crazy-max_ghaction-chocolatey.model.yml b/ql/lib/ext/crazy-max_ghaction-chocolatey.model.yml index bbe88611259..5872399881c 100644 --- a/ql/lib/ext/crazy-max_ghaction-chocolatey.model.yml +++ b/ql/lib/ext/crazy-max_ghaction-chocolatey.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["crazy-max/ghaction-chocolatey", "*", "input.args", "command-injection", "manual"] diff --git a/ql/lib/ext/crazy-max_ghaction-import-gpg.model.yml b/ql/lib/ext/crazy-max_ghaction-import-gpg.model.yml index 83b3bc3520d..02c5dcd3cca 100644 --- a/ql/lib/ext/crazy-max_ghaction-import-gpg.model.yml +++ b/ql/lib/ext/crazy-max_ghaction-import-gpg.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["crazy-max/ghaction-import-gpg", "*", "input.fingerprint", "output.fingerprint", "taint", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/csexton_release-asset-action.model.yml b/ql/lib/ext/csexton_release-asset-action.model.yml index 3b0642fece4..45bf0c57355 100644 --- a/ql/lib/ext/csexton_release-asset-action.model.yml +++ b/ql/lib/ext/csexton_release-asset-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["csexton/release-asset-action", "*", "input.release-url", "output.url", "taint", "manual"] diff --git a/ql/lib/ext/cycjimmy_semantic-release-action.model.yml b/ql/lib/ext/cycjimmy_semantic-release-action.model.yml index db55d3c6f3a..4ac3492c41c 100644 --- a/ql/lib/ext/cycjimmy_semantic-release-action.model.yml +++ b/ql/lib/ext/cycjimmy_semantic-release-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cycjimmy/semantic-release-action", "*", "input.semantic_version", "command-injection", "manual"] - ["cycjimmy/semantic-release-action", "*", "input.extra_plugins", "command-injection", "manual"] diff --git a/ql/lib/ext/cypress-io_github-action.model.yml b/ql/lib/ext/cypress-io_github-action.model.yml index a4539923b35..a48da0cedfc 100644 --- a/ql/lib/ext/cypress-io_github-action.model.yml +++ b/ql/lib/ext/cypress-io_github-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["cypress-io/github-action", "*", "env.GH_BRANCH", "branch", "manual"] diff --git a/ql/lib/ext/dailydotdev_action-devcard.model.yml b/ql/lib/ext/dailydotdev_action-devcard.model.yml index 46226863687..6ca7aa86c06 100644 --- a/ql/lib/ext/dailydotdev_action-devcard.model.yml +++ b/ql/lib/ext/dailydotdev_action-devcard.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dailydotdev/action-devcard", "*", "input.commit_branch", "sql-injection", "manual"] - ["dailydotdev/action-devcard", "*", "input.commit_filename", "sql-injection", "manual"] diff --git a/ql/lib/ext/danielpalme_reportgenerator-github-action.model.yml b/ql/lib/ext/danielpalme_reportgenerator-github-action.model.yml index afe3e82ca1f..11f1f10980f 100644 --- a/ql/lib/ext/danielpalme_reportgenerator-github-action.model.yml +++ b/ql/lib/ext/danielpalme_reportgenerator-github-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["danielpalme/reportgenerator-github-action", "*", "input.toolpath", "command-injection", "manual"] diff --git a/ql/lib/ext/daspn_private-actions-checkout.model.yml b/ql/lib/ext/daspn_private-actions-checkout.model.yml index 5b0a9dab38d..9ed2cb7908b 100644 --- a/ql/lib/ext/daspn_private-actions-checkout.model.yml +++ b/ql/lib/ext/daspn_private-actions-checkout.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["daspn/private-actions-checkout", "*", "input.actions_list", "command-injection", "manual"] - ["daspn/private-actions-checkout", "*", "input.checkout_base_path", "command-injection", "manual"] diff --git a/ql/lib/ext/dawidd6_action-ansible-playbook.model.yml b/ql/lib/ext/dawidd6_action-ansible-playbook.model.yml index 35bbd72f0a4..7f279f37a45 100644 --- a/ql/lib/ext/dawidd6_action-ansible-playbook.model.yml +++ b/ql/lib/ext/dawidd6_action-ansible-playbook.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dawidd6/action-ansible-playbook", "*", "input.playbook", "command-injection", "manual"] - ["dawidd6/action-ansible-playbook", "*", "input.options", "command-injection", "manual"] diff --git a/ql/lib/ext/dawidd6_action-download-artifact.model.yml b/ql/lib/ext/dawidd6_action-download-artifact.model.yml index 472778d33b4..68f434f4797 100644 --- a/ql/lib/ext/dawidd6_action-download-artifact.model.yml +++ b/ql/lib/ext/dawidd6_action-download-artifact.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["dawidd6/action-download-artifact", "*", "output.artifacts", "artifact", "manual"] diff --git a/ql/lib/ext/delaguardo_setup-clojure.model.yml b/ql/lib/ext/delaguardo_setup-clojure.model.yml index 1647e560730..890a47c79fc 100644 --- a/ql/lib/ext/delaguardo_setup-clojure.model.yml +++ b/ql/lib/ext/delaguardo_setup-clojure.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["delaguardo/setup-clojure", "*", "input.boot", "env.BOOT_VERSION", "taint", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/determinatesystems_magic-nix-cache-action.model.yml b/ql/lib/ext/determinatesystems_magic-nix-cache-action.model.yml index bbdad8287dd..aff5c330316 100644 --- a/ql/lib/ext/determinatesystems_magic-nix-cache-action.model.yml +++ b/ql/lib/ext/determinatesystems_magic-nix-cache-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["determinatesystems/magic-nix-cache-action", "*", "input.source-url", "command-injection", "manual"] - ["determinatesystems/magic-nix-cache-action", "*", "input.source-tag", "command-injection", "manual"] diff --git a/ql/lib/ext/docker-practice_actions-setup-docker.model.yml b/ql/lib/ext/docker-practice_actions-setup-docker.model.yml index f3ac66006d9..8f5e22fa2d9 100644 --- a/ql/lib/ext/docker-practice_actions-setup-docker.model.yml +++ b/ql/lib/ext/docker-practice_actions-setup-docker.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["docker-practice/actions-setup-docker", "*", "input.docker_version", "command-injection", "manual"] - ["docker-practice/actions-setup-docker", "*", "input.docker_channel", "command-injection", "manual"] diff --git a/ql/lib/ext/docker_build-push-action.model.yml b/ql/lib/ext/docker_build-push-action.model.yml index 9189245e228..ff0131da99e 100644 --- a/ql/lib/ext/docker_build-push-action.model.yml +++ b/ql/lib/ext/docker_build-push-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["docker/build-push-action", "*", "input.context", "code-injection", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/endbug_latest-tag.model.yml b/ql/lib/ext/endbug_latest-tag.model.yml index bd64fc37423..1d82fb8f836 100644 --- a/ql/lib/ext/endbug_latest-tag.model.yml +++ b/ql/lib/ext/endbug_latest-tag.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["endbug/latest-tag", "*", "input.ref", "command-injection", "manual"] - ["endbug/latest-tag", "*", "input.tag-name", "command-injection", "manual"] diff --git a/ql/lib/ext/expo_expo-github-action.model.yml b/ql/lib/ext/expo_expo-github-action.model.yml index 9a20279e110..1e4cc21dd13 100644 --- a/ql/lib/ext/expo_expo-github-action.model.yml +++ b/ql/lib/ext/expo_expo-github-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["expo/expo-github-action", "*", "input.command", "command-injection", "manual"] - ["expo/expo-github-action", "*", "input.packager", "command-injection", "manual"] diff --git a/ql/lib/ext/firebaseextended_action-hosting-deploy.model.yml b/ql/lib/ext/firebaseextended_action-hosting-deploy.model.yml index 8d06bc8a512..ba729868a04 100644 --- a/ql/lib/ext/firebaseextended_action-hosting-deploy.model.yml +++ b/ql/lib/ext/firebaseextended_action-hosting-deploy.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["firebaseextended/action-hosting-deploy", "*", "input.firebaseToolsVersion", "command-injection", "manual"] diff --git a/ql/lib/ext/frabert_replace-string-action.model.yml b/ql/lib/ext/frabert_replace-string-action.model.yml index 9d066ac23ec..504f0693977 100644 --- a/ql/lib/ext/frabert_replace-string-action.model.yml +++ b/ql/lib/ext/frabert_replace-string-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["frabert/replace-string-action", "*", "input.string", "output.replaced", "taint", "manual"] - ["frabert/replace-string-action", "*", "input.replace-with", "output.replaced", "taint", "manual"] diff --git a/ql/lib/ext/franzdiebold_github-env-vars-action.model.yml b/ql/lib/ext/franzdiebold_github-env-vars-action.model.yml index 71d83774231..48267b6d082 100644 --- a/ql/lib/ext/franzdiebold_github-env-vars-action.model.yml +++ b/ql/lib/ext/franzdiebold_github-env-vars-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["franzdiebold/github-env-vars-action", "*", "output.CI_PR_DESCRIPTION", "text", "manual"] - ["franzdiebold/github-env-vars-action", "*", "output.CI_PR_TITLE", "title", "manual"] diff --git a/ql/lib/ext/gabrielbb_xvfb-action.model.yml b/ql/lib/ext/gabrielbb_xvfb-action.model.yml index 563da9d4c0f..26eea1d2341 100644 --- a/ql/lib/ext/gabrielbb_xvfb-action.model.yml +++ b/ql/lib/ext/gabrielbb_xvfb-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["gabrielbb/xvfb-action", "*", "input.run", "command-injection", "manual"] - ["gabrielbb/xvfb-action", "*", "input.options", "command-injection", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/game-ci_unity-builder.model.yml b/ql/lib/ext/game-ci_unity-builder.model.yml index 5194ce500fb..7993d827fa6 100644 --- a/ql/lib/ext/game-ci_unity-builder.model.yml +++ b/ql/lib/ext/game-ci_unity-builder.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["game-ci/unity-builder", "*", "input.cacheKey", "command-injection", "manual"] - ["game-ci/unity-builder", "*", "input.unityHubVersionOnMac", "command-injection", "manual"] diff --git a/ql/lib/ext/game-ci_unity-test-runner.model.yml b/ql/lib/ext/game-ci_unity-test-runner.model.yml index 8c2f32627d9..de48ea5a709 100644 --- a/ql/lib/ext/game-ci_unity-test-runner.model.yml +++ b/ql/lib/ext/game-ci_unity-test-runner.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["game-ci/unity-test-runner", "*", "input.artifactsPath", "output.artifactsPath", "taint", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/gautamkrishnar_blog-post-workflow.model.yml b/ql/lib/ext/gautamkrishnar_blog-post-workflow.model.yml index f74ae81a52c..36a9b24f089 100644 --- a/ql/lib/ext/gautamkrishnar_blog-post-workflow.model.yml +++ b/ql/lib/ext/gautamkrishnar_blog-post-workflow.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["gautamkrishnar/blog-post-workflow", "*", "input.item_exec", "code-injection", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/actions_actions-runner-controller.model.yml b/ql/lib/ext/generated/composite-actions/actions_actions-runner-controller.model.yml index 877543ea8e4..f04f8dda6c8 100644 --- a/ql/lib/ext/generated/composite-actions/actions_actions-runner-controller.model.yml +++ b/ql/lib/ext/generated/composite-actions/actions_actions-runner-controller.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["actions/actions-runner-controller", "*", "input.image-tag", "code-injection", "generated"] - ["actions/actions-runner-controller", "*", "input.image-name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/adap_flower.model.yml b/ql/lib/ext/generated/composite-actions/adap_flower.model.yml index 1c9d4a7f6d9..a37d6452d50 100644 --- a/ql/lib/ext/generated/composite-actions/adap_flower.model.yml +++ b/ql/lib/ext/generated/composite-actions/adap_flower.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["adap/flower", "*", "input.poetry-version", "code-injection", "generated"] - ["adap/flower", "*", "input.setuptools-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/agoric_agoric-sdk.model.yml b/ql/lib/ext/generated/composite-actions/agoric_agoric-sdk.model.yml index a9d65724735..352eb51996a 100644 --- a/ql/lib/ext/generated/composite-actions/agoric_agoric-sdk.model.yml +++ b/ql/lib/ext/generated/composite-actions/agoric_agoric-sdk.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["agoric/agoric-sdk", "*", "input.xsnap-random-init", "code-injection", "generated"] - ["agoric/agoric-sdk", "*", "input.path", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/airbnb_lottie-ios.model.yml b/ql/lib/ext/generated/composite-actions/airbnb_lottie-ios.model.yml index d40014b9a12..44f34c11cb3 100644 --- a/ql/lib/ext/generated/composite-actions/airbnb_lottie-ios.model.yml +++ b/ql/lib/ext/generated/composite-actions/airbnb_lottie-ios.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["airbnb/lottie-ios", "*", "input.xcode", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/airbytehq_airbyte.model.yml b/ql/lib/ext/generated/composite-actions/airbytehq_airbyte.model.yml index 7452ddc2187..3fd2e46296a 100644 --- a/ql/lib/ext/generated/composite-actions/airbytehq_airbyte.model.yml +++ b/ql/lib/ext/generated/composite-actions/airbytehq_airbyte.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["airbytehq/airbyte", "*", "input.options", "code-injection", "generated"] - ["airbytehq/airbyte", "*", "input.subcommand", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/amazon-ion_ion-java.model.yml b/ql/lib/ext/generated/composite-actions/amazon-ion_ion-java.model.yml index a91d2c7b0e5..881374b6c90 100644 --- a/ql/lib/ext/generated/composite-actions/amazon-ion_ion-java.model.yml +++ b/ql/lib/ext/generated/composite-actions/amazon-ion_ion-java.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["amazon-ion/ion-java", "*", "input.project_version", "code-injection", "generated"] - ["amazon-ion/ion-java", "*", "input.repo", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/anchore_grype.model.yml b/ql/lib/ext/generated/composite-actions/anchore_grype.model.yml index 95b5ba13ad1..6d77c866dc2 100644 --- a/ql/lib/ext/generated/composite-actions/anchore_grype.model.yml +++ b/ql/lib/ext/generated/composite-actions/anchore_grype.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["anchore/grype", "*", "input.bootstrap-apt-packages", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/anchore_syft.model.yml b/ql/lib/ext/generated/composite-actions/anchore_syft.model.yml index 7157e1bea48..0b27c584584 100644 --- a/ql/lib/ext/generated/composite-actions/anchore_syft.model.yml +++ b/ql/lib/ext/generated/composite-actions/anchore_syft.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["anchore/syft", "*", "input.bootstrap-apt-packages", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/angular_dev-infra.model.yml b/ql/lib/ext/generated/composite-actions/angular_dev-infra.model.yml index a3f43d524b4..911d3e57155 100644 --- a/ql/lib/ext/generated/composite-actions/angular_dev-infra.model.yml +++ b/ql/lib/ext/generated/composite-actions/angular_dev-infra.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["angular/dev-infra", "*", "input.firebase-public-dir", "code-injection", "generated"] - ["angular/dev-infra", "*", "input.workflow-artifact-name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/ansible_ansible-lint.model.yml b/ql/lib/ext/generated/composite-actions/ansible_ansible-lint.model.yml index 6e0d980943a..1ac668cf55a 100644 --- a/ql/lib/ext/generated/composite-actions/ansible_ansible-lint.model.yml +++ b/ql/lib/ext/generated/composite-actions/ansible_ansible-lint.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ansible/ansible-lint", "*", "input.args", "code-injection", "generated"] - ["ansible/ansible-lint", "*", "input.working_directory", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/ansible_awx.model.yml b/ql/lib/ext/generated/composite-actions/ansible_awx.model.yml index ef682ff4fff..5cf121dcef2 100644 --- a/ql/lib/ext/generated/composite-actions/ansible_awx.model.yml +++ b/ql/lib/ext/generated/composite-actions/ansible_awx.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ansible/awx", "*", "input.log-filename", "code-injection", "generated"] - ["ansible/awx", "*", "input.github-token", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/apache_arrow-datafusion.model.yml b/ql/lib/ext/generated/composite-actions/apache_arrow-datafusion.model.yml index 7ce84599d17..d946204e9b9 100644 --- a/ql/lib/ext/generated/composite-actions/apache_arrow-datafusion.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_arrow-datafusion.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/arrow-datafusion", "*", "input.rust-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/apache_arrow-rs.model.yml b/ql/lib/ext/generated/composite-actions/apache_arrow-rs.model.yml index 47f1c83016f..c6839a7b004 100644 --- a/ql/lib/ext/generated/composite-actions/apache_arrow-rs.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_arrow-rs.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/arrow-rs", "*", "input.target", "code-injection", "generated"] - ["apache/arrow-rs", "*", "input.rust-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/apache_arrow.model.yml b/ql/lib/ext/generated/composite-actions/apache_arrow.model.yml index 54353368db2..9e708bbcc89 100644 --- a/ql/lib/ext/generated/composite-actions/apache_arrow.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_arrow.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/arrow", "*", "input.upload", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/apache_bookkeeper.model.yml b/ql/lib/ext/generated/composite-actions/apache_bookkeeper.model.yml index 119115c1560..cfb67540b17 100644 --- a/ql/lib/ext/generated/composite-actions/apache_bookkeeper.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_bookkeeper.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/bookkeeper", "*", "input.mode", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/apache_brpc.model.yml b/ql/lib/ext/generated/composite-actions/apache_brpc.model.yml index 762623ed27e..7186433e6d2 100644 --- a/ql/lib/ext/generated/composite-actions/apache_brpc.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_brpc.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/brpc", "*", "input.options", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/apache_camel-k.model.yml b/ql/lib/ext/generated/composite-actions/apache_camel-k.model.yml index 2272d7ff8e6..d39aafe162f 100644 --- a/ql/lib/ext/generated/composite-actions/apache_camel-k.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_camel-k.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/camel-k", "*", "input.test-suite", "code-injection", "generated"] - ["apache/camel-k", "*", "input.image-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/apache_camel.model.yml b/ql/lib/ext/generated/composite-actions/apache_camel.model.yml index 3537169892a..a3b53b3ec96 100644 --- a/ql/lib/ext/generated/composite-actions/apache_camel.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_camel.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/camel", "*", "input.end-commit", "code-injection", "generated"] - ["apache/camel", "*", "input.start-commit", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/apache_flink.model.yml b/ql/lib/ext/generated/composite-actions/apache_flink.model.yml index dfac696dddf..2a35d22a10e 100644 --- a/ql/lib/ext/generated/composite-actions/apache_flink.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_flink.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/flink", "*", "input.maven-parameters", "code-injection", "generated"] - ["apache/flink", "*", "input.env", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/apache_incubator-kie-tools.model.yml b/ql/lib/ext/generated/composite-actions/apache_incubator-kie-tools.model.yml index 2e28ad9e900..156d244ece2 100644 --- a/ql/lib/ext/generated/composite-actions/apache_incubator-kie-tools.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_incubator-kie-tools.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["apache/incubator-kie-tools", "*", "input.pnpm_filter_string", "output.pnpm_filter_string", "taint", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/apache_nuttx.model.yml b/ql/lib/ext/generated/composite-actions/apache_nuttx.model.yml index 5c82922c35e..fcda4b3dfec 100644 --- a/ql/lib/ext/generated/composite-actions/apache_nuttx.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_nuttx.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/nuttx", "*", "input.haskell", "code-injection", "generated"] - ["apache/nuttx", "*", "input.dotnet", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/apache_opendal.model.yml b/ql/lib/ext/generated/composite-actions/apache_opendal.model.yml index d618f7b761f..84877f57d8c 100644 --- a/ql/lib/ext/generated/composite-actions/apache_opendal.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_opendal.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/opendal", "*", "input.feature", "code-injection", "generated"] - ["apache/opendal", "*", "input.setup", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/apache_pekko.model.yml b/ql/lib/ext/generated/composite-actions/apache_pekko.model.yml index c49315d791a..dcb93d013a0 100644 --- a/ql/lib/ext/generated/composite-actions/apache_pekko.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_pekko.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/pekko", "*", "input.upload", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/apache_pulsar-helm-chart.model.yml b/ql/lib/ext/generated/composite-actions/apache_pulsar-helm-chart.model.yml index f58fcf336fc..4776bb79067 100644 --- a/ql/lib/ext/generated/composite-actions/apache_pulsar-helm-chart.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_pulsar-helm-chart.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/pulsar-helm-chart", "*", "input.limit-access-to-users", "code-injection", "generated"] - ["apache/pulsar-helm-chart", "*", "input.limit-access-to-actor", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/apache_superset.model.yml b/ql/lib/ext/generated/composite-actions/apache_superset.model.yml index 4812eaa5b4a..2540e6a76ca 100644 --- a/ql/lib/ext/generated/composite-actions/apache_superset.model.yml +++ b/ql/lib/ext/generated/composite-actions/apache_superset.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/superset", "*", "input.requirements-type", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/appflowy-io_appflowy.model.yml b/ql/lib/ext/generated/composite-actions/appflowy-io_appflowy.model.yml index de8c3e1b725..525064de6a9 100644 --- a/ql/lib/ext/generated/composite-actions/appflowy-io_appflowy.model.yml +++ b/ql/lib/ext/generated/composite-actions/appflowy-io_appflowy.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["appflowy-io/appflowy", "*", "input.test_path", "code-injection", "generated"] - ["appflowy-io/appflowy", "*", "input.flutter_profile", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/aptos-labs_aptos-core.model.yml b/ql/lib/ext/generated/composite-actions/aptos-labs_aptos-core.model.yml index dee268884a1..b46d5a3ee6a 100644 --- a/ql/lib/ext/generated/composite-actions/aptos-labs_aptos-core.model.yml +++ b/ql/lib/ext/generated/composite-actions/aptos-labs_aptos-core.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["aptos-labs/aptos-core", "*", "input.GIT_CREDENTIALS", "code-injection", "generated"] - ["aptos-labs/aptos-core", "*", "input.GCP_DOCKER_ARTIFACT_REPO", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/archivesspace_archivesspace.model.yml b/ql/lib/ext/generated/composite-actions/archivesspace_archivesspace.model.yml index 5e0e5158390..631457c813e 100644 --- a/ql/lib/ext/generated/composite-actions/archivesspace_archivesspace.model.yml +++ b/ql/lib/ext/generated/composite-actions/archivesspace_archivesspace.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["archivesspace/archivesspace", "*", "input.mysql-connector-url", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/armadaproject_armada.model.yml b/ql/lib/ext/generated/composite-actions/armadaproject_armada.model.yml index bb4b41a0592..44d9eb10a0d 100644 --- a/ql/lib/ext/generated/composite-actions/armadaproject_armada.model.yml +++ b/ql/lib/ext/generated/composite-actions/armadaproject_armada.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["armadaproject/armada", "*", "input.tox-env", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/armbian_build.model.yml b/ql/lib/ext/generated/composite-actions/armbian_build.model.yml index ef3a84762db..0d7f80698f5 100644 --- a/ql/lib/ext/generated/composite-actions/armbian_build.model.yml +++ b/ql/lib/ext/generated/composite-actions/armbian_build.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["armbian/build", "*", "input.armbian_pgp_password", "code-injection", "generated"] - ["armbian/build", "*", "input.armbian_extensions", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/auth0_auth0-java.model.yml b/ql/lib/ext/generated/composite-actions/auth0_auth0-java.model.yml index 425242bf220..84caa043484 100644 --- a/ql/lib/ext/generated/composite-actions/auth0_auth0-java.model.yml +++ b/ql/lib/ext/generated/composite-actions/auth0_auth0-java.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["auth0/auth0-java", "*", "input.signing-password", "code-injection", "generated"] - ["auth0/auth0-java", "*", "input.signing-key", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/auth0_auth0.net.model.yml b/ql/lib/ext/generated/composite-actions/auth0_auth0.net.model.yml index 62f1ed005ed..f6aed253a21 100644 --- a/ql/lib/ext/generated/composite-actions/auth0_auth0.net.model.yml +++ b/ql/lib/ext/generated/composite-actions/auth0_auth0.net.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["auth0/auth0.net", "*", "input.nuget-token", "code-injection", "generated"] - ["auth0/auth0.net", "*", "input.nuget-directory", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/auth0_auth0.swift.model.yml b/ql/lib/ext/generated/composite-actions/auth0_auth0.swift.model.yml index 098b460bbd8..1eac49617f2 100644 --- a/ql/lib/ext/generated/composite-actions/auth0_auth0.swift.model.yml +++ b/ql/lib/ext/generated/composite-actions/auth0_auth0.swift.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["auth0/auth0.swift", "*", "input.platform", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/autogluon_autogluon.model.yml b/ql/lib/ext/generated/composite-actions/autogluon_autogluon.model.yml index d5a257be220..1efa6815c28 100644 --- a/ql/lib/ext/generated/composite-actions/autogluon_autogluon.model.yml +++ b/ql/lib/ext/generated/composite-actions/autogluon_autogluon.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["autogluon/autogluon", "*", "input.submodule-to-test", "code-injection", "generated"] - ["autogluon/autogluon", "*", "input.command", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/avaiga_taipy.model.yml b/ql/lib/ext/generated/composite-actions/avaiga_taipy.model.yml index 53c6258551f..91463a305dd 100644 --- a/ql/lib/ext/generated/composite-actions/avaiga_taipy.model.yml +++ b/ql/lib/ext/generated/composite-actions/avaiga_taipy.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["avaiga/taipy", "*", "input.python-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/aws-amplify_amplify-cli.model.yml b/ql/lib/ext/generated/composite-actions/aws-amplify_amplify-cli.model.yml index 62a4f2bbcd7..7ef240ad999 100644 --- a/ql/lib/ext/generated/composite-actions/aws-amplify_amplify-cli.model.yml +++ b/ql/lib/ext/generated/composite-actions/aws-amplify_amplify-cli.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["aws-amplify/amplify-cli", "*", "input.cli-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/aws-powertools_powertools-lambda-python.model.yml b/ql/lib/ext/generated/composite-actions/aws-powertools_powertools-lambda-python.model.yml index 6dffbff40d3..db953acf5bc 100644 --- a/ql/lib/ext/generated/composite-actions/aws-powertools_powertools-lambda-python.model.yml +++ b/ql/lib/ext/generated/composite-actions/aws-powertools_powertools-lambda-python.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["aws-powertools/powertools-lambda-python", "*", "input.artifact_name_prefix", "output.artifact_name", "taint", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/aws_amazon-vpc-cni-k8s.model.yml b/ql/lib/ext/generated/composite-actions/aws_amazon-vpc-cni-k8s.model.yml index ac72bb9ebf0..7c1b01e14b5 100644 --- a/ql/lib/ext/generated/composite-actions/aws_amazon-vpc-cni-k8s.model.yml +++ b/ql/lib/ext/generated/composite-actions/aws_amazon-vpc-cni-k8s.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["aws/amazon-vpc-cni-k8s", "*", "input.go-package", "code-injection", "generated"] - ["aws/amazon-vpc-cni-k8s", "*", "input.work-dir", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/aws_karpenter-provider-aws.model.yml b/ql/lib/ext/generated/composite-actions/aws_karpenter-provider-aws.model.yml index b3f1ca67eef..37b67a933a3 100644 --- a/ql/lib/ext/generated/composite-actions/aws_karpenter-provider-aws.model.yml +++ b/ql/lib/ext/generated/composite-actions/aws_karpenter-provider-aws.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["aws/karpenter-provider-aws", "*", "input.account_id", "code-injection", "generated"] - ["aws/karpenter-provider-aws", "*", "input.cluster_name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/awslabs_amazon-eks-ami.model.yml b/ql/lib/ext/generated/composite-actions/awslabs_amazon-eks-ami.model.yml index 44f5ad66096..570a9bdd142 100644 --- a/ql/lib/ext/generated/composite-actions/awslabs_amazon-eks-ami.model.yml +++ b/ql/lib/ext/generated/composite-actions/awslabs_amazon-eks-ami.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["awslabs/amazon-eks-ami", "*", "input.max_resource_age_duration", "code-injection", "generated"] - ["awslabs/amazon-eks-ami", "*", "input.aws_region", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/awslabs_aws-lambda-rust-runtime.model.yml b/ql/lib/ext/generated/composite-actions/awslabs_aws-lambda-rust-runtime.model.yml index c2e56f7e175..8c1993c47ca 100644 --- a/ql/lib/ext/generated/composite-actions/awslabs_aws-lambda-rust-runtime.model.yml +++ b/ql/lib/ext/generated/composite-actions/awslabs_aws-lambda-rust-runtime.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["awslabs/aws-lambda-rust-runtime", "*", "input.package", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/azerothcore_azerothcore-wotlk.model.yml b/ql/lib/ext/generated/composite-actions/azerothcore_azerothcore-wotlk.model.yml index 54d0c8b2fe0..ee0adaadb3e 100644 --- a/ql/lib/ext/generated/composite-actions/azerothcore_azerothcore-wotlk.model.yml +++ b/ql/lib/ext/generated/composite-actions/azerothcore_azerothcore-wotlk.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["azerothcore/azerothcore-wotlk", "*", "input.CXX", "code-injection", "generated"] - ["azerothcore/azerothcore-wotlk", "*", "input.CC", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/azure_azure-datafactory.model.yml b/ql/lib/ext/generated/composite-actions/azure_azure-datafactory.model.yml index b1914e7a96b..c127f03bb66 100644 --- a/ql/lib/ext/generated/composite-actions/azure_azure-datafactory.model.yml +++ b/ql/lib/ext/generated/composite-actions/azure_azure-datafactory.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["azure/azure-datafactory", "*", "input.directory", "code-injection", "generated"] - ["azure/azure-datafactory", "*", "input.path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/badges_shields.model.yml b/ql/lib/ext/generated/composite-actions/badges_shields.model.yml index dd66f206ee9..3b3d60fadd0 100644 --- a/ql/lib/ext/generated/composite-actions/badges_shields.model.yml +++ b/ql/lib/ext/generated/composite-actions/badges_shields.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["badges/shields", "*", "input.npm-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/balena-io_etcher.model.yml b/ql/lib/ext/generated/composite-actions/balena-io_etcher.model.yml index 0c26f02e6d8..4dd43acd2c5 100644 --- a/ql/lib/ext/generated/composite-actions/balena-io_etcher.model.yml +++ b/ql/lib/ext/generated/composite-actions/balena-io_etcher.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["balena-io/etcher", "*", "input.VERBOSE", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/balena-os_balena-engine.model.yml b/ql/lib/ext/generated/composite-actions/balena-os_balena-engine.model.yml index 2ee13115d6d..cb4bff25f9a 100644 --- a/ql/lib/ext/generated/composite-actions/balena-os_balena-engine.model.yml +++ b/ql/lib/ext/generated/composite-actions/balena-os_balena-engine.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["balena-os/balena-engine", "*", "input.VERBOSE", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/ben-manes_caffeine.model.yml b/ql/lib/ext/generated/composite-actions/ben-manes_caffeine.model.yml index c76ed5b6604..39a204389b9 100644 --- a/ql/lib/ext/generated/composite-actions/ben-manes_caffeine.model.yml +++ b/ql/lib/ext/generated/composite-actions/ben-manes_caffeine.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ben-manes/caffeine", "*", "input.attempt-delay", "code-injection", "generated"] - ["ben-manes/caffeine", "*", "input.attempt-limit", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/bokeh_bokeh.model.yml b/ql/lib/ext/generated/composite-actions/bokeh_bokeh.model.yml index 0bdf2087b46..6b4192c0c61 100644 --- a/ql/lib/ext/generated/composite-actions/bokeh_bokeh.model.yml +++ b/ql/lib/ext/generated/composite-actions/bokeh_bokeh.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["bokeh/bokeh", "*", "input.test-env", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/botpress_botpress.model.yml b/ql/lib/ext/generated/composite-actions/botpress_botpress.model.yml index bb83a5964e7..63c3fc89058 100644 --- a/ql/lib/ext/generated/composite-actions/botpress_botpress.model.yml +++ b/ql/lib/ext/generated/composite-actions/botpress_botpress.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["botpress/botpress", "*", "input.tilt_cmd", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/braintree_braintree-android-drop-in.model.yml b/ql/lib/ext/generated/composite-actions/braintree_braintree-android-drop-in.model.yml index f29c52b1bf5..72772ae47cf 100644 --- a/ql/lib/ext/generated/composite-actions/braintree_braintree-android-drop-in.model.yml +++ b/ql/lib/ext/generated/composite-actions/braintree_braintree-android-drop-in.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["braintree/braintree-android-drop-in", "*", "input.version", "code-injection", "generated"] - ["braintree/braintree-android-drop-in", "*", "input.signing_file_path", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/braintree_braintree_android.model.yml b/ql/lib/ext/generated/composite-actions/braintree_braintree_android.model.yml index 43745006f8d..43cc1e0187e 100644 --- a/ql/lib/ext/generated/composite-actions/braintree_braintree_android.model.yml +++ b/ql/lib/ext/generated/composite-actions/braintree_braintree_android.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["braintree/braintree/android", "*", "input.version", "code-injection", "generated"] - ["braintree/braintree/android", "*", "input.module", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/broadinstitute_gatk.model.yml b/ql/lib/ext/generated/composite-actions/broadinstitute_gatk.model.yml index 9289afb744f..7c80b7e6eda 100644 --- a/ql/lib/ext/generated/composite-actions/broadinstitute_gatk.model.yml +++ b/ql/lib/ext/generated/composite-actions/broadinstitute_gatk.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["broadinstitute/gatk", "*", "input.identifier", "code-injection", "generated"] - ["broadinstitute/gatk", "*", "input.repo-path", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/canonical_multipass.model.yml b/ql/lib/ext/generated/composite-actions/canonical_multipass.model.yml index 9729f966813..1f7b69e6254 100644 --- a/ql/lib/ext/generated/composite-actions/canonical_multipass.model.yml +++ b/ql/lib/ext/generated/composite-actions/canonical_multipass.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["canonical/multipass", "*", "input.release-tag-re", "code-injection", "generated"] - ["canonical/multipass", "*", "input.release-branch-re", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/chia-network_actions.model.yml b/ql/lib/ext/generated/composite-actions/chia-network_actions.model.yml index 92c25953944..7879a7903b4 100644 --- a/ql/lib/ext/generated/composite-actions/chia-network_actions.model.yml +++ b/ql/lib/ext/generated/composite-actions/chia-network_actions.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["chia-network/actions", "*", "input.keypair_path", "code-injection", "generated"] - ["chia-network/actions", "*", "input.role_name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/chia-network_chia-blockchain.model.yml b/ql/lib/ext/generated/composite-actions/chia-network_chia-blockchain.model.yml index c572c11ada4..dbbd4c720ca 100644 --- a/ql/lib/ext/generated/composite-actions/chia-network_chia-blockchain.model.yml +++ b/ql/lib/ext/generated/composite-actions/chia-network_chia-blockchain.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["chia-network/chia-blockchain", "*", "input.command-prefix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/chipsalliance_chisel.model.yml b/ql/lib/ext/generated/composite-actions/chipsalliance_chisel.model.yml index 1819f4f716e..f99698b1992 100644 --- a/ql/lib/ext/generated/composite-actions/chipsalliance_chisel.model.yml +++ b/ql/lib/ext/generated/composite-actions/chipsalliance_chisel.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["chipsalliance/chisel", "*", "input.version", "code-injection", "generated"] - ["chipsalliance/chisel", "*", "input.file-name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/chocobozzz_peertube.model.yml b/ql/lib/ext/generated/composite-actions/chocobozzz_peertube.model.yml index 620100dd2d9..a98a135d6b4 100644 --- a/ql/lib/ext/generated/composite-actions/chocobozzz_peertube.model.yml +++ b/ql/lib/ext/generated/composite-actions/chocobozzz_peertube.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["chocobozzz/peertube", "*", "input.deployKey", "code-injection", "generated"] - ["chocobozzz/peertube", "*", "input.knownHosts", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/cilium_cilium-cli.model.yml b/ql/lib/ext/generated/composite-actions/cilium_cilium-cli.model.yml index dfb08d26058..3ebb5e7acb3 100644 --- a/ql/lib/ext/generated/composite-actions/cilium_cilium-cli.model.yml +++ b/ql/lib/ext/generated/composite-actions/cilium_cilium-cli.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cilium/cilium-cli", "*", "input.binary-name", "code-injection", "generated"] - ["cilium/cilium-cli", "*", "input.binary-dir", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/cilium_cilium.model.yml b/ql/lib/ext/generated/composite-actions/cilium_cilium.model.yml index a99ccc9e477..b26aa6ea48b 100644 --- a/ql/lib/ext/generated/composite-actions/cilium_cilium.model.yml +++ b/ql/lib/ext/generated/composite-actions/cilium_cilium.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cilium/cilium", "*", "input.job-name", "code-injection", "generated"] - ["cilium/cilium", "*", "input.lb-acceleration", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/citusdata_citus.model.yml b/ql/lib/ext/generated/composite-actions/citusdata_citus.model.yml index 3a1e7b9d336..683965e13d2 100644 --- a/ql/lib/ext/generated/composite-actions/citusdata_citus.model.yml +++ b/ql/lib/ext/generated/composite-actions/citusdata_citus.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["citusdata/citus", "*", "input.flags", "code-injection", "generated"] - ["citusdata/citus", "*", "input.pg_major", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/clerk_javascript.model.yml b/ql/lib/ext/generated/composite-actions/clerk_javascript.model.yml index c15c1fac006..9358c895f3c 100644 --- a/ql/lib/ext/generated/composite-actions/clerk_javascript.model.yml +++ b/ql/lib/ext/generated/composite-actions/clerk_javascript.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["clerk/javascript", "*", "input.auth-email", "code-injection", "generated"] - ["clerk/javascript", "*", "input.auth-password", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/cloud-custodian_cloud-custodian.model.yml b/ql/lib/ext/generated/composite-actions/cloud-custodian_cloud-custodian.model.yml index b0c787fa378..8233e506603 100644 --- a/ql/lib/ext/generated/composite-actions/cloud-custodian_cloud-custodian.model.yml +++ b/ql/lib/ext/generated/composite-actions/cloud-custodian_cloud-custodian.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cloud-custodian/cloud-custodian", "*", "input.poetry-version", "code-injection", "generated"] - ["cloud-custodian/cloud-custodian", "*", "input.bucket-url", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/cloudflare_workers-sdk.model.yml b/ql/lib/ext/generated/composite-actions/cloudflare_workers-sdk.model.yml index 86278889fdf..2aea730db7e 100644 --- a/ql/lib/ext/generated/composite-actions/cloudflare_workers-sdk.model.yml +++ b/ql/lib/ext/generated/composite-actions/cloudflare_workers-sdk.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cloudflare/workers-sdk", "*", "input.package-manager", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/cloudfoundry_cloud_controller_ng.model.yml b/ql/lib/ext/generated/composite-actions/cloudfoundry_cloud_controller_ng.model.yml index 4bf92a25123..b03d2391882 100644 --- a/ql/lib/ext/generated/composite-actions/cloudfoundry_cloud_controller_ng.model.yml +++ b/ql/lib/ext/generated/composite-actions/cloudfoundry_cloud_controller_ng.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cloudfoundry/cloud_controller/ng", "*", "input.BOSH_CLI_VERSION", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/coder_coder.model.yml b/ql/lib/ext/generated/composite-actions/coder_coder.model.yml index 79c13504fab..9db70f02db4 100644 --- a/ql/lib/ext/generated/composite-actions/coder_coder.model.yml +++ b/ql/lib/ext/generated/composite-actions/coder_coder.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["coder/coder", "*", "input.api-key", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/coil-kt_coil.model.yml b/ql/lib/ext/generated/composite-actions/coil-kt_coil.model.yml index 45ac61c8ef9..8cea15ac9e1 100644 --- a/ql/lib/ext/generated/composite-actions/coil-kt_coil.model.yml +++ b/ql/lib/ext/generated/composite-actions/coil-kt_coil.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["coil-kt/coil", "*", "input.api-level", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/commaai_openpilot.model.yml b/ql/lib/ext/generated/composite-actions/commaai_openpilot.model.yml index ce546fceb4b..766ec515551 100644 --- a/ql/lib/ext/generated/composite-actions/commaai_openpilot.model.yml +++ b/ql/lib/ext/generated/composite-actions/commaai_openpilot.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["commaai/openpilot", "*", "input.sleep_time", "code-injection", "generated"] - ["commaai/openpilot", "*", "input.docker_hub_pat", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/conan-io_conan-center-index.model.yml b/ql/lib/ext/generated/composite-actions/conan-io_conan-center-index.model.yml index b34c6d46da3..13ee2f4e7a8 100644 --- a/ql/lib/ext/generated/composite-actions/conan-io_conan-center-index.model.yml +++ b/ql/lib/ext/generated/composite-actions/conan-io_conan-center-index.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["conan-io/conan-center-index", "*", "input.files", "code-injection", "generated"] - ["conan-io/conan-center-index", "*", "input.reviewers", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/corretto_corretto-8.model.yml b/ql/lib/ext/generated/composite-actions/corretto_corretto-8.model.yml index f87e0c02529..0cf05c2273b 100644 --- a/ql/lib/ext/generated/composite-actions/corretto_corretto-8.model.yml +++ b/ql/lib/ext/generated/composite-actions/corretto_corretto-8.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["corretto/corretto-8", "*", "input.version-branch", "code-injection", "generated"] - ["corretto/corretto-8", "*", "input.upstream", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/cosmos_cosmos-sdk.model.yml b/ql/lib/ext/generated/composite-actions/cosmos_cosmos-sdk.model.yml index 88348f05cd0..7f2622feecd 100644 --- a/ql/lib/ext/generated/composite-actions/cosmos_cosmos-sdk.model.yml +++ b/ql/lib/ext/generated/composite-actions/cosmos_cosmos-sdk.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cosmos/cosmos-sdk", "*", "input.github_token", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/coturn_coturn.model.yml b/ql/lib/ext/generated/composite-actions/coturn_coturn.model.yml index 76fe3bed472..3aa8c3bc649 100644 --- a/ql/lib/ext/generated/composite-actions/coturn_coturn.model.yml +++ b/ql/lib/ext/generated/composite-actions/coturn_coturn.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["coturn/coturn", "*", "input.SUDO", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/crunchydata_postgres-operator.model.yml b/ql/lib/ext/generated/composite-actions/crunchydata_postgres-operator.model.yml index bf1a498d7a0..b79317db9c8 100644 --- a/ql/lib/ext/generated/composite-actions/crunchydata_postgres-operator.model.yml +++ b/ql/lib/ext/generated/composite-actions/crunchydata_postgres-operator.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["crunchydata/postgres-operator", "*", "input.k3s-channel", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/cvc5_cvc5.model.yml b/ql/lib/ext/generated/composite-actions/cvc5_cvc5.model.yml index b985d87f7e1..843e0d20b98 100644 --- a/ql/lib/ext/generated/composite-actions/cvc5_cvc5.model.yml +++ b/ql/lib/ext/generated/composite-actions/cvc5_cvc5.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cvc5/cvc5", "*", "input.build-dir", "code-injection", "generated"] - ["cvc5/cvc5", "*", "input.macos-target", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/d2l-ai_d2l-en.model.yml b/ql/lib/ext/generated/composite-actions/d2l-ai_d2l-en.model.yml index 8e7cdd0308c..2a0fd3ac371 100644 --- a/ql/lib/ext/generated/composite-actions/d2l-ai_d2l-en.model.yml +++ b/ql/lib/ext/generated/composite-actions/d2l-ai_d2l-en.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["d2l-ai/d2l-en", "*", "input.command", "code-injection", "generated"] - ["d2l-ai/d2l-en", "*", "input.work-dir", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/danysk_build-check-deploy-gradle-action.model.yml b/ql/lib/ext/generated/composite-actions/danysk_build-check-deploy-gradle-action.model.yml index cf30d0d19cc..3ef29cc9b84 100644 --- a/ql/lib/ext/generated/composite-actions/danysk_build-check-deploy-gradle-action.model.yml +++ b/ql/lib/ext/generated/composite-actions/danysk_build-check-deploy-gradle-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["danysk/build-check-deploy-gradle-action", "*", "input.clean-command", "code-injection", "generated"] - ["danysk/build-check-deploy-gradle-action", "*", "input.deploy-command", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/datadog_dd-trace-dotnet.model.yml b/ql/lib/ext/generated/composite-actions/datadog_dd-trace-dotnet.model.yml index 5414a755179..71d2012eb02 100644 --- a/ql/lib/ext/generated/composite-actions/datadog_dd-trace-dotnet.model.yml +++ b/ql/lib/ext/generated/composite-actions/datadog_dd-trace-dotnet.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["datadog/dd-trace-dotnet", "*", "input.command", "code-injection", "generated"] - ["datadog/dd-trace-dotnet", "*", "input.baseImage", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/datadog_dd-trace-go.model.yml b/ql/lib/ext/generated/composite-actions/datadog_dd-trace-go.model.yml index 97a3bfa026e..a67aeb90595 100644 --- a/ql/lib/ext/generated/composite-actions/datadog_dd-trace-go.model.yml +++ b/ql/lib/ext/generated/composite-actions/datadog_dd-trace-go.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["datadog/dd-trace-go", "*", "input.files", "code-injection", "generated"] - ["datadog/dd-trace-go", "*", "input.tags", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/datadog_dd-trace-js.model.yml b/ql/lib/ext/generated/composite-actions/datadog_dd-trace-js.model.yml index 81672e85557..1f5dd108f91 100644 --- a/ql/lib/ext/generated/composite-actions/datadog_dd-trace-js.model.yml +++ b/ql/lib/ext/generated/composite-actions/datadog_dd-trace-js.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["datadog/dd-trace-js", "*", "input.container-id", "code-injection", "generated"] - ["datadog/dd-trace-js", "*", "input.init-image-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/datafuselabs_databend.model.yml b/ql/lib/ext/generated/composite-actions/datafuselabs_databend.model.yml index b4fdfaf273d..ea4a2a2a3c7 100644 --- a/ql/lib/ext/generated/composite-actions/datafuselabs_databend.model.yml +++ b/ql/lib/ext/generated/composite-actions/datafuselabs_databend.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["datafuselabs/databend", "*", "input.dataset", "code-injection", "generated"] - ["datafuselabs/databend", "*", "input.dirs", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/davatorium_rofi.model.yml b/ql/lib/ext/generated/composite-actions/davatorium_rofi.model.yml index 6f1043073d8..29973ccdbd7 100644 --- a/ql/lib/ext/generated/composite-actions/davatorium_rofi.model.yml +++ b/ql/lib/ext/generated/composite-actions/davatorium_rofi.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["davatorium/rofi", "*", "input.logfile", "code-injection", "generated"] - ["davatorium/rofi", "*", "input.windowmode", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/debezium_debezium.model.yml b/ql/lib/ext/generated/composite-actions/debezium_debezium.model.yml index f9244c44858..2db70ffea66 100644 --- a/ql/lib/ext/generated/composite-actions/debezium_debezium.model.yml +++ b/ql/lib/ext/generated/composite-actions/debezium_debezium.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["debezium/debezium", "*", "input.path-core", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/defenseunicorns_zarf.model.yml b/ql/lib/ext/generated/composite-actions/defenseunicorns_zarf.model.yml index 36332c5678d..8a4273e8caf 100644 --- a/ql/lib/ext/generated/composite-actions/defenseunicorns_zarf.model.yml +++ b/ql/lib/ext/generated/composite-actions/defenseunicorns_zarf.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["defenseunicorns/zarf", "*", "input.os", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/demarches-simplifiees_demarches-simplifiees.fr.model.yml b/ql/lib/ext/generated/composite-actions/demarches-simplifiees_demarches-simplifiees.fr.model.yml index c246e5de06f..de09b35f1d4 100644 --- a/ql/lib/ext/generated/composite-actions/demarches-simplifiees_demarches-simplifiees.fr.model.yml +++ b/ql/lib/ext/generated/composite-actions/demarches-simplifiees_demarches-simplifiees.fr.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["demarches-simplifiees/demarches-simplifiees.fr", "*", "input.results_path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/department-of-veterans-affairs_vets-website.model.yml b/ql/lib/ext/generated/composite-actions/department-of-veterans-affairs_vets-website.model.yml index 13c0093fe4a..91e6268e614 100644 --- a/ql/lib/ext/generated/composite-actions/department-of-veterans-affairs_vets-website.model.yml +++ b/ql/lib/ext/generated/composite-actions/department-of-veterans-affairs_vets-website.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["department-of-veterans-affairs/vets-website", "*", "input.delimiter", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/devexpress_devextreme.model.yml b/ql/lib/ext/generated/composite-actions/devexpress_devextreme.model.yml index 49b226de1e8..777212d9a0a 100644 --- a/ql/lib/ext/generated/composite-actions/devexpress_devextreme.model.yml +++ b/ql/lib/ext/generated/composite-actions/devexpress_devextreme.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["devexpress/devextreme", "*", "input.name", "code-injection", "generated"] - ["devexpress/devextreme", "*", "input.result", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/diggerhq_digger.model.yml b/ql/lib/ext/generated/composite-actions/diggerhq_digger.model.yml index 9a6e0b88ba2..8cc0ab83a42 100644 --- a/ql/lib/ext/generated/composite-actions/diggerhq_digger.model.yml +++ b/ql/lib/ext/generated/composite-actions/diggerhq_digger.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["diggerhq/digger", "*", "input.checkov-version", "code-injection", "generated"] - ["diggerhq/digger", "*", "input.google-auth-credentials", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/diku-dk_futhark.model.yml b/ql/lib/ext/generated/composite-actions/diku-dk_futhark.model.yml index 4f88855a561..f1244bdd5de 100644 --- a/ql/lib/ext/generated/composite-actions/diku-dk_futhark.model.yml +++ b/ql/lib/ext/generated/composite-actions/diku-dk_futhark.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["diku-dk/futhark", "*", "input.script", "code-injection", "generated"] - ["diku-dk/futhark", "*", "input.slurm-options", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/discourse_.github.model.yml b/ql/lib/ext/generated/composite-actions/discourse_.github.model.yml index 5683d28567f..37814510c8c 100644 --- a/ql/lib/ext/generated/composite-actions/discourse_.github.model.yml +++ b/ql/lib/ext/generated/composite-actions/discourse_.github.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["discourse/.github", "*", "input.about_json_path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/dnsjava_dnsjava.model.yml b/ql/lib/ext/generated/composite-actions/dnsjava_dnsjava.model.yml index 424c7241bcf..48e40c36bea 100644 --- a/ql/lib/ext/generated/composite-actions/dnsjava_dnsjava.model.yml +++ b/ql/lib/ext/generated/composite-actions/dnsjava_dnsjava.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dnsjava/dnsjava", "*", "input.name", "code-injection", "generated"] - ["dnsjava/dnsjava", "*", "input.filename", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/dotintent_react-native-ble-plx.model.yml b/ql/lib/ext/generated/composite-actions/dotintent_react-native-ble-plx.model.yml index 37295f2cf6c..0edb2c5f8cd 100644 --- a/ql/lib/ext/generated/composite-actions/dotintent_react-native-ble-plx.model.yml +++ b/ql/lib/ext/generated/composite-actions/dotintent_react-native-ble-plx.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dotintent/react-native-ble-plx", "*", "input.REACT_NATIVE_VERSION", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/dotnet_docs-tools.model.yml b/ql/lib/ext/generated/composite-actions/dotnet_docs-tools.model.yml index e7c767d2dce..61210d17abb 100644 --- a/ql/lib/ext/generated/composite-actions/dotnet_docs-tools.model.yml +++ b/ql/lib/ext/generated/composite-actions/dotnet_docs-tools.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dotnet/docs-tools", "*", "input.support", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/dotnet_dotnet-monitor.model.yml b/ql/lib/ext/generated/composite-actions/dotnet_dotnet-monitor.model.yml index 7f78690f639..22dc1a40629 100644 --- a/ql/lib/ext/generated/composite-actions/dotnet_dotnet-monitor.model.yml +++ b/ql/lib/ext/generated/composite-actions/dotnet_dotnet-monitor.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dotnet/dotnet-monitor", "*", "input.files_to_commit", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/dragonflydb_dragonfly.model.yml b/ql/lib/ext/generated/composite-actions/dragonflydb_dragonfly.model.yml index ba1beace170..b2888b571a8 100644 --- a/ql/lib/ext/generated/composite-actions/dragonflydb_dragonfly.model.yml +++ b/ql/lib/ext/generated/composite-actions/dragonflydb_dragonfly.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dragonflydb/dragonfly", "*", "input.gspace-secret", "code-injection", "generated"] - ["dragonflydb/dragonfly", "*", "input.filter", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/drawpile_drawpile.model.yml b/ql/lib/ext/generated/composite-actions/drawpile_drawpile.model.yml index 63085c045d0..bc188d91f1b 100644 --- a/ql/lib/ext/generated/composite-actions/drawpile_drawpile.model.yml +++ b/ql/lib/ext/generated/composite-actions/drawpile_drawpile.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["drawpile/drawpile", "*", "input.cache_key", "output.cache_key", "taint", "manual"] - ["drawpile/drawpile", "*", "input.path", "output.path", "taint", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/eksctl-io_eksctl.model.yml b/ql/lib/ext/generated/composite-actions/eksctl-io_eksctl.model.yml index d6ee6c8bb7d..d5defe67401 100644 --- a/ql/lib/ext/generated/composite-actions/eksctl-io_eksctl.model.yml +++ b/ql/lib/ext/generated/composite-actions/eksctl-io_eksctl.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["eksctl-io/eksctl", "*", "input.token", "code-injection", "generated"] - ["eksctl-io/eksctl", "*", "input.email", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/elastic_apm-agent-dotnet.model.yml b/ql/lib/ext/generated/composite-actions/elastic_apm-agent-dotnet.model.yml index 83951f43c63..d97fedbed13 100644 --- a/ql/lib/ext/generated/composite-actions/elastic_apm-agent-dotnet.model.yml +++ b/ql/lib/ext/generated/composite-actions/elastic_apm-agent-dotnet.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["elastic/apm-agent-dotnet", "*", "input.project", "code-injection", "generated"] - ["elastic/apm-agent-dotnet", "*", "input.name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/elastic_apm-agent-java.model.yml b/ql/lib/ext/generated/composite-actions/elastic_apm-agent-java.model.yml index 397ab083809..e22c29b09f1 100644 --- a/ql/lib/ext/generated/composite-actions/elastic_apm-agent-java.model.yml +++ b/ql/lib/ext/generated/composite-actions/elastic_apm-agent-java.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["elastic/apm-agent-java", "*", "input.tag", "code-injection", "generated"] - ["elastic/apm-agent-java", "*", "input.path", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/elastic_apm-server.model copy.yml b/ql/lib/ext/generated/composite-actions/elastic_apm-server.model copy.yml index 023abac3631..7203bb8345c 100644 --- a/ql/lib/ext/generated/composite-actions/elastic_apm-server.model copy.yml +++ b/ql/lib/ext/generated/composite-actions/elastic_apm-server.model copy.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["elastic/apm-server", "*", "input.version", "output.release-version", "taint", "manual"] - ["elastic/apm-server", "*", "input.version", "output.release-branch", "taint", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/elementor_elementor.model.yml b/ql/lib/ext/generated/composite-actions/elementor_elementor.model.yml index 5dd069df499..dcfbb0ea203 100644 --- a/ql/lib/ext/generated/composite-actions/elementor_elementor.model.yml +++ b/ql/lib/ext/generated/composite-actions/elementor_elementor.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["elementor/elementor", "*", "input.README_TXT_PATH", "code-injection", "generated"] - ["elementor/elementor", "*", "input.CHANNEL", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/emberjs_data.model.yml b/ql/lib/ext/generated/composite-actions/emberjs_data.model.yml index 1a1d763d6e4..6c5d6edd572 100644 --- a/ql/lib/ext/generated/composite-actions/emberjs_data.model.yml +++ b/ql/lib/ext/generated/composite-actions/emberjs_data.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["emberjs/data", "*", "input.jobs", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/emqx_emqx.model.yml b/ql/lib/ext/generated/composite-actions/emqx_emqx.model.yml index a8e95d30457..fdaee61066e 100644 --- a/ql/lib/ext/generated/composite-actions/emqx_emqx.model.yml +++ b/ql/lib/ext/generated/composite-actions/emqx_emqx.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["emqx/emqx", "*", "input.profile", "code-injection", "generated"] - ["emqx/emqx", "*", "input.otp", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/eonasdan_tempus-dominus.model.yml b/ql/lib/ext/generated/composite-actions/eonasdan_tempus-dominus.model.yml index 52d085ee479..d68c4e57c8a 100644 --- a/ql/lib/ext/generated/composite-actions/eonasdan_tempus-dominus.model.yml +++ b/ql/lib/ext/generated/composite-actions/eonasdan_tempus-dominus.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["eonasdan/tempus-dominus", "*", "input.VERSION", "code-injection", "generated"] - ["eonasdan/tempus-dominus", "*", "input.NUGET_API_KEY", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/erlang_otp.model.yml b/ql/lib/ext/generated/composite-actions/erlang_otp.model.yml index 33c56a67cb9..85a8d2f4d65 100644 --- a/ql/lib/ext/generated/composite-actions/erlang_otp.model.yml +++ b/ql/lib/ext/generated/composite-actions/erlang_otp.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["erlang/otp", "*", "input.TYPE", "code-injection", "generated"] - ["erlang/otp", "*", "input.BASE_BRANCH", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/esphome_esphome.model.yml b/ql/lib/ext/generated/composite-actions/esphome_esphome.model.yml index 258101eecea..d2275409278 100644 --- a/ql/lib/ext/generated/composite-actions/esphome_esphome.model.yml +++ b/ql/lib/ext/generated/composite-actions/esphome_esphome.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["esphome/esphome", "*", "input.target", "code-injection", "generated"] - ["esphome/esphome", "*", "input.suffix", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/expensify_app.model.yml b/ql/lib/ext/generated/composite-actions/expensify_app.model.yml index d77e05c680b..4dc0b87214b 100644 --- a/ql/lib/ext/generated/composite-actions/expensify_app.model.yml +++ b/ql/lib/ext/generated/composite-actions/expensify_app.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["expensify/app", "*", "input.GPG_PASSPHRASE", "code-injection", "generated"] - ["expensify/app", "*", "input.PACKAGE_SCRIPT_NAME", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/expo_expo.model.yml b/ql/lib/ext/generated/composite-actions/expo_expo.model.yml index db98f8d769a..ea1a8a8afec 100644 --- a/ql/lib/ext/generated/composite-actions/expo_expo.model.yml +++ b/ql/lib/ext/generated/composite-actions/expo_expo.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["expo/expo", "*", "input.ndk-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/expo_vscode-expo.model.yml b/ql/lib/ext/generated/composite-actions/expo_vscode-expo.model.yml index 7607840dbdc..5ce00c29e52 100644 --- a/ql/lib/ext/generated/composite-actions/expo_vscode-expo.model.yml +++ b/ql/lib/ext/generated/composite-actions/expo_vscode-expo.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["expo/vscode-expo", "*", "input.command", "code-injection", "generated"] - ["expo/vscode-expo", "*", "input.semver", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/external-secrets_external-secrets.model.yml b/ql/lib/ext/generated/composite-actions/external-secrets_external-secrets.model.yml index 2fa4f8dfa61..d1f551b66da 100644 --- a/ql/lib/ext/generated/composite-actions/external-secrets_external-secrets.model.yml +++ b/ql/lib/ext/generated/composite-actions/external-secrets_external-secrets.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["external-secrets/external-secrets", "*", "input.image-tag", "code-injection", "generated"] - ["external-secrets/external-secrets", "*", "input.image-name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/facebook_buck2.model.yml b/ql/lib/ext/generated/composite-actions/facebook_buck2.model.yml index 80725157e33..6f8845ec1c0 100644 --- a/ql/lib/ext/generated/composite-actions/facebook_buck2.model.yml +++ b/ql/lib/ext/generated/composite-actions/facebook_buck2.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["facebook/buck2", "*", "input.tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/facebook_flow.model.yml b/ql/lib/ext/generated/composite-actions/facebook_flow.model.yml index 9d317f14272..152fdfed447 100644 --- a/ql/lib/ext/generated/composite-actions/facebook_flow.model.yml +++ b/ql/lib/ext/generated/composite-actions/facebook_flow.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["facebook/flow", "*", "input.arch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/facebook_yoga.model.yml b/ql/lib/ext/generated/composite-actions/facebook_yoga.model.yml index 12deff387bd..5919ade7e81 100644 --- a/ql/lib/ext/generated/composite-actions/facebook_yoga.model.yml +++ b/ql/lib/ext/generated/composite-actions/facebook_yoga.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["facebook/yoga", "*", "input.version", "code-injection", "generated"] - ["facebook/yoga", "*", "input.directory", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/facebookresearch_xformers.model.yml b/ql/lib/ext/generated/composite-actions/facebookresearch_xformers.model.yml index 9c3c242b1ed..d9afa5bb21f 100644 --- a/ql/lib/ext/generated/composite-actions/facebookresearch_xformers.model.yml +++ b/ql/lib/ext/generated/composite-actions/facebookresearch_xformers.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["facebookresearch/xformers", "*", "input.arch", "code-injection", "generated"] - ["facebookresearch/xformers", "*", "input.pytorch_channel", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/fastly_compute-actions.model.yml b/ql/lib/ext/generated/composite-actions/fastly_compute-actions.model.yml index 4aa1ce5c4cf..0b36853a891 100644 --- a/ql/lib/ext/generated/composite-actions/fastly_compute-actions.model.yml +++ b/ql/lib/ext/generated/composite-actions/fastly_compute-actions.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["fastly/compute-actions", "*", "input.fastly-api-token", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/felangel_bloc.model.yml b/ql/lib/ext/generated/composite-actions/felangel_bloc.model.yml index 6f8ef16ea33..2bd521d42f5 100644 --- a/ql/lib/ext/generated/composite-actions/felangel_bloc.model.yml +++ b/ql/lib/ext/generated/composite-actions/felangel_bloc.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["felangel/bloc", "*", "input.coverage_excludes", "code-injection", "generated"] - ["felangel/bloc", "*", "input.analyze_directories", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/firebase_firebase-ios-sdk.model.yml b/ql/lib/ext/generated/composite-actions/firebase_firebase-ios-sdk.model.yml index bc2146921ef..8ae81e706a4 100644 --- a/ql/lib/ext/generated/composite-actions/firebase_firebase-ios-sdk.model.yml +++ b/ql/lib/ext/generated/composite-actions/firebase_firebase-ios-sdk.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["firebase/firebase-ios-sdk", "*", "input.min-ios-version", "code-injection", "generated"] - ["firebase/firebase-ios-sdk", "*", "input.sources", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/flagsmith_flagsmith.model.yml b/ql/lib/ext/generated/composite-actions/flagsmith_flagsmith.model.yml index 37e1d0d67a5..4893772b71a 100644 --- a/ql/lib/ext/generated/composite-actions/flagsmith_flagsmith.model.yml +++ b/ql/lib/ext/generated/composite-actions/flagsmith_flagsmith.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["flagsmith/flagsmith", "*", "input.aws_ecr_repository_arn", "output.image", "taint", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/flaxengine_flaxengine.model.yml b/ql/lib/ext/generated/composite-actions/flaxengine_flaxengine.model.yml index eabd3834b1b..e174c830a85 100644 --- a/ql/lib/ext/generated/composite-actions/flaxengine_flaxengine.model.yml +++ b/ql/lib/ext/generated/composite-actions/flaxengine_flaxengine.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["flaxengine/flaxengine", "*", "input.vulkan-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/flipperdevices_flipperzero-firmware.model.yml b/ql/lib/ext/generated/composite-actions/flipperdevices_flipperzero-firmware.model.yml index 2253e33b950..14070215bfa 100644 --- a/ql/lib/ext/generated/composite-actions/flipperdevices_flipperzero-firmware.model.yml +++ b/ql/lib/ext/generated/composite-actions/flipperdevices_flipperzero-firmware.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["flipperdevices/flipperzero-firmware", "*", "input.firmware-version", "code-injection", "generated"] - ["flipperdevices/flipperzero-firmware", "*", "input.firmware-target", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/fluxcd_flux2.model.yml b/ql/lib/ext/generated/composite-actions/fluxcd_flux2.model.yml index bc1eb54056a..f3a0b47f2c2 100644 --- a/ql/lib/ext/generated/composite-actions/fluxcd_flux2.model.yml +++ b/ql/lib/ext/generated/composite-actions/fluxcd_flux2.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["fluxcd/flux2", "*", "input.bindir", "code-injection", "generated"] - ["fluxcd/flux2", "*", "input.token", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/forcedotcom_salesforcedx-vscode.model.yml b/ql/lib/ext/generated/composite-actions/forcedotcom_salesforcedx-vscode.model.yml index 842240cfaa2..12011d64396 100644 --- a/ql/lib/ext/generated/composite-actions/forcedotcom_salesforcedx-vscode.model.yml +++ b/ql/lib/ext/generated/composite-actions/forcedotcom_salesforcedx-vscode.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["forcedotcom/salesforcedx-vscode", "*", "input.email", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/fossasia_visdom.model.yml b/ql/lib/ext/generated/composite-actions/fossasia_visdom.model.yml index 8ff5ee1e2c0..40ecb17610e 100644 --- a/ql/lib/ext/generated/composite-actions/fossasia_visdom.model.yml +++ b/ql/lib/ext/generated/composite-actions/fossasia_visdom.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["fossasia/visdom", "*", "input.loadprbuild", "code-injection", "generated"] - ["fossasia/visdom", "*", "input.usebasebranch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/freckle_stack-action.model.yml b/ql/lib/ext/generated/composite-actions/freckle_stack-action.model.yml index 29c5f793fb2..250606588f9 100644 --- a/ql/lib/ext/generated/composite-actions/freckle_stack-action.model.yml +++ b/ql/lib/ext/generated/composite-actions/freckle_stack-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["freckle/stack-action", "*", "input.find-options", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/freeradius_freeradius-server.model.yml b/ql/lib/ext/generated/composite-actions/freeradius_freeradius-server.model.yml index 2f12293df0e..f2f5678b8b8 100644 --- a/ql/lib/ext/generated/composite-actions/freeradius_freeradius-server.model.yml +++ b/ql/lib/ext/generated/composite-actions/freeradius_freeradius-server.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["freeradius/freeradius-server", "*", "input.gcc_ver", "code-injection", "generated"] - ["freeradius/freeradius-server", "*", "input.llvm_ver", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/gaphor_gaphor.model.yml b/ql/lib/ext/generated/composite-actions/gaphor_gaphor.model.yml index 83012e51335..b17eb01f821 100644 --- a/ql/lib/ext/generated/composite-actions/gaphor_gaphor.model.yml +++ b/ql/lib/ext/generated/composite-actions/gaphor_gaphor.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["gaphor/gaphor", "*", "input.version", "code-injection", "generated"] - ["gaphor/gaphor", "*", "input.base64_encoded_pfx", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/getsentry_action-release.model.yml b/ql/lib/ext/generated/composite-actions/getsentry_action-release.model.yml index 8ca21196194..7ebdde766f3 100644 --- a/ql/lib/ext/generated/composite-actions/getsentry_action-release.model.yml +++ b/ql/lib/ext/generated/composite-actions/getsentry_action-release.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["getsentry/action-release", "*", "input.working_directory", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/github_codeql-action.model.yml b/ql/lib/ext/generated/composite-actions/github_codeql-action.model.yml index 7f19fd1f6a6..7f2e1588139 100644 --- a/ql/lib/ext/generated/composite-actions/github_codeql-action.model.yml +++ b/ql/lib/ext/generated/composite-actions/github_codeql-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["github/codeql-action", "*", "input.latest_tag", "code-injection", "generated"] - ["github/codeql-action", "*", "input.major_version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/github_ruby.model.yml b/ql/lib/ext/generated/composite-actions/github_ruby.model.yml index 1889fcff144..eedeb384422 100644 --- a/ql/lib/ext/generated/composite-actions/github_ruby.model.yml +++ b/ql/lib/ext/generated/composite-actions/github_ruby.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["github/ruby", "*", "input.builddir", "code-injection", "generated"] - ["github/ruby", "*", "input.srcdir", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/gittools_gitversion.model.yml b/ql/lib/ext/generated/composite-actions/gittools_gitversion.model.yml index f8243352f45..fb6fb0267bb 100644 --- a/ql/lib/ext/generated/composite-actions/gittools_gitversion.model.yml +++ b/ql/lib/ext/generated/composite-actions/gittools_gitversion.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["gittools/gitversion", "*", "input.distro", "code-injection", "generated"] - ["gittools/gitversion", "*", "input.targetFramework", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/go-spatial_tegola.model.yml b/ql/lib/ext/generated/composite-actions/go-spatial_tegola.model.yml index bd2015a7096..60df7484e7f 100644 --- a/ql/lib/ext/generated/composite-actions/go-spatial_tegola.model.yml +++ b/ql/lib/ext/generated/composite-actions/go-spatial_tegola.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["go-spatial/tegola", "*", "input.artifact_name", "code-injection", "generated"] - ["go-spatial/tegola", "*", "input.name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/goauthentik_authentik.model.yml b/ql/lib/ext/generated/composite-actions/goauthentik_authentik.model.yml index 501123a82fe..d0af7b61f98 100644 --- a/ql/lib/ext/generated/composite-actions/goauthentik_authentik.model.yml +++ b/ql/lib/ext/generated/composite-actions/goauthentik_authentik.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["goauthentik/authentik", "*", "input.postgresql_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/godotengine_godot.model.yml b/ql/lib/ext/generated/composite-actions/godotengine_godot.model.yml index 1a17e3db2b8..8d08848d24c 100644 --- a/ql/lib/ext/generated/composite-actions/godotengine_godot.model.yml +++ b/ql/lib/ext/generated/composite-actions/godotengine_godot.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["godotengine/godot", "*", "input.bin", "code-injection", "generated"] - ["godotengine/godot", "*", "input.tests", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/google_dagger.model.yml b/ql/lib/ext/generated/composite-actions/google_dagger.model.yml index a125a4bfa8c..f26f672a586 100644 --- a/ql/lib/ext/generated/composite-actions/google_dagger.model.yml +++ b/ql/lib/ext/generated/composite-actions/google_dagger.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["google/dagger", "*", "input.agp", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/googleapis_java-cloud-bom.model.yml b/ql/lib/ext/generated/composite-actions/googleapis_java-cloud-bom.model.yml index e8d0cc64792..5431aad8dca 100644 --- a/ql/lib/ext/generated/composite-actions/googleapis_java-cloud-bom.model.yml +++ b/ql/lib/ext/generated/composite-actions/googleapis_java-cloud-bom.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["googleapis/java-cloud-bom", "*", "input.bom-path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/googleapis_sdk-platform-java.model.yml b/ql/lib/ext/generated/composite-actions/googleapis_sdk-platform-java.model.yml index 736c84b68cc..92c23f9f1fb 100644 --- a/ql/lib/ext/generated/composite-actions/googleapis_sdk-platform-java.model.yml +++ b/ql/lib/ext/generated/composite-actions/googleapis_sdk-platform-java.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["googleapis/sdk-platform-java", "*", "input.bom-path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/googlecloudplatform_dataflowtemplates.model.yml b/ql/lib/ext/generated/composite-actions/googlecloudplatform_dataflowtemplates.model.yml index 062203945c5..52654194d81 100644 --- a/ql/lib/ext/generated/composite-actions/googlecloudplatform_dataflowtemplates.model.yml +++ b/ql/lib/ext/generated/composite-actions/googlecloudplatform_dataflowtemplates.model.yml @@ -1,11 +1,11 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["googlecloudplatform/magic-modules", "*", "input.repo", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["googlecloudplatform/magic-modules", "*", "output.changed-files", "filename", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/googlecloudplatform_magic-modules.model.yml b/ql/lib/ext/generated/composite-actions/googlecloudplatform_magic-modules.model.yml index aedeb4e1023..43c274aa033 100644 --- a/ql/lib/ext/generated/composite-actions/googlecloudplatform_magic-modules.model.yml +++ b/ql/lib/ext/generated/composite-actions/googlecloudplatform_magic-modules.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["googlecloudplatform/magic-modules", "*", "input.repo", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/gravitational_teleport.model.yml b/ql/lib/ext/generated/composite-actions/gravitational_teleport.model.yml index 0d8afb086c9..7f8b87fa20e 100644 --- a/ql/lib/ext/generated/composite-actions/gravitational_teleport.model.yml +++ b/ql/lib/ext/generated/composite-actions/gravitational_teleport.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["gravitational/teleport", "*", "input.target", "code-injection", "generated"] - ["gravitational/teleport", "*", "input.attempts", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/grote_transportr.model.yml b/ql/lib/ext/generated/composite-actions/grote_transportr.model.yml index 4756acbf306..31422a708c5 100644 --- a/ql/lib/ext/generated/composite-actions/grote_transportr.model.yml +++ b/ql/lib/ext/generated/composite-actions/grote_transportr.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["grote/transportr", "*", "input.api-level", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/hashicorp_nomad.model.yml b/ql/lib/ext/generated/composite-actions/hashicorp_nomad.model.yml index a0e4acec75a..30ccfdea631 100644 --- a/ql/lib/ext/generated/composite-actions/hashicorp_nomad.model.yml +++ b/ql/lib/ext/generated/composite-actions/hashicorp_nomad.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hashicorp/nomad", "*", "input.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/hashicorp_terraform.model.yml b/ql/lib/ext/generated/composite-actions/hashicorp_terraform.model.yml index 6acfcf9773f..9bc22ac93ef 100644 --- a/ql/lib/ext/generated/composite-actions/hashicorp_terraform.model.yml +++ b/ql/lib/ext/generated/composite-actions/hashicorp_terraform.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hashicorp/terraform", "*", "input.target-terraform-branch", "code-injection", "generated"] - ["hashicorp/terraform", "*", "input.target-terraform-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/hashicorp_vault.model.yml b/ql/lib/ext/generated/composite-actions/hashicorp_vault.model.yml index 7e0deeea906..4ec47cb3975 100644 --- a/ql/lib/ext/generated/composite-actions/hashicorp_vault.model.yml +++ b/ql/lib/ext/generated/composite-actions/hashicorp_vault.model.yml @@ -1,13 +1,13 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hashicorp/vault", "*", "input.destination", "code-injection", "generated"] - ["hashicorp/vault", "*", "input.version", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["hashicorp/vault", "*", "input.vault-version", "output.vault-version", "taint", "manual"] - ["hashicorp/vault", "*", "input.vault-binary-path", "output.vault-binary-path", "taint", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/home-assistant_android.model.yml b/ql/lib/ext/generated/composite-actions/home-assistant_android.model.yml index 18678fe9ecd..81d137ce547 100644 --- a/ql/lib/ext/generated/composite-actions/home-assistant_android.model.yml +++ b/ql/lib/ext/generated/composite-actions/home-assistant_android.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["home-assistant/android", "*", "input.lokalise-token", "code-injection", "generated"] - ["home-assistant/android", "*", "input.lokalise-project", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/homebrew_actions.model.yml b/ql/lib/ext/generated/composite-actions/homebrew_actions.model.yml index d9d492f79cd..79675d59c05 100644 --- a/ql/lib/ext/generated/composite-actions/homebrew_actions.model.yml +++ b/ql/lib/ext/generated/composite-actions/homebrew_actions.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["homebrew/actions", "*", "input.casks", "code-injection", "generated"] - ["homebrew/actions", "*", "input.formulae", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/hyperledger_aries-cloudagent-python.model.yml b/ql/lib/ext/generated/composite-actions/hyperledger_aries-cloudagent-python.model.yml index d3046ff1fc4..3310a67347c 100644 --- a/ql/lib/ext/generated/composite-actions/hyperledger_aries-cloudagent-python.model.yml +++ b/ql/lib/ext/generated/composite-actions/hyperledger_aries-cloudagent-python.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hyperledger/aries-cloudagent-python", "*", "input.TEST_SCOPE", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/hyperledger_fabric-samples.model.yml b/ql/lib/ext/generated/composite-actions/hyperledger_fabric-samples.model.yml index 845fba40a6c..d12963b43db 100644 --- a/ql/lib/ext/generated/composite-actions/hyperledger_fabric-samples.model.yml +++ b/ql/lib/ext/generated/composite-actions/hyperledger_fabric-samples.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hyperledger/fabric-samples", "*", "input.ca-version", "code-injection", "generated"] - ["hyperledger/fabric-samples", "*", "input.fabric-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/igniterealtime_openfire.model.yml b/ql/lib/ext/generated/composite-actions/igniterealtime_openfire.model.yml index bcf51805710..1c63a9e6d0f 100644 --- a/ql/lib/ext/generated/composite-actions/igniterealtime_openfire.model.yml +++ b/ql/lib/ext/generated/composite-actions/igniterealtime_openfire.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["igniterealtime/openfire", "*", "input.domain", "code-injection", "generated"] - ["igniterealtime/openfire", "*", "input.ip", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/infracost_actions.model.yml b/ql/lib/ext/generated/composite-actions/infracost_actions.model.yml index e1ff1fa3497..e120de812c4 100644 --- a/ql/lib/ext/generated/composite-actions/infracost_actions.model.yml +++ b/ql/lib/ext/generated/composite-actions/infracost_actions.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["infracost/actions", "*", "input.behavior", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/inspektor-gadget_inspektor-gadget.model.yml b/ql/lib/ext/generated/composite-actions/inspektor-gadget_inspektor-gadget.model.yml index 4c5ef712e58..1be37285c9e 100644 --- a/ql/lib/ext/generated/composite-actions/inspektor-gadget_inspektor-gadget.model.yml +++ b/ql/lib/ext/generated/composite-actions/inspektor-gadget_inspektor-gadget.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["inspektor-gadget/inspektor-gadget", "*", "input.runtime", "code-injection", "generated"] - ["inspektor-gadget/inspektor-gadget", "*", "input.registry", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/intel-analytics_ipex-llm.model.yml b/ql/lib/ext/generated/composite-actions/intel-analytics_ipex-llm.model.yml index 31e1f562877..aa6e9b684d0 100644 --- a/ql/lib/ext/generated/composite-actions/intel-analytics_ipex-llm.model.yml +++ b/ql/lib/ext/generated/composite-actions/intel-analytics_ipex-llm.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["intel-analytics/ipex-llm", "*", "input.extra-dependency", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/ionic-team_ionic-framework.model.yml b/ql/lib/ext/generated/composite-actions/ionic-team_ionic-framework.model.yml index 298ba1ccbe3..221aa83de0b 100644 --- a/ql/lib/ext/generated/composite-actions/ionic-team_ionic-framework.model.yml +++ b/ql/lib/ext/generated/composite-actions/ionic-team_ionic-framework.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ionic-team/ionic-framework", "*", "input.totalShards", "code-injection", "generated"] - ["ionic-team/ionic-framework", "*", "input.shard", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/ionic-team_ionicons.model.yml b/ql/lib/ext/generated/composite-actions/ionic-team_ionicons.model.yml index 0dc57625890..71007932427 100644 --- a/ql/lib/ext/generated/composite-actions/ionic-team_ionicons.model.yml +++ b/ql/lib/ext/generated/composite-actions/ionic-team_ionicons.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ionic-team/ionicons", "*", "input.paths", "code-injection", "generated"] - ["ionic-team/ionicons", "*", "input.output", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/ionic-team_stencil.model.yml b/ql/lib/ext/generated/composite-actions/ionic-team_stencil.model.yml index c6fc16750f8..bff13b29ecc 100644 --- a/ql/lib/ext/generated/composite-actions/ionic-team_stencil.model.yml +++ b/ql/lib/ext/generated/composite-actions/ionic-team_stencil.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ionic-team/stencil", "*", "input.paths", "code-injection", "generated"] - ["ionic-team/stencil", "*", "input.output", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/ipfs_aegir.model.yml b/ql/lib/ext/generated/composite-actions/ipfs_aegir.model.yml index 0cbbd38d428..1f75dd81c04 100644 --- a/ql/lib/ext/generated/composite-actions/ipfs_aegir.model.yml +++ b/ql/lib/ext/generated/composite-actions/ipfs_aegir.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ipfs/aegir", "*", "input.browser", "code-injection", "generated"] - ["ipfs/aegir", "*", "input.docker-username", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/jetbrains_jetbrainsruntime.model.yml b/ql/lib/ext/generated/composite-actions/jetbrains_jetbrainsruntime.model.yml index acc6cb91c07..15604c34a17 100644 --- a/ql/lib/ext/generated/composite-actions/jetbrains_jetbrainsruntime.model.yml +++ b/ql/lib/ext/generated/composite-actions/jetbrains_jetbrainsruntime.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["jetbrains/jetbrainsruntime", "*", "input.debug-suffix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/jhipster_generator-jhipster.model.yml b/ql/lib/ext/generated/composite-actions/jhipster_generator-jhipster.model.yml index c59e989db04..aef7f4f6242 100644 --- a/ql/lib/ext/generated/composite-actions/jhipster_generator-jhipster.model.yml +++ b/ql/lib/ext/generated/composite-actions/jhipster_generator-jhipster.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["jhipster/generator-jhipster", "*", "input.generator-path", "code-injection", "generated"] - ["jhipster/generator-jhipster", "*", "input.application-packaging", "code-injection", "generated"] @@ -22,6 +22,6 @@ extensions: - ["jhipster/generator-jhipster", "*", "input.extra-args", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["jhipster/generator-jhipster", "*", "input.skip-workflow", "output.skip-workflow", "taint", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/jsocol_django-ratelimit.model.yml b/ql/lib/ext/generated/composite-actions/jsocol_django-ratelimit.model.yml index b426dfb250d..f3a26e867ec 100644 --- a/ql/lib/ext/generated/composite-actions/jsocol_django-ratelimit.model.yml +++ b/ql/lib/ext/generated/composite-actions/jsocol_django-ratelimit.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["jsocol/django-ratelimit", "*", "input.django-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/juicedata_juicefs.model.yml b/ql/lib/ext/generated/composite-actions/juicedata_juicefs.model.yml index 4a0c3c2d30f..4feab5714c7 100644 --- a/ql/lib/ext/generated/composite-actions/juicedata_juicefs.model.yml +++ b/ql/lib/ext/generated/composite-actions/juicedata_juicefs.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["juicedata/juicefs", "*", "input.compress", "code-injection", "generated"] - ["juicedata/juicefs", "*", "input.storage", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/jupyter_docker-stacks.model.yml b/ql/lib/ext/generated/composite-actions/jupyter_docker-stacks.model.yml index 74d0ef69f75..3030f81072a 100644 --- a/ql/lib/ext/generated/composite-actions/jupyter_docker-stacks.model.yml +++ b/ql/lib/ext/generated/composite-actions/jupyter_docker-stacks.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["jupyter/docker-stacks", "*", "input.variant", "code-injection", "generated"] - ["jupyter/docker-stacks", "*", "input.image", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/keycloak_keycloak.model.yml b/ql/lib/ext/generated/composite-actions/keycloak_keycloak.model.yml index ac8762d24ea..7f8885d1ec7 100644 --- a/ql/lib/ext/generated/composite-actions/keycloak_keycloak.model.yml +++ b/ql/lib/ext/generated/composite-actions/keycloak_keycloak.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["keycloak/keycloak", "*", "input.job-name", "code-injection", "generated"] - ["keycloak/keycloak", "*", "input.jobs", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/kserve_kserve.model.yml b/ql/lib/ext/generated/composite-actions/kserve_kserve.model.yml index 6df9a160ec5..93e6b1e0312 100644 --- a/ql/lib/ext/generated/composite-actions/kserve_kserve.model.yml +++ b/ql/lib/ext/generated/composite-actions/kserve_kserve.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kserve/kserve", "*", "input.directory", "code-injection", "generated"] - ["kserve/kserve", "*", "input.deployment-mode", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/kubeflow_katib.model.yml b/ql/lib/ext/generated/composite-actions/kubeflow_katib.model.yml index 0c2793028a0..5284159e9db 100644 --- a/ql/lib/ext/generated/composite-actions/kubeflow_katib.model.yml +++ b/ql/lib/ext/generated/composite-actions/kubeflow_katib.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kubeflow/katib", "*", "input.experiments", "code-injection", "generated"] - ["kubeflow/katib", "*", "input.database-type", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/kubeflow_training-operator.model.yml b/ql/lib/ext/generated/composite-actions/kubeflow_training-operator.model.yml index f5bdc3d4bcc..ac8b8a5150a 100644 --- a/ql/lib/ext/generated/composite-actions/kubeflow_training-operator.model.yml +++ b/ql/lib/ext/generated/composite-actions/kubeflow_training-operator.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kubeflow/training-operator", "*", "input.context", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/kubernetes-sigs_karpenter.model.yml b/ql/lib/ext/generated/composite-actions/kubernetes-sigs_karpenter.model.yml index 161022b8cbe..19e9448994e 100644 --- a/ql/lib/ext/generated/composite-actions/kubernetes-sigs_karpenter.model.yml +++ b/ql/lib/ext/generated/composite-actions/kubernetes-sigs_karpenter.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kubernetes-sigs/karpenter", "*", "input.k8sVersion", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/kubernetes-sigs_kwok.model.yml b/ql/lib/ext/generated/composite-actions/kubernetes-sigs_kwok.model.yml index 391b1917029..82c5713f943 100644 --- a/ql/lib/ext/generated/composite-actions/kubernetes-sigs_kwok.model.yml +++ b/ql/lib/ext/generated/composite-actions/kubernetes-sigs_kwok.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kubernetes-sigs/kwok", "*", "input.command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/kubescape_kubescape.model.yml b/ql/lib/ext/generated/composite-actions/kubescape_kubescape.model.yml index 3a45707d59e..2d4108331b9 100644 --- a/ql/lib/ext/generated/composite-actions/kubescape_kubescape.model.yml +++ b/ql/lib/ext/generated/composite-actions/kubescape_kubescape.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kubescape/kubescape", "*", "input.ORIGINAL_TAG", "code-injection", "generated"] - ["kubescape/kubescape", "*", "input.SUB_STRING", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/kubeshop_botkube.model.yml b/ql/lib/ext/generated/composite-actions/kubeshop_botkube.model.yml index c2e3608f745..ccd49962fa4 100644 --- a/ql/lib/ext/generated/composite-actions/kubeshop_botkube.model.yml +++ b/ql/lib/ext/generated/composite-actions/kubeshop_botkube.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kubeshop/botkube", "*", "input.username", "code-injection", "generated"] - ["kubeshop/botkube", "*", "input.access_token", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/kyverno_kyverno.model.yml b/ql/lib/ext/generated/composite-actions/kyverno_kyverno.model.yml index 9b8e9d1e7ed..a7e56c8626d 100644 --- a/ql/lib/ext/generated/composite-actions/kyverno_kyverno.model.yml +++ b/ql/lib/ext/generated/composite-actions/kyverno_kyverno.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kyverno/kyverno", "*", "input.version", "code-injection", "generated"] - ["kyverno/kyverno", "*", "input.sbom-name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/lancedb_lance.model.yml b/ql/lib/ext/generated/composite-actions/lancedb_lance.model.yml index 954f2c34661..4c0df425e45 100644 --- a/ql/lib/ext/generated/composite-actions/lancedb_lance.model.yml +++ b/ql/lib/ext/generated/composite-actions/lancedb_lance.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["lancedb/lance", "*", "input.repo", "code-injection", "generated"] - ["lancedb/lance", "*", "input.vcpkg_token", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/launchdarkly_ios-client-sdk.model.yml b/ql/lib/ext/generated/composite-actions/launchdarkly_ios-client-sdk.model.yml index 31cb8acad9e..a69f2303dbe 100644 --- a/ql/lib/ext/generated/composite-actions/launchdarkly_ios-client-sdk.model.yml +++ b/ql/lib/ext/generated/composite-actions/launchdarkly_ios-client-sdk.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["launchdarkly/ios-client-sdk", "*", "input.ios-sim", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/layer5labs_meshmap-snapshot.model.yml b/ql/lib/ext/generated/composite-actions/layer5labs_meshmap-snapshot.model.yml index 4c8df154d8e..c2c87969e93 100644 --- a/ql/lib/ext/generated/composite-actions/layer5labs_meshmap-snapshot.model.yml +++ b/ql/lib/ext/generated/composite-actions/layer5labs_meshmap-snapshot.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["layer5labs/meshmap-snapshot", "*", "input.assetLocation", "code-injection", "generated"] - ["layer5labs/meshmap-snapshot", "*", "input.mesheryToken", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/ldc-developers_ldc.model.yml b/ql/lib/ext/generated/composite-actions/ldc-developers_ldc.model.yml index 8366d5119ae..c1c3bf433cd 100644 --- a/ql/lib/ext/generated/composite-actions/ldc-developers_ldc.model.yml +++ b/ql/lib/ext/generated/composite-actions/ldc-developers_ldc.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ldc-developers/ldc", "*", "input.cmake_flags", "code-injection", "generated"] - ["ldc-developers/ldc", "*", "input.build_targets", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/ledgerhq_ledger-live.model.yml b/ql/lib/ext/generated/composite-actions/ledgerhq_ledger-live.model.yml index a5d99cfc5e0..af21dca8205 100644 --- a/ql/lib/ext/generated/composite-actions/ledgerhq_ledger-live.model.yml +++ b/ql/lib/ext/generated/composite-actions/ledgerhq_ledger-live.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ledgerhq/ledger-live", "*", "input.os", "code-injection", "generated"] - ["ledgerhq/ledger-live", "*", "input.turborepo-server-port", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/lerna_lerna.model.yml b/ql/lib/ext/generated/composite-actions/lerna_lerna.model.yml index e07d26e6a5f..18fdeffe1ec 100644 --- a/ql/lib/ext/generated/composite-actions/lerna_lerna.model.yml +++ b/ql/lib/ext/generated/composite-actions/lerna_lerna.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["lerna/lerna", "*", "input.install-command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/lf-edge_eve.model.yml b/ql/lib/ext/generated/composite-actions/lf-edge_eve.model.yml index 3fe7b27d9d5..ee67e882174 100644 --- a/ql/lib/ext/generated/composite-actions/lf-edge_eve.model.yml +++ b/ql/lib/ext/generated/composite-actions/lf-edge_eve.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["lf-edge/eve", "*", "input.command", "code-injection", "generated"] - ["lf-edge/eve", "*", "input.dockerhub-account", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/libgit2_libgit2.model.yml b/ql/lib/ext/generated/composite-actions/libgit2_libgit2.model.yml index 664c28bfc55..49caeb5f1dc 100644 --- a/ql/lib/ext/generated/composite-actions/libgit2_libgit2.model.yml +++ b/ql/lib/ext/generated/composite-actions/libgit2_libgit2.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["libgit2/libgit2", "*", "input.command", "code-injection", "generated"] - ["libgit2/libgit2", "*", "input.container-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/lightning-ai_pytorch-lightning.model.yml b/ql/lib/ext/generated/composite-actions/lightning-ai_pytorch-lightning.model.yml index 7b90ed20234..dda74b285da 100644 --- a/ql/lib/ext/generated/composite-actions/lightning-ai_pytorch-lightning.model.yml +++ b/ql/lib/ext/generated/composite-actions/lightning-ai_pytorch-lightning.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["lightning-ai/pytorch-lightning", "*", "input.name", "code-injection", "generated"] - ["lightning-ai/pytorch-lightning", "*", "input.pkg-folder", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/lightning-ai_torchmetrics.model.yml b/ql/lib/ext/generated/composite-actions/lightning-ai_torchmetrics.model.yml index 62b31c2d3ef..4b144103f8f 100644 --- a/ql/lib/ext/generated/composite-actions/lightning-ai_torchmetrics.model.yml +++ b/ql/lib/ext/generated/composite-actions/lightning-ai_torchmetrics.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["lightning-ai/torchmetrics", "*", "input.pypi-dir", "code-injection", "generated"] - ["lightning-ai/torchmetrics", "*", "input.torch-url", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/linkerd_linkerd2.model.yml b/ql/lib/ext/generated/composite-actions/linkerd_linkerd2.model.yml index 427b75730ab..931658c0bb5 100644 --- a/ql/lib/ext/generated/composite-actions/linkerd_linkerd2.model.yml +++ b/ql/lib/ext/generated/composite-actions/linkerd_linkerd2.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["linkerd/linkerd2", "*", "input.component", "code-injection", "generated"] - ["linkerd/linkerd2", "*", "input.docker-registry", "code-injection", "generated"] @@ -9,7 +9,7 @@ extensions: - ["linkerd/linkerd2", "*", "input.docker-ghcr-pat", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["linkerd/linkerd2", "*", "input.component", "output.image", "taint", "manual"] - ["linkerd/linkerd2", "*", "input.tag", "output.image", "taint", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/logseq_publish-spa.model.yml b/ql/lib/ext/generated/composite-actions/logseq_publish-spa.model.yml index 441913730fa..f2963217662 100644 --- a/ql/lib/ext/generated/composite-actions/logseq_publish-spa.model.yml +++ b/ql/lib/ext/generated/composite-actions/logseq_publish-spa.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["logseq/publish-spa", "*", "input.accent-color", "code-injection", "generated"] - ["logseq/publish-spa", "*", "input.theme-mode", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/macvim-dev_macvim.model.yml b/ql/lib/ext/generated/composite-actions/macvim-dev_macvim.model.yml index cbb2b43a2d8..1578e397369 100644 --- a/ql/lib/ext/generated/composite-actions/macvim-dev_macvim.model.yml +++ b/ql/lib/ext/generated/composite-actions/macvim-dev_macvim.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["macvim-dev/macvim", "*", "input.contents", "code-injection", "generated"] - ["macvim-dev/macvim", "*", "input.formula", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/mamba-org_mamba.model.yml b/ql/lib/ext/generated/composite-actions/mamba-org_mamba.model.yml index 2f981b5bd63..17c45e0d8ed 100644 --- a/ql/lib/ext/generated/composite-actions/mamba-org_mamba.model.yml +++ b/ql/lib/ext/generated/composite-actions/mamba-org_mamba.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mamba-org/mamba", "*", "input.key_suffix", "code-injection", "generated"] - ["mamba-org/mamba", "*", "input.key_base", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/maplibre_maplibre-native.model.yml b/ql/lib/ext/generated/composite-actions/maplibre_maplibre-native.model.yml index 5d3d44e914c..4e26b872800 100644 --- a/ql/lib/ext/generated/composite-actions/maplibre_maplibre-native.model.yml +++ b/ql/lib/ext/generated/composite-actions/maplibre_maplibre-native.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["maplibre/maplibre-native", "*", "input.artifact-name", "code-injection", "generated"] - ["maplibre/maplibre-native", "*", "input.externalData", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/mastodon_mastodon.model.yml b/ql/lib/ext/generated/composite-actions/mastodon_mastodon.model.yml index 7b41c1b2721..d5fa53d1bbb 100644 --- a/ql/lib/ext/generated/composite-actions/mastodon_mastodon.model.yml +++ b/ql/lib/ext/generated/composite-actions/mastodon_mastodon.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mastodon/mastodon", "*", "input.additional-system-dependencies", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/mavlink_qgroundcontrol.model.yml b/ql/lib/ext/generated/composite-actions/mavlink_qgroundcontrol.model.yml index 505fbb22005..f90fb1c5e63 100644 --- a/ql/lib/ext/generated/composite-actions/mavlink_qgroundcontrol.model.yml +++ b/ql/lib/ext/generated/composite-actions/mavlink_qgroundcontrol.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mavlink/qgroundcontrol", "*", "input.aws_secret_access_key", "code-injection", "generated"] - ["mavlink/qgroundcontrol", "*", "input.aws_key_id", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/mdanalysis_mdanalysis.model.yml b/ql/lib/ext/generated/composite-actions/mdanalysis_mdanalysis.model.yml index 24223da3c89..d16c0792c6d 100644 --- a/ql/lib/ext/generated/composite-actions/mdanalysis_mdanalysis.model.yml +++ b/ql/lib/ext/generated/composite-actions/mdanalysis_mdanalysis.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mdanalysis/mdanalysis", "*", "input.extra-pip-deps", "code-injection", "generated"] - ["mdanalysis/mdanalysis", "*", "input.full-deps", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/medic_cht-core.model.yml b/ql/lib/ext/generated/composite-actions/medic_cht-core.model.yml index b529c0117f4..4d009c2d47d 100644 --- a/ql/lib/ext/generated/composite-actions/medic_cht-core.model.yml +++ b/ql/lib/ext/generated/composite-actions/medic_cht-core.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["medic/cht-core", "*", "input.hostname", "code-injection", "generated"] - ["medic/cht-core", "*", "input.password", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/medusajs_medusa.model.yml b/ql/lib/ext/generated/composite-actions/medusajs_medusa.model.yml index 6a46669f05d..afd875c2205 100644 --- a/ql/lib/ext/generated/composite-actions/medusajs_medusa.model.yml +++ b/ql/lib/ext/generated/composite-actions/medusajs_medusa.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["medusajs/medusa", "*", "input.pathToSeedData", "code-injection", "generated"] - ["medusajs/medusa", "*", "input.password", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/metabase_metabase.model.yml b/ql/lib/ext/generated/composite-actions/metabase_metabase.model.yml index ec2f45f31db..680bbe27bcb 100644 --- a/ql/lib/ext/generated/composite-actions/metabase_metabase.model.yml +++ b/ql/lib/ext/generated/composite-actions/metabase_metabase.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["metabase/metabase", "*", "input.organization_name", "code-injection", "generated"] - ["metabase/metabase", "*", "input.github_token", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/metamask_action-create-release-pr.model.yml b/ql/lib/ext/generated/composite-actions/metamask_action-create-release-pr.model.yml index 3574855be3c..ffe074d3dea 100644 --- a/ql/lib/ext/generated/composite-actions/metamask_action-create-release-pr.model.yml +++ b/ql/lib/ext/generated/composite-actions/metamask_action-create-release-pr.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["metamask/action-create-release-pr", "*", "input.artifacts-path", "code-injection", "generated"] - ["metamask/action-create-release-pr", "*", "input.created-pr-status", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/metamask_action-npm-publish.model.yml b/ql/lib/ext/generated/composite-actions/metamask_action-npm-publish.model.yml index 4ee1b878e54..e53a58412c9 100644 --- a/ql/lib/ext/generated/composite-actions/metamask_action-npm-publish.model.yml +++ b/ql/lib/ext/generated/composite-actions/metamask_action-npm-publish.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["metamask/action-npm-publish", "*", "input.subteam", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/microsoft_fluentui.model.yml b/ql/lib/ext/generated/composite-actions/microsoft_fluentui.model.yml index 8453a2d415c..a899f727e39 100644 --- a/ql/lib/ext/generated/composite-actions/microsoft_fluentui.model.yml +++ b/ql/lib/ext/generated/composite-actions/microsoft_fluentui.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["microsoft/fluentui", "*", "input.workspaces", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/microsoft_playwright.model.yml b/ql/lib/ext/generated/composite-actions/microsoft_playwright.model.yml index dc86b795981..0c7c2e1bded 100644 --- a/ql/lib/ext/generated/composite-actions/microsoft_playwright.model.yml +++ b/ql/lib/ext/generated/composite-actions/microsoft_playwright.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["microsoft/playwright", "*", "input.report_dir", "code-injection", "generated"] - ["microsoft/playwright", "*", "input.connection_string", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/microsoft_wsl.model.yml b/ql/lib/ext/generated/composite-actions/microsoft_wsl.model.yml index ca9cc034d10..3d631e60dc3 100644 --- a/ql/lib/ext/generated/composite-actions/microsoft_wsl.model.yml +++ b/ql/lib/ext/generated/composite-actions/microsoft_wsl.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["microsoft/wsl", "*", "input.comment", "code-injection", "generated"] - ["microsoft/wsl", "*", "input.similar_issues_text", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/milvus-io_milvus.model.yml b/ql/lib/ext/generated/composite-actions/milvus-io_milvus.model.yml index b8aecfd5e3d..2f8710d2cbd 100644 --- a/ql/lib/ext/generated/composite-actions/milvus-io_milvus.model.yml +++ b/ql/lib/ext/generated/composite-actions/milvus-io_milvus.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["milvus-io/milvus", "*", "input.tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/mlflow_mlflow.model.yml b/ql/lib/ext/generated/composite-actions/mlflow_mlflow.model.yml index e7ac083da83..5490e62cdc9 100644 --- a/ql/lib/ext/generated/composite-actions/mlflow_mlflow.model.yml +++ b/ql/lib/ext/generated/composite-actions/mlflow_mlflow.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mlflow/mlflow", "*", "input.python-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/modin-project_modin.model.yml b/ql/lib/ext/generated/composite-actions/modin-project_modin.model.yml index 5cac21a0751..0c6df201a1c 100644 --- a/ql/lib/ext/generated/composite-actions/modin-project_modin.model.yml +++ b/ql/lib/ext/generated/composite-actions/modin-project_modin.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["modin-project/modin", "*", "input.parallel", "code-injection", "generated"] - ["modin-project/modin", "*", "input.runner", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/mozilla_addons-server.model.yml b/ql/lib/ext/generated/composite-actions/mozilla_addons-server.model.yml index 83e1345edf2..7d0b894f35d 100644 --- a/ql/lib/ext/generated/composite-actions/mozilla_addons-server.model.yml +++ b/ql/lib/ext/generated/composite-actions/mozilla_addons-server.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mozilla/addons-server", "*", "input.run", "code-injection", "generated"] - ["mozilla/addons-server", "*", "input.push", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/mozilla_bedrock.model.yml b/ql/lib/ext/generated/composite-actions/mozilla_bedrock.model.yml index 8708afa3f3b..d85418c7a41 100644 --- a/ql/lib/ext/generated/composite-actions/mozilla_bedrock.model.yml +++ b/ql/lib/ext/generated/composite-actions/mozilla_bedrock.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mozilla/bedrock", "*", "input.", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/mozilla_sccache.model.yml b/ql/lib/ext/generated/composite-actions/mozilla_sccache.model.yml index e4f1637603e..074cf066e37 100644 --- a/ql/lib/ext/generated/composite-actions/mozilla_sccache.model.yml +++ b/ql/lib/ext/generated/composite-actions/mozilla_sccache.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mozilla/sccache", "*", "input.name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/msys2_setup-msys2.model.yml b/ql/lib/ext/generated/composite-actions/msys2_setup-msys2.model.yml index f8b636c4636..c4497b59af8 100644 --- a/ql/lib/ext/generated/composite-actions/msys2_setup-msys2.model.yml +++ b/ql/lib/ext/generated/composite-actions/msys2_setup-msys2.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["msys2/setup-msys2", "*", "input.systems", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/mumble-voip_mumble.model.yml b/ql/lib/ext/generated/composite-actions/mumble-voip_mumble.model.yml index f51d784d7c1..cc28e15a55b 100644 --- a/ql/lib/ext/generated/composite-actions/mumble-voip_mumble.model.yml +++ b/ql/lib/ext/generated/composite-actions/mumble-voip_mumble.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mumble-voip/mumble", "*", "input.arch", "code-injection", "generated"] - ["mumble-voip/mumble", "*", "input.type", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/nasa_fprime.model.yml b/ql/lib/ext/generated/composite-actions/nasa_fprime.model.yml index ac6af801a0e..76fb41dadf1 100644 --- a/ql/lib/ext/generated/composite-actions/nasa_fprime.model.yml +++ b/ql/lib/ext/generated/composite-actions/nasa_fprime.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nasa/fprime", "*", "input.location", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/nats-io_nats-server.model.yml b/ql/lib/ext/generated/composite-actions/nats-io_nats-server.model.yml index fb676663019..b786a672140 100644 --- a/ql/lib/ext/generated/composite-actions/nats-io_nats-server.model.yml +++ b/ql/lib/ext/generated/composite-actions/nats-io_nats-server.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nats-io/nats-server", "*", "input.label", "code-injection", "generated"] - ["nats-io/nats-server", "*", "input.hub_password", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/nearform-actions_optic-release-automation-action.model.yml b/ql/lib/ext/generated/composite-actions/nearform-actions_optic-release-automation-action.model.yml index 503386ea3d4..236ac8f2cd2 100644 --- a/ql/lib/ext/generated/composite-actions/nearform-actions_optic-release-automation-action.model.yml +++ b/ql/lib/ext/generated/composite-actions/nearform-actions_optic-release-automation-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nearform-actions/optic-release-automation-action", "*", "input.build-command", "code-injection", "generated"] - ["nearform-actions/optic-release-automation-action", "*", "input.actor-name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/nektos_act.model.yml b/ql/lib/ext/generated/composite-actions/nektos_act.model.yml index 6d48d32e9fa..64207dbca6a 100644 --- a/ql/lib/ext/generated/composite-actions/nektos_act.model.yml +++ b/ql/lib/ext/generated/composite-actions/nektos_act.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nektos/act", "*", "input.test_input_optional", "code-injection", "generated"] - ["nektos/act", "*", "input.composite-input", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/neo4j-contrib_neo4j-apoc-procedures.model.yml b/ql/lib/ext/generated/composite-actions/neo4j-contrib_neo4j-apoc-procedures.model.yml index ae6d1fcc1e8..46de0ff86c6 100644 --- a/ql/lib/ext/generated/composite-actions/neo4j-contrib_neo4j-apoc-procedures.model.yml +++ b/ql/lib/ext/generated/composite-actions/neo4j-contrib_neo4j-apoc-procedures.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["neo4j-contrib/neo4j-apoc-procedures", "*", "input.project-name", "code-injection", "generated"] - ["neo4j-contrib/neo4j-apoc-procedures", "*", "input.gradle-command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/neondatabase_neon.model.yml b/ql/lib/ext/generated/composite-actions/neondatabase_neon.model.yml index 48b98225721..a07b223777b 100644 --- a/ql/lib/ext/generated/composite-actions/neondatabase_neon.model.yml +++ b/ql/lib/ext/generated/composite-actions/neondatabase_neon.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["neondatabase/neon", "*", "input.save_perf_report", "code-injection", "generated"] - ["neondatabase/neon", "*", "input.real_s3_region", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/neovim_neovim.model.yml b/ql/lib/ext/generated/composite-actions/neovim_neovim.model.yml index 14bfe57eb11..e3470982f53 100644 --- a/ql/lib/ext/generated/composite-actions/neovim_neovim.model.yml +++ b/ql/lib/ext/generated/composite-actions/neovim_neovim.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["neovim/neovim", "*", "input.install_flags", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/nhost_nhost.model.yml b/ql/lib/ext/generated/composite-actions/nhost_nhost.model.yml index 4b04351ab90..87535288d26 100644 --- a/ql/lib/ext/generated/composite-actions/nhost_nhost.model.yml +++ b/ql/lib/ext/generated/composite-actions/nhost_nhost.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nhost/nhost", "*", "input.config", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/nix-community_nixos-wsl.model.yml b/ql/lib/ext/generated/composite-actions/nix-community_nixos-wsl.model.yml index 755147a6f1a..28249c82428 100644 --- a/ql/lib/ext/generated/composite-actions/nix-community_nixos-wsl.model.yml +++ b/ql/lib/ext/generated/composite-actions/nix-community_nixos-wsl.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nix-community/nixos-wsl", "*", "input.filename", "code-injection", "generated"] - ["nix-community/nixos-wsl", "*", "input.expression", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/novuhq_novu.model.yml b/ql/lib/ext/generated/composite-actions/novuhq_novu.model.yml index 12017671b4e..8d1bbce631f 100644 --- a/ql/lib/ext/generated/composite-actions/novuhq_novu.model.yml +++ b/ql/lib/ext/generated/composite-actions/novuhq_novu.model.yml @@ -1,11 +1,11 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["novuhq/novu", "*", "input.tag", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["novuhq/novu", "*", "input.docker_name", "output.image", "taint", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/nymtech_nym.model.yml b/ql/lib/ext/generated/composite-actions/nymtech_nym.model.yml index e3028cc1bb3..3c5f85a6e79 100644 --- a/ql/lib/ext/generated/composite-actions/nymtech_nym.model.yml +++ b/ql/lib/ext/generated/composite-actions/nymtech_nym.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nymtech/nym", "*", "input.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/obsproject_obs-studio.model.yml b/ql/lib/ext/generated/composite-actions/obsproject_obs-studio.model.yml index ab112bb5ec0..01a552361ec 100644 --- a/ql/lib/ext/generated/composite-actions/obsproject_obs-studio.model.yml +++ b/ql/lib/ext/generated/composite-actions/obsproject_obs-studio.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["obsproject/obs-studio", "*", "input.failCondition", "code-injection", "generated"] - ["obsproject/obs-studio", "*", "input.checkGlob", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/ocaml_dune.model.yml b/ql/lib/ext/generated/composite-actions/ocaml_dune.model.yml index 0d8ae4e102e..ab2e86ce868 100644 --- a/ql/lib/ext/generated/composite-actions/ocaml_dune.model.yml +++ b/ql/lib/ext/generated/composite-actions/ocaml_dune.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ocaml/dune", "*", "input.OCAML_COMPILER", "code-injection", "generated"] - ["ocaml/dune", "*", "input.DKML_COMPILER", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/oneflow-inc_oneflow.model.yml b/ql/lib/ext/generated/composite-actions/oneflow-inc_oneflow.model.yml index 44156ddd670..8d6dd73bfd9 100644 --- a/ql/lib/ext/generated/composite-actions/oneflow-inc_oneflow.model.yml +++ b/ql/lib/ext/generated/composite-actions/oneflow-inc_oneflow.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["oneflow-inc/oneflow", "*", "input.extra_flags", "code-injection", "generated"] - ["oneflow-inc/oneflow", "*", "input.python_version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/open-telemetry_opentelemetry-ruby-contrib.model.yml b/ql/lib/ext/generated/composite-actions/open-telemetry_opentelemetry-ruby-contrib.model.yml index 693d456e4a5..a20cbb1e24d 100644 --- a/ql/lib/ext/generated/composite-actions/open-telemetry_opentelemetry-ruby-contrib.model.yml +++ b/ql/lib/ext/generated/composite-actions/open-telemetry_opentelemetry-ruby-contrib.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["open-telemetry/opentelemetry-ruby-contrib", "*", "input.gem", "code-injection", "generated"] - ["open-telemetry/opentelemetry-ruby-contrib", "*", "input.latest", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/open-telemetry_opentelemetry-ruby.model.yml b/ql/lib/ext/generated/composite-actions/open-telemetry_opentelemetry-ruby.model.yml index 5e3dffbb7f5..62785bef86b 100644 --- a/ql/lib/ext/generated/composite-actions/open-telemetry_opentelemetry-ruby.model.yml +++ b/ql/lib/ext/generated/composite-actions/open-telemetry_opentelemetry-ruby.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["open-telemetry/opentelemetry-ruby", "*", "input.gem", "code-injection", "generated"] - ["open-telemetry/opentelemetry-ruby", "*", "input.ruby", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/open-watcom_open-watcom-v2.model.yml b/ql/lib/ext/generated/composite-actions/open-watcom_open-watcom-v2.model.yml index 5d782529f7f..9c10a54abc7 100644 --- a/ql/lib/ext/generated/composite-actions/open-watcom_open-watcom-v2.model.yml +++ b/ql/lib/ext/generated/composite-actions/open-watcom_open-watcom-v2.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["open-watcom/open-watcom-v2", "*", "input.fullname", "code-injection", "generated"] - ["open-watcom/open-watcom-v2", "*", "input.buildcmd", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/openapitools_openapi-generator.model.yml b/ql/lib/ext/generated/composite-actions/openapitools_openapi-generator.model.yml index f7f845ac28f..4145ec19569 100644 --- a/ql/lib/ext/generated/composite-actions/openapitools_openapi-generator.model.yml +++ b/ql/lib/ext/generated/composite-actions/openapitools_openapi-generator.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["openapitools/openapi-generator", "*", "input.args", "code-injection", "generated"] - ["openapitools/openapi-generator", "*", "input.name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/openjdk_jdk.model.yml b/ql/lib/ext/generated/composite-actions/openjdk_jdk.model.yml index a58f033cc38..5b63c9fec06 100644 --- a/ql/lib/ext/generated/composite-actions/openjdk_jdk.model.yml +++ b/ql/lib/ext/generated/composite-actions/openjdk_jdk.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["openjdk/jdk", "*", "input.debug-suffix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/opensearch-project_opensearch-net.model.yml b/ql/lib/ext/generated/composite-actions/opensearch-project_opensearch-net.model.yml index aefece4bebd..f21389b08b0 100644 --- a/ql/lib/ext/generated/composite-actions/opensearch-project_opensearch-net.model.yml +++ b/ql/lib/ext/generated/composite-actions/opensearch-project_opensearch-net.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["opensearch-project/opensearch-net", "*", "input.version", "code-injection", "generated"] - ["opensearch-project/opensearch-net", "*", "input.build_script", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/opensearch-project_security.model.yml b/ql/lib/ext/generated/composite-actions/opensearch-project_security.model.yml index 5cbcfc01879..1a6f42c25f6 100644 --- a/ql/lib/ext/generated/composite-actions/opensearch-project_security.model.yml +++ b/ql/lib/ext/generated/composite-actions/opensearch-project_security.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["opensearch-project/security", "*", "input.plugin-branch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/opentrons_opentrons.model.yml b/ql/lib/ext/generated/composite-actions/opentrons_opentrons.model.yml index 0712838a737..ea48b84310c 100644 --- a/ql/lib/ext/generated/composite-actions/opentrons_opentrons.model.yml +++ b/ql/lib/ext/generated/composite-actions/opentrons_opentrons.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["opentrons/opentrons", "*", "input.destPrefix", "code-injection", "generated"] - ["opentrons/opentrons", "*", "input.domain", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/openvinotoolkit_openvino.model.yml b/ql/lib/ext/generated/composite-actions/openvinotoolkit_openvino.model.yml index 5ab14ba453b..4e953d695f8 100644 --- a/ql/lib/ext/generated/composite-actions/openvinotoolkit_openvino.model.yml +++ b/ql/lib/ext/generated/composite-actions/openvinotoolkit_openvino.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["openvinotoolkit/openvino", "*", "input.skip_when_only_listed_files_changed", "code-injection", "generated"] - ["openvinotoolkit/openvino", "*", "input.skip_when_only_listed_labels_set", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/openzeppelin_openzeppelin-contracts-upgradeable.model.yml b/ql/lib/ext/generated/composite-actions/openzeppelin_openzeppelin-contracts-upgradeable.model.yml index 564961fc600..32040ef84ea 100644 --- a/ql/lib/ext/generated/composite-actions/openzeppelin_openzeppelin-contracts-upgradeable.model.yml +++ b/ql/lib/ext/generated/composite-actions/openzeppelin_openzeppelin-contracts-upgradeable.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["openzeppelin/openzeppelin-contracts-upgradeable", "*", "input.layout", "code-injection", "generated"] - ["openzeppelin/openzeppelin-contracts-upgradeable", "*", "input.out_layout", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/openzeppelin_openzeppelin-contracts.model.yml b/ql/lib/ext/generated/composite-actions/openzeppelin_openzeppelin-contracts.model.yml index 8876184a0c1..b258ea1ce2d 100644 --- a/ql/lib/ext/generated/composite-actions/openzeppelin_openzeppelin-contracts.model.yml +++ b/ql/lib/ext/generated/composite-actions/openzeppelin_openzeppelin-contracts.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["openzeppelin/openzeppelin-contracts", "*", "input.layout", "code-injection", "generated"] - ["openzeppelin/openzeppelin-contracts", "*", "input.out_layout", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/oppia_oppia.model.yml b/ql/lib/ext/generated/composite-actions/oppia_oppia.model.yml index 7a389e89e53..c0a51345ae6 100644 --- a/ql/lib/ext/generated/composite-actions/oppia_oppia.model.yml +++ b/ql/lib/ext/generated/composite-actions/oppia_oppia.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["oppia/oppia", "*", "input.webhook-url", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/oracle_graal.model.yml b/ql/lib/ext/generated/composite-actions/oracle_graal.model.yml index ca23beb6e04..f362cd1f72b 100644 --- a/ql/lib/ext/generated/composite-actions/oracle_graal.model.yml +++ b/ql/lib/ext/generated/composite-actions/oracle_graal.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["oracle/graal", "*", "input.components", "code-injection", "generated"] - ["oracle/graal", "*", "input.native-images", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/oracle_truffleruby.model.yml b/ql/lib/ext/generated/composite-actions/oracle_truffleruby.model.yml index 9ddc6606a6d..35474e6c68f 100644 --- a/ql/lib/ext/generated/composite-actions/oracle_truffleruby.model.yml +++ b/ql/lib/ext/generated/composite-actions/oracle_truffleruby.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["oracle/truffleruby", "*", "input.archive", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/orhun_git-cliff.model.yml b/ql/lib/ext/generated/composite-actions/orhun_git-cliff.model.yml index cd04e9c8b34..ce961ee6a75 100644 --- a/ql/lib/ext/generated/composite-actions/orhun_git-cliff.model.yml +++ b/ql/lib/ext/generated/composite-actions/orhun_git-cliff.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["orhun/git-cliff", "*", "input.command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/oven-sh_bun.model.yml b/ql/lib/ext/generated/composite-actions/oven-sh_bun.model.yml index d986c331226..9ad4bb30666 100644 --- a/ql/lib/ext/generated/composite-actions/oven-sh_bun.model.yml +++ b/ql/lib/ext/generated/composite-actions/oven-sh_bun.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["oven-sh/bun", "*", "input.download-url", "code-injection", "generated"] - ["oven-sh/bun", "*", "input.bun-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/owntracks_android.model.yml b/ql/lib/ext/generated/composite-actions/owntracks_android.model.yml index 9b30c6599c1..5fca46427e0 100644 --- a/ql/lib/ext/generated/composite-actions/owntracks_android.model.yml +++ b/ql/lib/ext/generated/composite-actions/owntracks_android.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["owntracks/android", "*", "input.name", "code-injection", "generated"] - ["owntracks/android", "*", "input.path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/pandas-dev_pandas.model.yml b/ql/lib/ext/generated/composite-actions/pandas-dev_pandas.model.yml index 0089d9ca75d..9f0fecbe10b 100644 --- a/ql/lib/ext/generated/composite-actions/pandas-dev_pandas.model.yml +++ b/ql/lib/ext/generated/composite-actions/pandas-dev_pandas.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pandas-dev/pandas", "*", "input.meson_args", "code-injection", "generated"] - ["pandas-dev/pandas", "*", "input.editable", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/pardeike_harmony.model.yml b/ql/lib/ext/generated/composite-actions/pardeike_harmony.model.yml index d64d7c38a01..cadf01dbff1 100644 --- a/ql/lib/ext/generated/composite-actions/pardeike_harmony.model.yml +++ b/ql/lib/ext/generated/composite-actions/pardeike_harmony.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pardeike/harmony", "*", "input.architecture", "code-injection", "generated"] - ["pardeike/harmony", "*", "input.build_configuration", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/pennylaneai_pennylane.model.yml b/ql/lib/ext/generated/composite-actions/pennylaneai_pennylane.model.yml index 55a87e2df67..ec4fc1da053 100644 --- a/ql/lib/ext/generated/composite-actions/pennylaneai_pennylane.model.yml +++ b/ql/lib/ext/generated/composite-actions/pennylaneai_pennylane.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pennylaneai/pennylane", "*", "input.requirements_file", "code-injection", "generated"] - ["pennylaneai/pennylane", "*", "input.additional_pip_packages", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/phalcon_cphalcon.model.yml b/ql/lib/ext/generated/composite-actions/phalcon_cphalcon.model.yml index 158aafbd115..e6530a19d97 100644 --- a/ql/lib/ext/generated/composite-actions/phalcon_cphalcon.model.yml +++ b/ql/lib/ext/generated/composite-actions/phalcon_cphalcon.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["phalcon/cphalcon", "*", "input.target-name", "code-injection", "generated"] - ["phalcon/cphalcon", "*", "input.ext-path", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/philosowaffle_peloton-to-garmin.model.yml b/ql/lib/ext/generated/composite-actions/philosowaffle_peloton-to-garmin.model.yml index ff12a54e97a..0bae4e91cde 100644 --- a/ql/lib/ext/generated/composite-actions/philosowaffle_peloton-to-garmin.model.yml +++ b/ql/lib/ext/generated/composite-actions/philosowaffle_peloton-to-garmin.model.yml @@ -1,12 +1,12 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["philosowaffle/peloton-to-garmin", "*", "input.framework", "code-injection", "generated"] - ["philosowaffle/peloton-to-garmin", "*", "input.os", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["philosowaffle/peloton-to-garmin", "*", "input.os", "output.artifact_name", "taint", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/php_php-src.model.yml b/ql/lib/ext/generated/composite-actions/php_php-src.model.yml index 1a92afe11a4..0acb53ba1d3 100644 --- a/ql/lib/ext/generated/composite-actions/php_php-src.model.yml +++ b/ql/lib/ext/generated/composite-actions/php_php-src.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["php/php-src", "*", "input.jitType", "code-injection", "generated"] - ["php/php-src", "*", "input.runTestsParameters", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/phpdocumentor_phpdocumentor.model.yml b/ql/lib/ext/generated/composite-actions/phpdocumentor_phpdocumentor.model.yml index 38f2399b368..f1b755e796b 100644 --- a/ql/lib/ext/generated/composite-actions/phpdocumentor_phpdocumentor.model.yml +++ b/ql/lib/ext/generated/composite-actions/phpdocumentor_phpdocumentor.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["phpdocumentor/phpdocumentor", "*", "input.passphrase", "code-injection", "generated"] - ["phpdocumentor/phpdocumentor", "*", "input.secret-key", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/pinecone-io_pinecone-python-client.model.yml b/ql/lib/ext/generated/composite-actions/pinecone-io_pinecone-python-client.model.yml index 36e983b8039..7d1733d647a 100644 --- a/ql/lib/ext/generated/composite-actions/pinecone-io_pinecone-python-client.model.yml +++ b/ql/lib/ext/generated/composite-actions/pinecone-io_pinecone-python-client.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pinecone-io/pinecone-python-client", "*", "input.googleapis_common_protos_version", "code-injection", "generated"] - ["pinecone-io/pinecone-python-client", "*", "input.protobuf_version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/pixijs_pixijs.model.yml b/ql/lib/ext/generated/composite-actions/pixijs_pixijs.model.yml index 006a53e8376..4bf33c9a343 100644 --- a/ql/lib/ext/generated/composite-actions/pixijs_pixijs.model.yml +++ b/ql/lib/ext/generated/composite-actions/pixijs_pixijs.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pixijs/pixijs", "*", "input.npm-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/posthog_posthog.model.yml b/ql/lib/ext/generated/composite-actions/posthog_posthog.model.yml index 5410cb3ff30..9ca004a7c15 100644 --- a/ql/lib/ext/generated/composite-actions/posthog_posthog.model.yml +++ b/ql/lib/ext/generated/composite-actions/posthog_posthog.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["posthog/posthog", "*", "input.group", "code-injection", "generated"] - ["posthog/posthog", "*", "input.concurrency", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/primer_react.model.yml b/ql/lib/ext/generated/composite-actions/primer_react.model.yml index 124b3cf2a5a..fc3870d89a8 100644 --- a/ql/lib/ext/generated/composite-actions/primer_react.model.yml +++ b/ql/lib/ext/generated/composite-actions/primer_react.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["primer/react", "*", "input.token", "code-injection", "generated"] - ["primer/react", "*", "input.schedule-id", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/project-chip_connectedhomeip.model.yml b/ql/lib/ext/generated/composite-actions/project-chip_connectedhomeip.model.yml index 8542583f3d9..1d621562771 100644 --- a/ql/lib/ext/generated/composite-actions/project-chip_connectedhomeip.model.yml +++ b/ql/lib/ext/generated/composite-actions/project-chip_connectedhomeip.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["project-chip/connectedhomeip", "*", "input.with", "code-injection", "generated"] - ["project-chip/connectedhomeip", "*", "input.action", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/projectnessie_nessie.model.yml b/ql/lib/ext/generated/composite-actions/projectnessie_nessie.model.yml index e85e58fb40a..f09b364127e 100644 --- a/ql/lib/ext/generated/composite-actions/projectnessie_nessie.model.yml +++ b/ql/lib/ext/generated/composite-actions/projectnessie_nessie.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["projectnessie/nessie", "*", "input.job-name", "code-injection", "generated"] - ["projectnessie/nessie", "*", "input.java-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/psf_black.model.yml b/ql/lib/ext/generated/composite-actions/psf_black.model.yml index d2005f3788a..56e7b814231 100644 --- a/ql/lib/ext/generated/composite-actions/psf_black.model.yml +++ b/ql/lib/ext/generated/composite-actions/psf_black.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["psf/black", "*", "input.summary", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/pyca_cryptography.model.yml b/ql/lib/ext/generated/composite-actions/pyca_cryptography.model.yml index 7340dfccdd0..9f953b32ab1 100644 --- a/ql/lib/ext/generated/composite-actions/pyca_cryptography.model.yml +++ b/ql/lib/ext/generated/composite-actions/pyca_cryptography.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pyca/cryptography", "*", "input.key", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/pyg-team_pytorch_geometric.model.yml b/ql/lib/ext/generated/composite-actions/pyg-team_pytorch_geometric.model.yml index 70022866bdd..257b77bc2c3 100644 --- a/ql/lib/ext/generated/composite-actions/pyg-team_pytorch_geometric.model.yml +++ b/ql/lib/ext/generated/composite-actions/pyg-team_pytorch_geometric.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pyg-team/pytorch/geometric", "*", "input.torchvision-version", "code-injection", "generated"] - ["pyg-team/pytorch/geometric", "*", "input.cuda-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/python-poetry_poetry.model.yml b/ql/lib/ext/generated/composite-actions/python-poetry_poetry.model.yml index f7bd43cbc1e..49f2f86907f 100644 --- a/ql/lib/ext/generated/composite-actions/python-poetry_poetry.model.yml +++ b/ql/lib/ext/generated/composite-actions/python-poetry_poetry.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["python-poetry/poetry", "*", "input.args", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/python_mypy.model.yml b/ql/lib/ext/generated/composite-actions/python_mypy.model.yml index d85a35580b6..1e33c5e540a 100644 --- a/ql/lib/ext/generated/composite-actions/python_mypy.model.yml +++ b/ql/lib/ext/generated/composite-actions/python_mypy.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["python/mypy", "*", "input.install_project_dependencies", "code-injection", "generated"] - ["python/mypy", "*", "input.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/quarto-dev_quarto-cli.model.yml b/ql/lib/ext/generated/composite-actions/quarto-dev_quarto-cli.model.yml index ee0b51c72b4..cfbf15549c4 100644 --- a/ql/lib/ext/generated/composite-actions/quarto-dev_quarto-cli.model.yml +++ b/ql/lib/ext/generated/composite-actions/quarto-dev_quarto-cli.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["quarto-dev/quarto-cli", "*", "input.keychain-pw", "code-injection", "generated"] - ["quarto-dev/quarto-cli", "*", "input.keychain", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/quay_clair.model.yml b/ql/lib/ext/generated/composite-actions/quay_clair.model.yml index 524a1f54ae4..24730af3d77 100644 --- a/ql/lib/ext/generated/composite-actions/quay_clair.model.yml +++ b/ql/lib/ext/generated/composite-actions/quay_clair.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["quay/clair", "*", "input.tag", "code-injection", "generated"] - ["quay/clair", "*", "input.repo", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/quickwit-oss_quickwit.model.yml b/ql/lib/ext/generated/composite-actions/quickwit-oss_quickwit.model.yml index 310f11ed160..6be5abd09dd 100644 --- a/ql/lib/ext/generated/composite-actions/quickwit-oss_quickwit.model.yml +++ b/ql/lib/ext/generated/composite-actions/quickwit-oss_quickwit.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["quickwit-oss/quickwit", "*", "input.target", "code-injection", "generated"] - ["quickwit-oss/quickwit", "*", "input.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/r-lib_actions.model.yml b/ql/lib/ext/generated/composite-actions/r-lib_actions.model.yml index 441b824581c..145b6f0d0e3 100644 --- a/ql/lib/ext/generated/composite-actions/r-lib_actions.model.yml +++ b/ql/lib/ext/generated/composite-actions/r-lib_actions.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["r-lib/actions", "*", "input.lockfile-create-lib", "code-injection", "generated"] - ["r-lib/actions", "*", "input.dependencies", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/randombit_botan.model.yml b/ql/lib/ext/generated/composite-actions/randombit_botan.model.yml index 19f9f7a03bb..c8b05bfd904 100644 --- a/ql/lib/ext/generated/composite-actions/randombit_botan.model.yml +++ b/ql/lib/ext/generated/composite-actions/randombit_botan.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["randombit/botan", "*", "input.target", "code-injection", "generated"] - ["randombit/botan", "*", "input.arch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/raspberrypi_documentation.model.yml b/ql/lib/ext/generated/composite-actions/raspberrypi_documentation.model.yml index 1ca71afacc7..04c218a76c1 100644 --- a/ql/lib/ext/generated/composite-actions/raspberrypi_documentation.model.yml +++ b/ql/lib/ext/generated/composite-actions/raspberrypi_documentation.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["raspberrypi/documentation", "*", "input.secondary_host", "code-injection", "generated"] - ["raspberrypi/documentation", "*", "input.destination", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/ray-project_kuberay.model.yml b/ql/lib/ext/generated/composite-actions/ray-project_kuberay.model.yml index 9f0ff2c86de..5447d4b7e2e 100644 --- a/ql/lib/ext/generated/composite-actions/ray-project_kuberay.model.yml +++ b/ql/lib/ext/generated/composite-actions/ray-project_kuberay.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ray-project/kuberay", "*", "input.ray_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/readthedocs_actions.model.yml b/ql/lib/ext/generated/composite-actions/readthedocs_actions.model.yml index abb6c432aef..825ce27511d 100644 --- a/ql/lib/ext/generated/composite-actions/readthedocs_actions.model.yml +++ b/ql/lib/ext/generated/composite-actions/readthedocs_actions.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["readthedocs/actions", "*", "input.single-version", "code-injection", "generated"] - ["readthedocs/actions", "*", "input.platform", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/reflex-dev_reflex.model.yml b/ql/lib/ext/generated/composite-actions/reflex-dev_reflex.model.yml index 6548880f59e..8f3e49c9768 100644 --- a/ql/lib/ext/generated/composite-actions/reflex-dev_reflex.model.yml +++ b/ql/lib/ext/generated/composite-actions/reflex-dev_reflex.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["reflex-dev/reflex", "*", "input.create-venv-at-path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/renovatebot_renovate.model.yml b/ql/lib/ext/generated/composite-actions/renovatebot_renovate.model.yml index 5401d176051..1937367debc 100644 --- a/ql/lib/ext/generated/composite-actions/renovatebot_renovate.model.yml +++ b/ql/lib/ext/generated/composite-actions/renovatebot_renovate.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["renovatebot/renovate", "*", "input.node-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/rethinkdb_rethinkdb.model.yml b/ql/lib/ext/generated/composite-actions/rethinkdb_rethinkdb.model.yml index 70cf81f1b78..01b77b7ccc6 100644 --- a/ql/lib/ext/generated/composite-actions/rethinkdb_rethinkdb.model.yml +++ b/ql/lib/ext/generated/composite-actions/rethinkdb_rethinkdb.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["rethinkdb/rethinkdb", "*", "input.command", "code-injection", "generated"] - ["rethinkdb/rethinkdb", "*", "input.install_command", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/risc0_risc0.model.yml b/ql/lib/ext/generated/composite-actions/risc0_risc0.model.yml index eccccba83fe..edbd28d401b 100644 --- a/ql/lib/ext/generated/composite-actions/risc0_risc0.model.yml +++ b/ql/lib/ext/generated/composite-actions/risc0_risc0.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["risc0/risc0", "*", "input.key", "code-injection", "generated"] - ["risc0/risc0", "*", "input.components", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/rocketchat_rocket.chat.model.yml b/ql/lib/ext/generated/composite-actions/rocketchat_rocket.chat.model.yml index b7133aae304..4b31bd66c5a 100644 --- a/ql/lib/ext/generated/composite-actions/rocketchat_rocket.chat.model.yml +++ b/ql/lib/ext/generated/composite-actions/rocketchat_rocket.chat.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["rocketchat/rocket.chat", "*", "input.build-containers", "code-injection", "generated"] - ["rocketchat/rocket.chat", "*", "input.release", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/rook_rook.model.yml b/ql/lib/ext/generated/composite-actions/rook_rook.model.yml index 26d7b448269..a186fa070b0 100644 --- a/ql/lib/ext/generated/composite-actions/rook_rook.model.yml +++ b/ql/lib/ext/generated/composite-actions/rook_rook.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["rook/rook", "*", "input.use-tmate", "code-injection", "generated"] - ["rook/rook", "*", "input.kubernetes-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/roots_trellis.model.yml b/ql/lib/ext/generated/composite-actions/roots_trellis.model.yml index 7600cd4bdde..92ee2971e3a 100644 --- a/ql/lib/ext/generated/composite-actions/roots_trellis.model.yml +++ b/ql/lib/ext/generated/composite-actions/roots_trellis.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["roots/trellis", "*", "input.path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/ruby_debug.model.yml b/ql/lib/ext/generated/composite-actions/ruby_debug.model.yml index dd79b0845dd..07b8e96bfe2 100644 --- a/ql/lib/ext/generated/composite-actions/ruby_debug.model.yml +++ b/ql/lib/ext/generated/composite-actions/ruby_debug.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ruby/debug", "*", "input.report-path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/ruby_ruby.model.yml b/ql/lib/ext/generated/composite-actions/ruby_ruby.model.yml index 71bdd001458..2a2a5baab45 100644 --- a/ql/lib/ext/generated/composite-actions/ruby_ruby.model.yml +++ b/ql/lib/ext/generated/composite-actions/ruby_ruby.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ruby/ruby", "*", "input.builddir", "code-injection", "generated"] - ["ruby/ruby", "*", "input.srcdir", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/rusefi_rusefi.model.yml b/ql/lib/ext/generated/composite-actions/rusefi_rusefi.model.yml index 3b3262f93a9..274fab01e92 100644 --- a/ql/lib/ext/generated/composite-actions/rusefi_rusefi.model.yml +++ b/ql/lib/ext/generated/composite-actions/rusefi_rusefi.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["rusefi/rusefi", "*", "input.RUSEFI_OBFUSCATED_PUBLIC_SSH_SERVER", "code-injection", "generated"] - ["rusefi/rusefi", "*", "input.RUSEFI_OBFUSCATED_PUBLIC_SSH_PASS", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/saltstack_salt.model.yml b/ql/lib/ext/generated/composite-actions/saltstack_salt.model.yml index b30d898dcc1..3671de9e58a 100644 --- a/ql/lib/ext/generated/composite-actions/saltstack_salt.model.yml +++ b/ql/lib/ext/generated/composite-actions/saltstack_salt.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["saltstack/salt", "*", "input.version", "code-injection", "generated"] - ["saltstack/salt", "*", "input.upload-chunk-size", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/saltstack_salt.yml b/ql/lib/ext/generated/composite-actions/saltstack_salt.yml index 963518a3478..2ef34dac8ba 100644 --- a/ql/lib/ext/generated/composite-actions/saltstack_salt.yml +++ b/ql/lib/ext/generated/composite-actions/saltstack_salt.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["saltstack/salt", "*", "input.version", "output.version", "taint", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/sap_sapmachine.model.yml b/ql/lib/ext/generated/composite-actions/sap_sapmachine.model.yml index 979a9aca5c2..d76f20031e7 100644 --- a/ql/lib/ext/generated/composite-actions/sap_sapmachine.model.yml +++ b/ql/lib/ext/generated/composite-actions/sap_sapmachine.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["sap/sapmachine", "*", "input.debug-suffix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/scala-native_scala-native.model.yml b/ql/lib/ext/generated/composite-actions/scala-native_scala-native.model.yml index b180a319baa..eccb5dae2bd 100644 --- a/ql/lib/ext/generated/composite-actions/scala-native_scala-native.model.yml +++ b/ql/lib/ext/generated/composite-actions/scala-native_scala-native.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["scala-native/scala-native", "*", "input.llvm-version", "code-injection", "generated"] - ["scala-native/scala-native", "*", "input.scala-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/scitools_iris.model.yml b/ql/lib/ext/generated/composite-actions/scitools_iris.model.yml index fb5fa4d8e4e..3cbd3330ccd 100644 --- a/ql/lib/ext/generated/composite-actions/scitools_iris.model.yml +++ b/ql/lib/ext/generated/composite-actions/scitools_iris.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["scitools/iris", "*", "input.version", "code-injection", "generated"] - ["scitools/iris", "*", "input.install_packages", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/scylladb_scylla-operator.model.yml b/ql/lib/ext/generated/composite-actions/scylladb_scylla-operator.model.yml index cb9faef2bf6..73c9c1f24a2 100644 --- a/ql/lib/ext/generated/composite-actions/scylladb_scylla-operator.model.yml +++ b/ql/lib/ext/generated/composite-actions/scylladb_scylla-operator.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["scylladb/scylla-operator", "*", "input.containerImageName", "code-injection", "generated"] - ["scylladb/scylla-operator", "*", "input.githubToken", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/shader-slang_slang.model.yml b/ql/lib/ext/generated/composite-actions/shader-slang_slang.model.yml index e7eb6b732ff..90c4f699308 100644 --- a/ql/lib/ext/generated/composite-actions/shader-slang_slang.model.yml +++ b/ql/lib/ext/generated/composite-actions/shader-slang_slang.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["shader-slang/slang", "*", "input.platform", "code-injection", "generated"] - ["shader-slang/slang", "*", "input.os", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/shaka-project_shaka-player.model.yml b/ql/lib/ext/generated/composite-actions/shaka-project_shaka-player.model.yml index a1b1a4b71e8..ed4e8820c99 100644 --- a/ql/lib/ext/generated/composite-actions/shaka-project_shaka-player.model.yml +++ b/ql/lib/ext/generated/composite-actions/shaka-project_shaka-player.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["shaka-project/shaka-player", "*", "input.state", "code-injection", "generated"] - ["shaka-project/shaka-player", "*", "input.context", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/shakacode_react-webpack-rails-tutorial.model.yml b/ql/lib/ext/generated/composite-actions/shakacode_react-webpack-rails-tutorial.model.yml index 2463b4a1d16..df51b9fe4c8 100644 --- a/ql/lib/ext/generated/composite-actions/shakacode_react-webpack-rails-tutorial.model.yml +++ b/ql/lib/ext/generated/composite-actions/shakacode_react-webpack-rails-tutorial.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["shakacode/react-webpack-rails-tutorial", "*", "input.org", "code-injection", "generated"] - ["shakacode/react-webpack-rails-tutorial", "*", "input.app_name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/simple-icons_simple-icons.model.yml b/ql/lib/ext/generated/composite-actions/simple-icons_simple-icons.model.yml index 87e88b2c13d..8fca8591ceb 100644 --- a/ql/lib/ext/generated/composite-actions/simple-icons_simple-icons.model.yml +++ b/ql/lib/ext/generated/composite-actions/simple-icons_simple-icons.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["simple-icons/simple-icons", "*", "input.issue_number", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/slint-ui_slint.model.yml b/ql/lib/ext/generated/composite-actions/slint-ui_slint.model.yml index c0789d6e424..819728cf718 100644 --- a/ql/lib/ext/generated/composite-actions/slint-ui_slint.model.yml +++ b/ql/lib/ext/generated/composite-actions/slint-ui_slint.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["slint-ui/slint", "*", "input.extra-packages", "code-injection", "generated"] - ["slint-ui/slint", "*", "input.binary", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/solidusio_solidus.model.yml b/ql/lib/ext/generated/composite-actions/solidusio_solidus.model.yml index f617b9d172d..d3eaca780b4 100644 --- a/ql/lib/ext/generated/composite-actions/solidusio_solidus.model.yml +++ b/ql/lib/ext/generated/composite-actions/solidusio_solidus.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["solidusio/solidus", "*", "input.last_minor", "code-injection", "generated"] - ["solidusio/solidus", "*", "input.labels", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/solo-io_gloo.model.yml b/ql/lib/ext/generated/composite-actions/solo-io_gloo.model.yml index f30719d58d8..42c00ea216b 100644 --- a/ql/lib/ext/generated/composite-actions/solo-io_gloo.model.yml +++ b/ql/lib/ext/generated/composite-actions/solo-io_gloo.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["solo-io/gloo", "*", "input.base-ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/sonarr_sonarr.model.yml b/ql/lib/ext/generated/composite-actions/sonarr_sonarr.model.yml index 84d5c96e63b..a93d6a039d4 100644 --- a/ql/lib/ext/generated/composite-actions/sonarr_sonarr.model.yml +++ b/ql/lib/ext/generated/composite-actions/sonarr_sonarr.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["sonarr/sonarr", "*", "input.filter", "code-injection", "generated"] - ["sonarr/sonarr", "*", "input.binary_path", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/sonic-pi-net_sonic-pi.model.yml b/ql/lib/ext/generated/composite-actions/sonic-pi-net_sonic-pi.model.yml index d76ab136ab9..8a7784a6f01 100644 --- a/ql/lib/ext/generated/composite-actions/sonic-pi-net_sonic-pi.model.yml +++ b/ql/lib/ext/generated/composite-actions/sonic-pi-net_sonic-pi.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["sonic-pi-net/sonic-pi", "*", "input.command", "code-injection", "generated"] - ["sonic-pi-net/sonic-pi", "*", "input.container-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/spacedriveapp_spacedrive.model.yml b/ql/lib/ext/generated/composite-actions/spacedriveapp_spacedrive.model.yml index 9e75660d1b3..1b22d43bfad 100644 --- a/ql/lib/ext/generated/composite-actions/spacedriveapp_spacedrive.model.yml +++ b/ql/lib/ext/generated/composite-actions/spacedriveapp_spacedrive.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["spacedriveapp/spacedrive", "*", "input.setup-arg", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/spockframework_spock.model.yml b/ql/lib/ext/generated/composite-actions/spockframework_spock.model.yml index 1cc6e837b84..7175dd9450b 100644 --- a/ql/lib/ext/generated/composite-actions/spockframework_spock.model.yml +++ b/ql/lib/ext/generated/composite-actions/spockframework_spock.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["spockframework/spock", "*", "input.additional-java-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/spring-io_initializr.model.yml b/ql/lib/ext/generated/composite-actions/spring-io_initializr.model.yml index b2e283c6983..dca0f00a4ec 100644 --- a/ql/lib/ext/generated/composite-actions/spring-io_initializr.model.yml +++ b/ql/lib/ext/generated/composite-actions/spring-io_initializr.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["spring-io/initializr", "*", "input.run-name", "code-injection", "generated"] - ["spring-io/initializr", "*", "input.webhook-url", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/spring-io_start.spring.io.model.yml b/ql/lib/ext/generated/composite-actions/spring-io_start.spring.io.model.yml index d08bdb5d6f4..5f75d4fd0cd 100644 --- a/ql/lib/ext/generated/composite-actions/spring-io_start.spring.io.model.yml +++ b/ql/lib/ext/generated/composite-actions/spring-io_start.spring.io.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["spring-io/start.spring.io", "*", "input.run-name", "code-injection", "generated"] - ["spring-io/start.spring.io", "*", "input.webhook-url", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/spring-projects_spring-boot.model.yml b/ql/lib/ext/generated/composite-actions/spring-projects_spring-boot.model.yml index 4532947bc48..d34a6a1a388 100644 --- a/ql/lib/ext/generated/composite-actions/spring-projects_spring-boot.model.yml +++ b/ql/lib/ext/generated/composite-actions/spring-projects_spring-boot.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["spring-projects/spring-boot", "*", "input.run-name", "code-injection", "generated"] - ["spring-projects/spring-boot", "*", "input.webhook-url", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/spring-projects_spring-framework.model.yml b/ql/lib/ext/generated/composite-actions/spring-projects_spring-framework.model.yml index 518a27d9afc..b7c5f7e214c 100644 --- a/ql/lib/ext/generated/composite-actions/spring-projects_spring-framework.model.yml +++ b/ql/lib/ext/generated/composite-actions/spring-projects_spring-framework.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["spring-projects/spring-framework", "*", "input.run-name", "code-injection", "generated"] - ["spring-projects/spring-framework", "*", "input.webhook-url", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/spring-projects_spring-graphql.model.yml b/ql/lib/ext/generated/composite-actions/spring-projects_spring-graphql.model.yml index bb21bcda68d..eead3b5ace3 100644 --- a/ql/lib/ext/generated/composite-actions/spring-projects_spring-graphql.model.yml +++ b/ql/lib/ext/generated/composite-actions/spring-projects_spring-graphql.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["spring-projects/spring-graphql", "*", "input.run-name", "code-injection", "generated"] - ["spring-projects/spring-graphql", "*", "input.webhook-url", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/square_workflow-kotlin.model.yml b/ql/lib/ext/generated/composite-actions/square_workflow-kotlin.model.yml index 5f81d9bd406..be7043cfdbf 100644 --- a/ql/lib/ext/generated/composite-actions/square_workflow-kotlin.model.yml +++ b/ql/lib/ext/generated/composite-actions/square_workflow-kotlin.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["square/workflow-kotlin", "*", "input.commit-message", "code-injection", "generated"] - ["square/workflow-kotlin", "*", "input.fix-task", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/stefanprodan_podinfo.model.yml b/ql/lib/ext/generated/composite-actions/stefanprodan_podinfo.model.yml index f8fe2344d0a..36bdef9ad9a 100644 --- a/ql/lib/ext/generated/composite-actions/stefanprodan_podinfo.model.yml +++ b/ql/lib/ext/generated/composite-actions/stefanprodan_podinfo.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["stefanprodan/podinfo", "*", "input.version", "code-injection", "generated"] - ["stefanprodan/podinfo", "*", "input.arch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/stellar_go.model.yml b/ql/lib/ext/generated/composite-actions/stellar_go.model.yml index 377e439049c..3d66b07df9f 100644 --- a/ql/lib/ext/generated/composite-actions/stellar_go.model.yml +++ b/ql/lib/ext/generated/composite-actions/stellar_go.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["stellar/go", "*", "input.go-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/streetsidesoftware_cspell.model.yml b/ql/lib/ext/generated/composite-actions/streetsidesoftware_cspell.model.yml index 70b2c362464..2f8a3fbdfa6 100644 --- a/ql/lib/ext/generated/composite-actions/streetsidesoftware_cspell.model.yml +++ b/ql/lib/ext/generated/composite-actions/streetsidesoftware_cspell.model.yml @@ -1,11 +1,11 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["streetsidesoftware/cspell", "*", "input.name", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["streetsidesoftware/cspell", "*", "input.value", "output.value", "taint", "manual"] diff --git a/ql/lib/ext/generated/composite-actions/subquery_subql.model.yml b/ql/lib/ext/generated/composite-actions/subquery_subql.model.yml index 7f317ddad8e..e1acb54c724 100644 --- a/ql/lib/ext/generated/composite-actions/subquery_subql.model.yml +++ b/ql/lib/ext/generated/composite-actions/subquery_subql.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["subquery/subql", "*", "input.package-path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/swagger-api_swagger-codegen.model.yml b/ql/lib/ext/generated/composite-actions/swagger-api_swagger-codegen.model.yml index b1a9ea20344..0a51c708799 100644 --- a/ql/lib/ext/generated/composite-actions/swagger-api_swagger-codegen.model.yml +++ b/ql/lib/ext/generated/composite-actions/swagger-api_swagger-codegen.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["swagger-api/swagger-codegen", "*", "input.options", "code-injection", "generated"] - ["swagger-api/swagger-codegen", "*", "input.spec-url", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/swagger-api_swagger-parser.model.yml b/ql/lib/ext/generated/composite-actions/swagger-api_swagger-parser.model.yml index 37e39efd243..0ee56c05777 100644 --- a/ql/lib/ext/generated/composite-actions/swagger-api_swagger-parser.model.yml +++ b/ql/lib/ext/generated/composite-actions/swagger-api_swagger-parser.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["swagger-api/swagger-parser", "*", "input.logsPath", "code-injection", "generated"] - ["swagger-api/swagger-parser", "*", "input.parserSpecPath", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/tarantool_tarantool.model.yml b/ql/lib/ext/generated/composite-actions/tarantool_tarantool.model.yml index 9569d47329f..f17216cf1e8 100644 --- a/ql/lib/ext/generated/composite-actions/tarantool_tarantool.model.yml +++ b/ql/lib/ext/generated/composite-actions/tarantool_tarantool.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["tarantool/tarantool", "*", "input.source", "code-injection", "generated"] - ["tarantool/tarantool", "*", "input.chat-id", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/telepresenceio_telepresence.model.yml b/ql/lib/ext/generated/composite-actions/telepresenceio_telepresence.model.yml index 6cf5dd84fbd..551010c6634 100644 --- a/ql/lib/ext/generated/composite-actions/telepresenceio_telepresence.model.yml +++ b/ql/lib/ext/generated/composite-actions/telepresenceio_telepresence.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["telepresenceio/telepresence", "*", "input.release_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/tensorflow_datasets.model.yml b/ql/lib/ext/generated/composite-actions/tensorflow_datasets.model.yml index ce09307f8fb..bd64e336c17 100644 --- a/ql/lib/ext/generated/composite-actions/tensorflow_datasets.model.yml +++ b/ql/lib/ext/generated/composite-actions/tensorflow_datasets.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["tensorflow/datasets", "*", "input.extras", "code-injection", "generated"] - ["tensorflow/datasets", "*", "input.tf-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/texstudio-org_texstudio.model.yml b/ql/lib/ext/generated/composite-actions/texstudio-org_texstudio.model.yml index 183319e32ff..7d545451867 100644 --- a/ql/lib/ext/generated/composite-actions/texstudio-org_texstudio.model.yml +++ b/ql/lib/ext/generated/composite-actions/texstudio-org_texstudio.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["texstudio-org/texstudio", "*", "input.file", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/toeverything_affine.model.yml b/ql/lib/ext/generated/composite-actions/toeverything_affine.model.yml index d8fb3f98b09..1ad4a2b824d 100644 --- a/ql/lib/ext/generated/composite-actions/toeverything_affine.model.yml +++ b/ql/lib/ext/generated/composite-actions/toeverything_affine.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["toeverything/affine", "*", "input.extra-flags", "code-injection", "generated"] - ["toeverything/affine", "*", "input.nmHoistingLimits", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/treeverse_lakefs.model.yml b/ql/lib/ext/generated/composite-actions/treeverse_lakefs.model.yml index c0c663e69f3..60381d41f16 100644 --- a/ql/lib/ext/generated/composite-actions/treeverse_lakefs.model.yml +++ b/ql/lib/ext/generated/composite-actions/treeverse_lakefs.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["treeverse/lakefs", "*", "input.compose-flags", "code-injection", "generated"] - ["treeverse/lakefs", "*", "input.compose-directory", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/trezor_trezor-firmware.model.yml b/ql/lib/ext/generated/composite-actions/trezor_trezor-firmware.model.yml index 35c0d80a115..ac61ed797d5 100644 --- a/ql/lib/ext/generated/composite-actions/trezor_trezor-firmware.model.yml +++ b/ql/lib/ext/generated/composite-actions/trezor_trezor-firmware.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["trezor/trezor-firmware", "*", "input.lang", "code-injection", "generated"] - ["trezor/trezor-firmware", "*", "input.model", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/tribler_tribler.model.yml b/ql/lib/ext/generated/composite-actions/tribler_tribler.model.yml index dc1dcff0b15..7eed41f755e 100644 --- a/ql/lib/ext/generated/composite-actions/tribler_tribler.model.yml +++ b/ql/lib/ext/generated/composite-actions/tribler_tribler.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["tribler/tribler", "*", "input.libsodium-version", "code-injection", "generated"] - ["tribler/tribler", "*", "input.command", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/trunk-io_trunk-action.model.yml b/ql/lib/ext/generated/composite-actions/trunk-io_trunk-action.model.yml index 2da63c894fc..f977f6a5cce 100644 --- a/ql/lib/ext/generated/composite-actions/trunk-io_trunk-action.model.yml +++ b/ql/lib/ext/generated/composite-actions/trunk-io_trunk-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["trunk-io/trunk-action", "*", "input.tools", "code-injection", "generated"] - ["trunk-io/trunk-action", "*", "input.post-init", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/unidata_metpy.model.yml b/ql/lib/ext/generated/composite-actions/unidata_metpy.model.yml index 3dc87b3ed76..c4bacdc9c2c 100644 --- a/ql/lib/ext/generated/composite-actions/unidata_metpy.model.yml +++ b/ql/lib/ext/generated/composite-actions/unidata_metpy.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["unidata/metpy", "*", "input.key", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/unstructured-io_unstructured.model.yml b/ql/lib/ext/generated/composite-actions/unstructured-io_unstructured.model.yml index 94a140a9fe1..f4ee4920797 100644 --- a/ql/lib/ext/generated/composite-actions/unstructured-io_unstructured.model.yml +++ b/ql/lib/ext/generated/composite-actions/unstructured-io_unstructured.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["unstructured-io/unstructured", "*", "input.python-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/vercel_turbo.model.yml b/ql/lib/ext/generated/composite-actions/vercel_turbo.model.yml index d8f78274623..5fae95e5def 100644 --- a/ql/lib/ext/generated/composite-actions/vercel_turbo.model.yml +++ b/ql/lib/ext/generated/composite-actions/vercel_turbo.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["vercel/turbo", "*", "input.extra-flags", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/vesoft-inc_nebula.model.yml b/ql/lib/ext/generated/composite-actions/vesoft-inc_nebula.model.yml index f539135bba0..4115d6c98f7 100644 --- a/ql/lib/ext/generated/composite-actions/vesoft-inc_nebula.model.yml +++ b/ql/lib/ext/generated/composite-actions/vesoft-inc_nebula.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["vesoft-inc/nebula", "*", "input.target-path", "code-injection", "generated"] - ["vesoft-inc/nebula", "*", "input.bucket", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/vkcom_vkui.model.yml b/ql/lib/ext/generated/composite-actions/vkcom_vkui.model.yml index cc8a7f16492..536b37131c1 100644 --- a/ql/lib/ext/generated/composite-actions/vkcom_vkui.model.yml +++ b/ql/lib/ext/generated/composite-actions/vkcom_vkui.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["vkcom/vkui", "*", "input.next_version", "code-injection", "generated"] - ["vkcom/vkui", "*", "input.package_name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/vuetifyjs_vuetify.model.yml b/ql/lib/ext/generated/composite-actions/vuetifyjs_vuetify.model.yml index ec1ed14fed5..54f72118d87 100644 --- a/ql/lib/ext/generated/composite-actions/vuetifyjs_vuetify.model.yml +++ b/ql/lib/ext/generated/composite-actions/vuetifyjs_vuetify.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["vuetifyjs/vuetify", "*", "input.name", "code-injection", "generated"] - ["vuetifyjs/vuetify", "*", "input.path", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/wagoodman_dive.model.yml b/ql/lib/ext/generated/composite-actions/wagoodman_dive.model.yml index 18b37d3c658..bed9ae53110 100644 --- a/ql/lib/ext/generated/composite-actions/wagoodman_dive.model.yml +++ b/ql/lib/ext/generated/composite-actions/wagoodman_dive.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["wagoodman/dive", "*", "input.bootstrap-apt-packages", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/walletconnect_walletconnectswiftv2.model.yml b/ql/lib/ext/generated/composite-actions/walletconnect_walletconnectswiftv2.model.yml index c1699ec6816..7e9f4e14e85 100644 --- a/ql/lib/ext/generated/composite-actions/walletconnect_walletconnectswiftv2.model.yml +++ b/ql/lib/ext/generated/composite-actions/walletconnect_walletconnectswiftv2.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["walletconnect/walletconnectswiftv2", "*", "input.js-client-api-host", "code-injection", "generated"] - ["walletconnect/walletconnectswiftv2", "*", "input.project-id", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/wazuh_wazuh.model.yml b/ql/lib/ext/generated/composite-actions/wazuh_wazuh.model.yml index 0fe9b73b6de..3a16fc74bb6 100644 --- a/ql/lib/ext/generated/composite-actions/wazuh_wazuh.model.yml +++ b/ql/lib/ext/generated/composite-actions/wazuh_wazuh.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["wazuh/wazuh", "*", "input.target", "code-injection", "generated"] - ["wazuh/wazuh", "*", "input.doxygen_config", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/web-infra-dev_rspack.model.yml b/ql/lib/ext/generated/composite-actions/web-infra-dev_rspack.model.yml index 27a5defa298..686f1013dd8 100644 --- a/ql/lib/ext/generated/composite-actions/web-infra-dev_rspack.model.yml +++ b/ql/lib/ext/generated/composite-actions/web-infra-dev_rspack.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["web-infra-dev/rspack", "*", "input.post", "code-injection", "generated"] - ["web-infra-dev/rspack", "*", "input.profile", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/webassembly_wabt.model.yml b/ql/lib/ext/generated/composite-actions/webassembly_wabt.model.yml index 05fd2667812..6a6cb61c174 100644 --- a/ql/lib/ext/generated/composite-actions/webassembly_wabt.model.yml +++ b/ql/lib/ext/generated/composite-actions/webassembly_wabt.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["webassembly/wabt", "*", "input.os", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/wntrblm_nox.model.yml b/ql/lib/ext/generated/composite-actions/wntrblm_nox.model.yml index 5a91e3cd32f..513cd4d7644 100644 --- a/ql/lib/ext/generated/composite-actions/wntrblm_nox.model.yml +++ b/ql/lib/ext/generated/composite-actions/wntrblm_nox.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["wntrblm/nox", "*", "input.python-versions", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/xrplf_rippled.model.yml b/ql/lib/ext/generated/composite-actions/xrplf_rippled.model.yml index bb632423a1c..2855a6d4e01 100644 --- a/ql/lib/ext/generated/composite-actions/xrplf_rippled.model.yml +++ b/ql/lib/ext/generated/composite-actions/xrplf_rippled.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["xrplf/rippled", "*", "input.configuration", "code-injection", "generated"] - ["xrplf/rippled", "*", "input.cmake-target", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/composite-actions/zcash_zcash.model.yml b/ql/lib/ext/generated/composite-actions/zcash_zcash.model.yml index dca76acdc27..78a2cc4e0ce 100644 --- a/ql/lib/ext/generated/composite-actions/zcash_zcash.model.yml +++ b/ql/lib/ext/generated/composite-actions/zcash_zcash.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["zcash/zcash", "*", "input.destination", "code-injection", "generated"] - ["zcash/zcash", "*", "input.remove-first-if-exists", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/zenml-io_zenml.model.yml b/ql/lib/ext/generated/composite-actions/zenml-io_zenml.model.yml index c0e357715de..8db73d2fc77 100644 --- a/ql/lib/ext/generated/composite-actions/zenml-io_zenml.model.yml +++ b/ql/lib/ext/generated/composite-actions/zenml-io_zenml.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["zenml-io/zenml", "*", "input.install_integrations", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/composite-actions/zeroc-ice_ice.model.yml b/ql/lib/ext/generated/composite-actions/zeroc-ice_ice.model.yml index 2bc23972e78..8b0deda070d 100644 --- a/ql/lib/ext/generated/composite-actions/zeroc-ice_ice.model.yml +++ b/ql/lib/ext/generated/composite-actions/zeroc-ice_ice.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["zeroc-ice/ice", "*", "input.flags", "code-injection", "generated"] - ["zeroc-ice/ice", "*", "input.make_flags", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/0xpolygon_polygon-edge.model.yml b/ql/lib/ext/generated/reusable-workflows/0xpolygon_polygon-edge.model.yml index 740bfd26d69..3f7a7e7fda8 100644 --- a/ql/lib/ext/generated/reusable-workflows/0xpolygon_polygon-edge.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/0xpolygon_polygon-edge.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["0xpolygon/polygon-edge/.github/workflows/loadtest.yml", "*", "input.scenario", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/8vim_8vim.model.yml b/ql/lib/ext/generated/reusable-workflows/8vim_8vim.model.yml index f3bfa556ee5..9746a118691 100644 --- a/ql/lib/ext/generated/reusable-workflows/8vim_8vim.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/8vim_8vim.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["8vim/8vim/.github/workflows/publish.yaml", "*", "input.version_code", "code-injection", "generated"] - ["8vim/8vim/.github/workflows/publish.yaml", "*", "input.version_name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/actions_reusable-workflows.model.yml b/ql/lib/ext/generated/reusable-workflows/actions_reusable-workflows.model.yml index f8c4e3c68be..6208645b1b7 100644 --- a/ql/lib/ext/generated/reusable-workflows/actions_reusable-workflows.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/actions_reusable-workflows.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["actions/reusable-workflows/.github/workflows/update-config-files.yml", "*", "input.base-pr-branch", "code-injection", "generated"] - ["actions/reusable-workflows/.github/workflows/update-config-files.yml", "*", "input.head-pr-branch", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/adap_flower.model.yml b/ql/lib/ext/generated/reusable-workflows/adap_flower.model.yml index 793136cc3d3..e66e7326701 100644 --- a/ql/lib/ext/generated/reusable-workflows/adap_flower.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/adap_flower.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["adap/flower/.github/workflows/_docker-build.yml", "*", "input.namespace-repository", "code-injection", "generated"] - ["adap/flower/.github/workflows/_docker-build.yml", "*", "input.file-dir", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/aio-libs_multidict.model.yml b/ql/lib/ext/generated/reusable-workflows/aio-libs_multidict.model.yml index e46601a7bff..471ce3a672a 100644 --- a/ql/lib/ext/generated/reusable-workflows/aio-libs_multidict.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/aio-libs_multidict.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["aio-libs/multidict/.github/workflows/reusable-build-wheel.yml", "*", "input.wheel-tags-to-skip", "code-injection", "generated"] - ["aio-libs/multidict/.github/workflows/reusable-build-wheel.yml", "*", "input.qemu", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/aio-libs_yarl.model.yml b/ql/lib/ext/generated/reusable-workflows/aio-libs_yarl.model.yml index 558ff908edf..1af30be9f35 100644 --- a/ql/lib/ext/generated/reusable-workflows/aio-libs_yarl.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/aio-libs_yarl.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["aio-libs/yarl/.github/workflows/reusable-build-wheel.yml", "*", "input.wheel-tags-to-skip", "code-injection", "generated"] - ["aio-libs/yarl/.github/workflows/reusable-build-wheel.yml", "*", "input.qemu", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/airbytehq_airbyte.model.yml b/ql/lib/ext/generated/reusable-workflows/airbytehq_airbyte.model.yml index a477e289d9e..ee3d9d0a8ef 100644 --- a/ql/lib/ext/generated/reusable-workflows/airbytehq_airbyte.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/airbytehq_airbyte.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["airbytehq/airbyte/.github/workflows/connector-performance-command.yml", "*", "input.connector", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/alphagov_collections.model.yml b/ql/lib/ext/generated/reusable-workflows/alphagov_collections.model.yml index a72ace81445..493594e3b81 100644 --- a/ql/lib/ext/generated/reusable-workflows/alphagov_collections.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/alphagov_collections.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["alphagov/collections/.github/workflows/pact-verify.yml", "*", "input.pact_artifact_file_to_verify", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/alphagov_frontend.model.yml b/ql/lib/ext/generated/reusable-workflows/alphagov_frontend.model.yml index 26c0794a19c..a437581ba83 100644 --- a/ql/lib/ext/generated/reusable-workflows/alphagov_frontend.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/alphagov_frontend.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["alphagov/frontend/.github/workflows/pact-verify.yml", "*", "input.pact_artifact_file_to_verify", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/alphagov_publishing-api.model.yml b/ql/lib/ext/generated/reusable-workflows/alphagov_publishing-api.model.yml index 5ad39d5e184..489e005cc0e 100644 --- a/ql/lib/ext/generated/reusable-workflows/alphagov_publishing-api.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/alphagov_publishing-api.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["alphagov/publishing-api/.github/workflows/pact-verify.yml", "*", "input.pact_artifact_file_to_verify", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/apache_druid.model.yml b/ql/lib/ext/generated/reusable-workflows/apache_druid.model.yml index 3c790f81d74..3a0e723e9f7 100644 --- a/ql/lib/ext/generated/reusable-workflows/apache_druid.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/apache_druid.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/druid/.github/workflows/reusable-unit-tests.yml", "*", "input.module", "code-injection", "generated"] - ["apache/druid/.github/workflows/reusable-unit-tests.yml", "*", "input.jdk", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/apache_flink.model.yml b/ql/lib/ext/generated/reusable-workflows/apache_flink.model.yml index 50fdcfd5a2d..893be8a2725 100644 --- a/ql/lib/ext/generated/reusable-workflows/apache_flink.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/apache_flink.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/flink/.github/workflows/template.flink-ci.yml", "*", "input.environment", "code-injection", "generated"] - ["apache/flink/.github/workflows/template.flink-ci.yml", "*", "input.workflow-caller-id", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/apache_spark.model.yml b/ql/lib/ext/generated/reusable-workflows/apache_spark.model.yml index 6363564503c..75877fa48aa 100644 --- a/ql/lib/ext/generated/reusable-workflows/apache_spark.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/apache_spark.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["apache/spark/.github/workflows/build_and_test.yml", "*", "input.branch", "code-injection", "generated"] - ["apache/spark/.github/workflows/build_and_test.yml", "*", "input.jobs", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/argilla-io_argilla.model.yml b/ql/lib/ext/generated/reusable-workflows/argilla-io_argilla.model.yml index fce736676fe..489e6134eba 100644 --- a/ql/lib/ext/generated/reusable-workflows/argilla-io_argilla.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/argilla-io_argilla.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["argilla-io/argilla/.github/workflows/run-python-tests.yml", "*", "input.pytestArgs", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/argoproj_argo-cd.model.yml b/ql/lib/ext/generated/reusable-workflows/argoproj_argo-cd.model.yml index 593322a739e..4feef931f71 100644 --- a/ql/lib/ext/generated/reusable-workflows/argoproj_argo-cd.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/argoproj_argo-cd.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["argoproj/argo-cd/.github/workflows/image-reuse.yaml", "*", "input.docker_image_name", "code-injection", "generated"] - ["argoproj/argo-cd/.github/workflows/image-reuse.yaml", "*", "input.ghcr_image_name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/argoproj_argo-rollouts.model.yml b/ql/lib/ext/generated/reusable-workflows/argoproj_argo-rollouts.model.yml index b3984a7ab83..189cd8bbafd 100644 --- a/ql/lib/ext/generated/reusable-workflows/argoproj_argo-rollouts.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/argoproj_argo-rollouts.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["argoproj/argo-rollouts/.github/workflows/image-reuse.yaml", "*", "input.docker_image_name", "code-injection", "generated"] - ["argoproj/argo-rollouts/.github/workflows/image-reuse.yaml", "*", "input.ghcr_image_name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/aws-amplify_amplify-ui.model.yml b/ql/lib/ext/generated/reusable-workflows/aws-amplify_amplify-ui.model.yml index a6f1bd4569d..418694a596d 100644 --- a/ql/lib/ext/generated/reusable-workflows/aws-amplify_amplify-ui.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/aws-amplify_amplify-ui.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["aws-amplify/amplify-ui/.github/workflows/reusable-tagged-publish.yml", "*", "input.dist-tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/azure_apiops.model.yml b/ql/lib/ext/generated/reusable-workflows/azure_apiops.model.yml index b661a1fa26a..10c4f8a3e3c 100644 --- a/ql/lib/ext/generated/reusable-workflows/azure_apiops.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/azure_apiops.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["azure/apiops/tools/github_workflows/run-publisher-with-env.yaml", "*", "input.API_MANAGEMENT_SERVICE_OUTPUT_FOLDER_PATH", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/azure_mlops-templates.model.yml b/ql/lib/ext/generated/reusable-workflows/azure_mlops-templates.model.yml index 0f58971041d..1837a505499 100644 --- a/ql/lib/ext/generated/reusable-workflows/azure_mlops-templates.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/azure_mlops-templates.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["azure/mlops-templates/.github/workflows/tf-gha-install-terraform.yml", "*", "input.terraform_workingdir", "code-injection", "generated"] - ["azure/mlops-templates/.github/workflows/run-pipeline.yml", "*", "input.parameters-file", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/bbq-beets_avocaddo-cmw.model.yml b/ql/lib/ext/generated/reusable-workflows/bbq-beets_avocaddo-cmw.model.yml index f12a337d71d..094e4602e8e 100644 --- a/ql/lib/ext/generated/reusable-workflows/bbq-beets_avocaddo-cmw.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/bbq-beets_avocaddo-cmw.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["bbq-beets/avocaddo-cmw/.github/workflows/mobile-ci-cd.yml", "*", "input.git-user-email", "code-injection", "generated"] - ["bbq-beets/avocaddo-cmw/.github/workflows/mobile-ci-cd.yml", "*", "input.git-user-name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/bbq-beets_mobile-ci-cd.model.yml b/ql/lib/ext/generated/reusable-workflows/bbq-beets_mobile-ci-cd.model.yml index 76796b4ae38..ec264f96bf1 100644 --- a/ql/lib/ext/generated/reusable-workflows/bbq-beets_mobile-ci-cd.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/bbq-beets_mobile-ci-cd.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["bbq-beets/mobile-ci-cd/.github/workflows/mobile-ci-cd.yml", "*", "input.git-user-email", "code-injection", "generated"] - ["bbq-beets/mobile-ci-cd/.github/workflows/mobile-ci-cd.yml", "*", "input.git-user-name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/bbq-beets_yujincat-action.model.yml b/ql/lib/ext/generated/reusable-workflows/bbq-beets_yujincat-action.model.yml index 8cc08edff5d..7463396b152 100644 --- a/ql/lib/ext/generated/reusable-workflows/bbq-beets_yujincat-action.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/bbq-beets_yujincat-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["bbq-beets/yujincat-action/.github/workflows/test-referInputs.yml", "*", "input.shell", "code-injection", "generated"] - ["bbq-beets/yujincat-action/.github/workflows/test-referInputs.yml", "*", "input.environment", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/bdunderscore_modular-avatar.model.yml b/ql/lib/ext/generated/reusable-workflows/bdunderscore_modular-avatar.model.yml index c2963eb76f4..4c52a10d4f1 100644 --- a/ql/lib/ext/generated/reusable-workflows/bdunderscore_modular-avatar.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/bdunderscore_modular-avatar.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["bdunderscore/modular-avatar/.github/workflows/build-test-docs.yml", "*", "input.path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/benc-uk_workflow-dispatch.model.yml b/ql/lib/ext/generated/reusable-workflows/benc-uk_workflow-dispatch.model.yml index 66aea90b41a..a6c5a8b8e3b 100644 --- a/ql/lib/ext/generated/reusable-workflows/benc-uk_workflow-dispatch.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/benc-uk_workflow-dispatch.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["benc-uk/workflow-dispatch/.github/workflows/echo-3.yaml", "*", "input.message", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/bridgecrewio_checkov.model.yml b/ql/lib/ext/generated/reusable-workflows/bridgecrewio_checkov.model.yml index 49ed7bca899..286e75fc9e2 100644 --- a/ql/lib/ext/generated/reusable-workflows/bridgecrewio_checkov.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/bridgecrewio_checkov.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["bridgecrewio/checkov/tests/github_actions/resources/.github/workflows/docker-slsa.yaml", "*", "input.REGISTRY", "code-injection", "generated"] - ["bridgecrewio/checkov/tests/github_actions/resources/.github/workflows/docker-slsa.yaml", "*", "input.IMAGE_NAME", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/bugsnag_bugsnag-ruby.model.yml b/ql/lib/ext/generated/reusable-workflows/bugsnag_bugsnag-ruby.model.yml index fd0a2d9110a..9ea5a9a34c7 100644 --- a/ql/lib/ext/generated/reusable-workflows/bugsnag_bugsnag-ruby.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/bugsnag_bugsnag-ruby.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["bugsnag/bugsnag-ruby/.github/workflows/run-maze-runner.yml", "*", "input.features", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/bytecodealliance_wasm-micro-runtime.model.yml b/ql/lib/ext/generated/reusable-workflows/bytecodealliance_wasm-micro-runtime.model.yml index 1a3bdd1b380..34e41e9c589 100644 --- a/ql/lib/ext/generated/reusable-workflows/bytecodealliance_wasm-micro-runtime.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/bytecodealliance_wasm-micro-runtime.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["bytecodealliance/wasm-micro-runtime/.github/workflows/reuse_latest_release_binaries.yml", "*", "input.the_path", "code-injection", "generated"] - ["bytecodealliance/wasm-micro-runtime/.github/workflows/reuse_latest_release_binaries.yml", "*", "input.last_commit", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/celo-org_celo-blockchain.model.yml b/ql/lib/ext/generated/reusable-workflows/celo-org_celo-blockchain.model.yml index 6185f9d03d0..cc38156973b 100644 --- a/ql/lib/ext/generated/reusable-workflows/celo-org_celo-blockchain.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/celo-org_celo-blockchain.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["celo-org/celo-blockchain/.github/workflows/add-docker-tag.yaml", "*", "input.destination-tag", "code-injection", "generated"] - ["celo-org/celo-blockchain/.github/workflows/add-docker-tag.yaml", "*", "input.origin-tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/cemu-project_cemu.model.yml b/ql/lib/ext/generated/reusable-workflows/cemu-project_cemu.model.yml index 273bbc69540..748287e75f8 100644 --- a/ql/lib/ext/generated/reusable-workflows/cemu-project_cemu.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/cemu-project_cemu.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cemu-project/cemu/.github/workflows/build.yml", "*", "input.experimentalversion", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/cesiumgs_cesium-unreal.model.yml b/ql/lib/ext/generated/reusable-workflows/cesiumgs_cesium-unreal.model.yml index 3aac3af3cae..703a138d28d 100644 --- a/ql/lib/ext/generated/reusable-workflows/cesiumgs_cesium-unreal.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/cesiumgs_cesium-unreal.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cesiumgs/cesium-unreal/.github/workflows/testWindows.yml", "*", "input.unreal-program-name", "code-injection", "generated"] - ["cesiumgs/cesium-unreal/.github/workflows/testWindows.yml", "*", "input.test-package-base-name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/cgal_cgal.model.yml b/ql/lib/ext/generated/reusable-workflows/cgal_cgal.model.yml index 9887b8e5f3a..97f1bafd1f3 100644 --- a/ql/lib/ext/generated/reusable-workflows/cgal_cgal.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/cgal_cgal.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cgal/cgal/.github/workflows/send_email.yml", "*", "input.message", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/checkstyle_checkstyle.model.yml b/ql/lib/ext/generated/reusable-workflows/checkstyle_checkstyle.model.yml index 4c6379fd94b..064c946363f 100644 --- a/ql/lib/ext/generated/reusable-workflows/checkstyle_checkstyle.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/checkstyle_checkstyle.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["checkstyle/checkstyle/.github/workflows/release-upload-all-jar.yml", "*", "input.version", "code-injection", "generated"] - ["checkstyle/checkstyle/.github/workflows/release-update-xdoc-with-releasenotes.yml", "*", "input.version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/chia-network_actions.model.yml b/ql/lib/ext/generated/reusable-workflows/chia-network_actions.model.yml index 35738fe6c0f..4a5c66bc744 100644 --- a/ql/lib/ext/generated/reusable-workflows/chia-network_actions.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/chia-network_actions.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["chia-network/actions/.github/workflows/docker-build.yaml", "*", "input.docker-context", "code-injection", "generated"] - ["chia-network/actions/.github/workflows/docker-build.yaml", "*", "input.image_subpath", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/chipsalliance_chisel.model.yml b/ql/lib/ext/generated/reusable-workflows/chipsalliance_chisel.model.yml index 77db768cf32..a1e4b624b45 100644 --- a/ql/lib/ext/generated/reusable-workflows/chipsalliance_chisel.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/chipsalliance_chisel.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["chipsalliance/chisel/.github/workflows/test.yml", "*", "input.scala", "code-injection", "generated"] - ["chipsalliance/chisel/.github/workflows/test.yml", "*", "input.circt", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/clickhouse_clickhouse.model.yml b/ql/lib/ext/generated/reusable-workflows/clickhouse_clickhouse.model.yml index 509de954646..888aed947da 100644 --- a/ql/lib/ext/generated/reusable-workflows/clickhouse_clickhouse.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/clickhouse_clickhouse.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["clickhouse/clickhouse/.github/workflows/reusable_test.yml", "*", "input.test_name", "code-injection", "generated"] - ["clickhouse/clickhouse/.github/workflows/reusable_test.yml", "*", "input.run_command", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/cloudfoundry_cli.model.yml b/ql/lib/ext/generated/reusable-workflows/cloudfoundry_cli.model.yml index 6e0e2865e83..3b5f69e9342 100644 --- a/ql/lib/ext/generated/reusable-workflows/cloudfoundry_cli.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/cloudfoundry_cli.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cloudfoundry/cli/.github/workflows/tests-integration-reusable.yml", "*", "input.os", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/cloudposse_github-action-matrix-outputs-write.model.yml b/ql/lib/ext/generated/reusable-workflows/cloudposse_github-action-matrix-outputs-write.model.yml index 69667ce10b1..8e28b46f2c7 100644 --- a/ql/lib/ext/generated/reusable-workflows/cloudposse_github-action-matrix-outputs-write.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/cloudposse_github-action-matrix-outputs-write.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["cloudposse/github-action-matrix-outputs-write/.github/workflows/setup-test.yml", "*", "input.matrix-key", "output.result", "taint", "manual"] diff --git a/ql/lib/ext/generated/reusable-workflows/cocotb_cocotb.model.yml b/ql/lib/ext/generated/reusable-workflows/cocotb_cocotb.model.yml index 175012c10c9..7f63b48ed84 100644 --- a/ql/lib/ext/generated/reusable-workflows/cocotb_cocotb.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/cocotb_cocotb.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cocotb/cocotb/.github/workflows/regression-tests.yml", "*", "input.nox_session_test_sim", "code-injection", "generated"] - ["cocotb/cocotb/.github/workflows/regression-tests.yml", "*", "input.nox_session_test_nosim", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/codeigniter4_codeigniter4.model.yml b/ql/lib/ext/generated/reusable-workflows/codeigniter4_codeigniter4.model.yml index 84a834d9a1f..e7e42031e04 100644 --- a/ql/lib/ext/generated/reusable-workflows/codeigniter4_codeigniter4.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/codeigniter4_codeigniter4.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["codeigniter4/codeigniter4/.github/workflows/reusable-serviceless-phpunit-test.yml", "*", "input.extra-composer-options", "code-injection", "generated"] - ["codeigniter4/codeigniter4/.github/workflows/reusable-serviceless-phpunit-test.yml", "*", "input.php-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/com-lihaoyi_mill.model.yml b/ql/lib/ext/generated/reusable-workflows/com-lihaoyi_mill.model.yml index 2946a78cf83..0c34609ccef 100644 --- a/ql/lib/ext/generated/reusable-workflows/com-lihaoyi_mill.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/com-lihaoyi_mill.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["com-lihaoyi/mill/.github/workflows/run-mill-action.yml", "*", "input.millargs", "code-injection", "generated"] - ["com-lihaoyi/mill/.github/workflows/run-mill-action.yml", "*", "input.buildcmd", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/cosmos_ibc-go.model.yml b/ql/lib/ext/generated/reusable-workflows/cosmos_ibc-go.model.yml index 7ce68d84ca5..82de946e406 100644 --- a/ql/lib/ext/generated/reusable-workflows/cosmos_ibc-go.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/cosmos_ibc-go.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cosmos/ibc-go/.github/workflows/e2e-test-workflow-call.yml", "*", "input.upgrade-plan-name", "code-injection", "generated"] - ["cosmos/ibc-go/.github/workflows/e2e-test-workflow-call.yml", "*", "input.chain-upgrade-tag", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/crowdsecurity_crowdsec.model.yml b/ql/lib/ext/generated/reusable-workflows/crowdsecurity_crowdsec.model.yml index 8e3b9ccc0f8..09c4c2a83c3 100644 --- a/ql/lib/ext/generated/reusable-workflows/crowdsecurity_crowdsec.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/crowdsecurity_crowdsec.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["crowdsecurity/crowdsec/.github/workflows/publish-docker.yml", "*", "input.latest", "code-injection", "generated"] - ["crowdsecurity/crowdsec/.github/workflows/publish-docker.yml", "*", "input.image_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/cryptomator_cryptomator.model.yml b/ql/lib/ext/generated/reusable-workflows/cryptomator_cryptomator.model.yml index f41e2ee1246..0e4571fc728 100644 --- a/ql/lib/ext/generated/reusable-workflows/cryptomator_cryptomator.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/cryptomator_cryptomator.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["cryptomator/cryptomator/.github/workflows/get-version.yml", "*", "input.version", "code-injection", "generated"] - ["cryptomator/cryptomator/.github/workflows/av-whitelist.yml", "*", "input.url", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/daeuniverse_dae.model.yml b/ql/lib/ext/generated/reusable-workflows/daeuniverse_dae.model.yml index c643a6a9fe0..6a03acfb11d 100644 --- a/ql/lib/ext/generated/reusable-workflows/daeuniverse_dae.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/daeuniverse_dae.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["daeuniverse/dae/.github/workflows/seed-build.yml", "*", "input.pr-number", "code-injection", "generated"] - ["daeuniverse/dae/.github/workflows/seed-build.yml", "*", "input.build-type", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dafny-lang_dafny.model.yml b/ql/lib/ext/generated/reusable-workflows/dafny-lang_dafny.model.yml index 9aad213b1df..f41ee1211d3 100644 --- a/ql/lib/ext/generated/reusable-workflows/dafny-lang_dafny.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/dafny-lang_dafny.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dafny-lang/dafny/.github/workflows/publish-release-reusable.yml", "*", "input.name", "code-injection", "generated"] - ["dafny-lang/dafny/.github/workflows/publish-release-reusable.yml", "*", "input.tag_name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/dagger_dagger.model.yml b/ql/lib/ext/generated/reusable-workflows/dagger_dagger.model.yml index 1906ef45379..8a64c0ce5f1 100644 --- a/ql/lib/ext/generated/reusable-workflows/dagger_dagger.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/dagger_dagger.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dagger/dagger/.github/workflows/_hack_make.yml", "*", "input.mage-targets", "code-injection", "generated"] - ["dagger/dagger/.github/workflows/_hack_make.yml", "*", "input.dev-engine", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dash-industry-forum_dash.js.model.yml b/ql/lib/ext/generated/reusable-workflows/dash-industry-forum_dash.js.model.yml index f5ce50243f7..18e66bf7291 100644 --- a/ql/lib/ext/generated/reusable-workflows/dash-industry-forum_dash.js.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/dash-industry-forum_dash.js.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dash-industry-forum/dash.js/.github/workflows/deploy.yml", "*", "input.deploy_path", "code-injection", "generated"] - ["dash-industry-forum/dash.js/.github/workflows/deploy.yml", "*", "input.envname", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-go.model.yml b/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-go.model.yml index 58c30f3cd02..1ed7561a533 100644 --- a/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-go.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-go.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["datadog/dd-trace-go/.github/workflows/smoke-tests.yml", "*", "input.go-libddwaf-ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-py.model.yml b/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-py.model.yml index d6c0ced50a6..738fde2cb86 100644 --- a/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-py.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/datadog_dd-trace-py.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["datadog/dd-trace-py/.github/workflows/lib-inject-publish.yml", "*", "input.ddtrace-version", "code-injection", "generated"] - ["datadog/dd-trace-py/.github/workflows/build-and-publish-image.yml", "*", "input.context", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/datafuselabs_databend.model.yml b/ql/lib/ext/generated/reusable-workflows/datafuselabs_databend.model.yml index fdcb8775dad..c61a63f1144 100644 --- a/ql/lib/ext/generated/reusable-workflows/datafuselabs_databend.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/datafuselabs_databend.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["datafuselabs/databend/.github/workflows/reuse.benchmark.yml", "*", "input.run_id", "code-injection", "generated"] - ["datafuselabs/databend/.github/workflows/reuse.benchmark.yml", "*", "input.source_id", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-bigquery.model.yml b/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-bigquery.model.yml index 66889d2cf42..fef036f4f29 100644 --- a/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-bigquery.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-bigquery.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dbt-labs/dbt-bigquery/.github/workflows/release.yml", "*", "input.s3_bucket_name", "code-injection", "generated"] - ["dbt-labs/dbt-bigquery/.github/workflows/release.yml", "*", "input.build_script_path", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-core.model.yml b/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-core.model.yml index e5c5cfeabd3..b13ba8bc40f 100644 --- a/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-core.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-core.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dbt-labs/dbt-core/.github/workflows/release.yml", "*", "input.nightly_release", "code-injection", "generated"] - ["dbt-labs/dbt-core/.github/workflows/release.yml", "*", "input.test_run", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-snowflake.model.yml b/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-snowflake.model.yml index 4dc3fc2bc98..3fb2fefff6b 100644 --- a/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-snowflake.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/dbt-labs_dbt-snowflake.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dbt-labs/dbt-snowflake/.github/workflows/release.yml", "*", "input.s3_bucket_name", "code-injection", "generated"] - ["dbt-labs/dbt-snowflake/.github/workflows/release.yml", "*", "input.build_script_path", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/decidim_decidim.model.yml b/ql/lib/ext/generated/reusable-workflows/decidim_decidim.model.yml index 52c4b4c7a24..4344e254be0 100644 --- a/ql/lib/ext/generated/reusable-workflows/decidim_decidim.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/decidim_decidim.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["decidim/decidim/.github/workflows/test_app.yml", "*", "input.test_command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/defectdojo_django-defectdojo.model.yml b/ql/lib/ext/generated/reusable-workflows/defectdojo_django-defectdojo.model.yml index 038f92a5317..2a7c5feafea 100644 --- a/ql/lib/ext/generated/reusable-workflows/defectdojo_django-defectdojo.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/defectdojo_django-defectdojo.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["defectdojo/django-defectdojo/.github/workflows/release-x-manual-helm-chart.yml", "*", "input.release_number", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dependencytrack_dependency-track.model.yml b/ql/lib/ext/generated/reusable-workflows/dependencytrack_dependency-track.model.yml index 6fab83acf59..9ccb41c3a8c 100644 --- a/ql/lib/ext/generated/reusable-workflows/dependencytrack_dependency-track.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/dependencytrack_dependency-track.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dependencytrack/dependency-track/.github/workflows/_meta-build.yaml", "*", "input.app-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/devexpress_testcafe.model.yml b/ql/lib/ext/generated/reusable-workflows/devexpress_testcafe.model.yml index 238856cc7b9..b71e6c001d0 100644 --- a/ql/lib/ext/generated/reusable-workflows/devexpress_testcafe.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/devexpress_testcafe.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["devexpress/testcafe/.github/workflows/test-server.yml", "*", "input.test-script", "code-injection", "generated"] - ["devexpress/testcafe/.github/workflows/test-functional.yml", "*", "input.test-script", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/dfhack_dfhack.model.yml b/ql/lib/ext/generated/reusable-workflows/dfhack_dfhack.model.yml index 71b584f5427..ff0695c0ef2 100644 --- a/ql/lib/ext/generated/reusable-workflows/dfhack_dfhack.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/dfhack_dfhack.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dfhack/dfhack/.github/workflows/build-windows.yml", "*", "input.artifact-name", "code-injection", "generated"] - ["dfhack/dfhack/.github/workflows/build-windows.yml", "*", "input.append-date-and-hash", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/docker_build-push-action.model.yml b/ql/lib/ext/generated/reusable-workflows/docker_build-push-action.model.yml index 1aa15482887..9576ce3892a 100644 --- a/ql/lib/ext/generated/reusable-workflows/docker_build-push-action.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/docker_build-push-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["docker/build-push-action/.github/workflows/.e2e-run.yml", "*", "input.id", "code-injection", "generated"] - ["docker/build-push-action/.github/workflows/.e2e-run.yml", "*", "input.type", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/dragonwell-project_dragonwell11.model.yml b/ql/lib/ext/generated/reusable-workflows/dragonwell-project_dragonwell11.model.yml index 89dd705f590..b78d6118411 100644 --- a/ql/lib/ext/generated/reusable-workflows/dragonwell-project_dragonwell11.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/dragonwell-project_dragonwell11.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["dragonwell-project/dragonwell11/.github/workflows/test.yml", "*", "input.platform", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/earthly_earthly.model.yml b/ql/lib/ext/generated/reusable-workflows/earthly_earthly.model.yml index eb57c708bf5..cbe56806056 100644 --- a/ql/lib/ext/generated/reusable-workflows/earthly_earthly.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/earthly_earthly.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["earthly/earthly/.github/workflows/reusable-wait-block-target.yml", "*", "input.BINARY", "code-injection", "generated"] - ["earthly/earthly/.github/workflows/reusable-wait-block-target.yml", "*", "input.SUDO", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vert.x.model.yml b/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vert.x.model.yml index 048a753c553..391bbc6aacb 100644 --- a/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vert.x.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vert.x.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["eclipse-vertx/vert.x/.github/workflows/ci.yml", "*", "input.profile", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vertx-sql-client.model.yml b/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vertx-sql-client.model.yml index 739f6a546b2..f8b490726da 100644 --- a/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vertx-sql-client.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/eclipse-vertx_vertx-sql-client.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["eclipse-vertx/vertx-sql-client/.github/workflows/ci.yml", "*", "input.profile", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/elastic_elasticsearch-net.model.yml b/ql/lib/ext/generated/reusable-workflows/elastic_elasticsearch-net.model.yml index f6c2769caaf..889499eea3d 100644 --- a/ql/lib/ext/generated/reusable-workflows/elastic_elasticsearch-net.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/elastic_elasticsearch-net.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["elastic/elasticsearch-net/.github/workflows/release.yml", "*", "input.solution", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/element-hq_element-desktop.model.yml b/ql/lib/ext/generated/reusable-workflows/element-hq_element-desktop.model.yml index 4d104c74c66..2dce19050ed 100644 --- a/ql/lib/ext/generated/reusable-workflows/element-hq_element-desktop.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/element-hq_element-desktop.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["element-hq/element-desktop/.github/workflows/build_windows.yaml", "*", "input.version", "code-injection", "generated"] - ["element-hq/element-desktop/.github/workflows/build_prepare.yaml", "*", "input.config", "code-injection", "generated"] @@ -11,6 +11,6 @@ extensions: - ["element-hq/element-desktop/.github/workflows/build_linux.yaml", "*", "input.version", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["element-hq/element-desktop/.github/workflows/build_prepare.yaml", "*", "input.deploy", "output.deploy", "taint", "manual"] diff --git a/ql/lib/ext/generated/reusable-workflows/envoyproxy_envoy.model.yml b/ql/lib/ext/generated/reusable-workflows/envoyproxy_envoy.model.yml index 2a9e2f9fd1a..c80f8e732b6 100644 --- a/ql/lib/ext/generated/reusable-workflows/envoyproxy_envoy.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/envoyproxy_envoy.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["envoyproxy/envoy/.github/workflows/_load.yml", "*", "input.run-id", "output.run-id", "taint", "manual"] - ["envoyproxy/envoy/.github/workflows/_load.yml", "*", "input.check-name", "output.check-name", "taint", "manual"] diff --git a/ql/lib/ext/generated/reusable-workflows/etcd-io_bbolt.model.yml b/ql/lib/ext/generated/reusable-workflows/etcd-io_bbolt.model.yml index 9f56abf2858..b85a11d81f2 100644 --- a/ql/lib/ext/generated/reusable-workflows/etcd-io_bbolt.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/etcd-io_bbolt.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["etcd-io/bbolt/.github/workflows/robustness_template.yaml", "*", "input.testTimeout", "code-injection", "generated"] - ["etcd-io/bbolt/.github/workflows/robustness_template.yaml", "*", "input.count", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/etcd-io_etcd.model.yml b/ql/lib/ext/generated/reusable-workflows/etcd-io_etcd.model.yml index 8c73342d5fe..f8102400cc7 100644 --- a/ql/lib/ext/generated/reusable-workflows/etcd-io_etcd.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/etcd-io_etcd.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["etcd-io/etcd/.github/workflows/tests-template.yaml", "*", "input.arch", "code-injection", "generated"] - ["etcd-io/etcd/.github/workflows/robustness-template.yaml", "*", "input.scenario", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/eventstore_eventstore.model.yml b/ql/lib/ext/generated/reusable-workflows/eventstore_eventstore.model.yml index 87253d88224..1af7b832203 100644 --- a/ql/lib/ext/generated/reusable-workflows/eventstore_eventstore.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/eventstore_eventstore.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["eventstore/eventstore/.github/workflows/build-reusable.yml", "*", "input.arch", "code-injection", "generated"] - ["eventstore/eventstore/.github/workflows/build-container-reusable.yml", "*", "input.container-runtime", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/expensify_app.model.yml b/ql/lib/ext/generated/reusable-workflows/expensify_app.model.yml index 9eb4c17cd3a..c0688a4a5e0 100644 --- a/ql/lib/ext/generated/reusable-workflows/expensify_app.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/expensify_app.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["expensify/app/.github/workflows/e2ePerformanceTests.yml", "*", "input.PR_NUMBER", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/external-secrets_external-secrets.model.yml b/ql/lib/ext/generated/reusable-workflows/external-secrets_external-secrets.model.yml index 860dcdcb43d..4e91308a004 100644 --- a/ql/lib/ext/generated/reusable-workflows/external-secrets_external-secrets.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/external-secrets_external-secrets.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["external-secrets/external-secrets/.github/workflows/publish.yml", "*", "input.image-tag", "code-injection", "generated"] - ["external-secrets/external-secrets/.github/workflows/publish.yml", "*", "input.tag-suffix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/facebook_create-react-app.model.yml b/ql/lib/ext/generated/reusable-workflows/facebook_create-react-app.model.yml index 539edcd5891..bc42c619599 100644 --- a/ql/lib/ext/generated/reusable-workflows/facebook_create-react-app.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/facebook_create-react-app.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["facebook/create-react-app/.github/workflows/e2e-base.yml", "*", "input.testScript", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/facebookresearch_xformers.model.yml b/ql/lib/ext/generated/reusable-workflows/facebookresearch_xformers.model.yml index b1b37d967e9..68925b294bb 100644 --- a/ql/lib/ext/generated/reusable-workflows/facebookresearch_xformers.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/facebookresearch_xformers.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["facebookresearch/xformers/.github/workflows/wheels_upload_s3.yml", "*", "input.aws_s3_cp_extra_args", "code-injection", "generated"] - ["facebookresearch/xformers/.github/workflows/wheels_upload_s3.yml", "*", "input.s3_path", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/falcosecurity_falco.model.yml b/ql/lib/ext/generated/reusable-workflows/falcosecurity_falco.model.yml index 51691edc1f9..c3ff42ed604 100644 --- a/ql/lib/ext/generated/reusable-workflows/falcosecurity_falco.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/falcosecurity_falco.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["falcosecurity/falco/.github/workflows/reusable_build_packages.yaml", "*", "input.build_type", "code-injection", "generated"] - ["falcosecurity/falco/.github/workflows/reusable_build_packages.yaml", "*", "input.version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/fastify_fastify.model.yml b/ql/lib/ext/generated/reusable-workflows/fastify_fastify.model.yml index 3a14f6a879d..964436f33ca 100644 --- a/ql/lib/ext/generated/reusable-workflows/fastify_fastify.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/fastify_fastify.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["fastify/fastify/.github/workflows/citgm-package.yml", "*", "input.package", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/ferretdb_ferretdb.model.yml b/ql/lib/ext/generated/reusable-workflows/ferretdb_ferretdb.model.yml index c7f84e83db5..995940550e1 100644 --- a/ql/lib/ext/generated/reusable-workflows/ferretdb_ferretdb.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/ferretdb_ferretdb.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ferretdb/ferretdb/.github/workflows/_integration.yml", "*", "input.task", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/filecoin-project_venus.model.yml b/ql/lib/ext/generated/reusable-workflows/filecoin-project_venus.model.yml index 72383be71ca..93653f07819 100644 --- a/ql/lib/ext/generated/reusable-workflows/filecoin-project_venus.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/filecoin-project_venus.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["filecoin-project/venus/.github/workflows/common_go.yml", "*", "input.test_timeout", "code-injection", "generated"] - ["filecoin-project/venus/.github/workflows/common_go.yml", "*", "input.log_level", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/firebase_firebase-unity-sdk.model.yml b/ql/lib/ext/generated/reusable-workflows/firebase_firebase-unity-sdk.model.yml index 8b05adf053e..961070778cf 100644 --- a/ql/lib/ext/generated/reusable-workflows/firebase_firebase-unity-sdk.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/firebase_firebase-unity-sdk.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["firebase/firebase-unity-sdk/.github/workflows/update_versions.yml", "*", "input.triggered_by_callable", "code-injection", "generated"] - ["firebase/firebase-unity-sdk/.github/workflows/update_versions.yml", "*", "input.package_version_number", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/flarum_framework.model.yml b/ql/lib/ext/generated/reusable-workflows/flarum_framework.model.yml index 9eec959ade3..9f1cc82523c 100644 --- a/ql/lib/ext/generated/reusable-workflows/flarum_framework.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/flarum_framework.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["flarum/framework/.github/workflows/REUSABLE_backend.yml", "*", "input.monorepo_tests", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/fluent_fluent-bit.model.yml b/ql/lib/ext/generated/reusable-workflows/fluent_fluent-bit.model.yml index 835301ecc73..68babc09b6a 100644 --- a/ql/lib/ext/generated/reusable-workflows/fluent_fluent-bit.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/fluent_fluent-bit.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["fluent/fluent-bit/.github/workflows/call-windows-unit-tests.yaml", "*", "input.unstable", "code-injection", "generated"] - ["fluent/fluent-bit/lib/wasm-micro-runtime-WAMR-1.3.0/.github/workflows/reuse_latest_release_binaries.yml", "*", "input.the_path", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/flux-iac_tofu-controller.model.yml b/ql/lib/ext/generated/reusable-workflows/flux-iac_tofu-controller.model.yml index 9a99588239e..f4271e5424b 100644 --- a/ql/lib/ext/generated/reusable-workflows/flux-iac_tofu-controller.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/flux-iac_tofu-controller.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["flux-iac/tofu-controller/.github/workflows/targeted-test.yaml", "*", "input.pattern", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/flyteorg_flyte.model.yml b/ql/lib/ext/generated/reusable-workflows/flyteorg_flyte.model.yml index 12c370b33ad..f20f7997d3c 100644 --- a/ql/lib/ext/generated/reusable-workflows/flyteorg_flyte.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/flyteorg_flyte.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["flyteorg/flyte/.github/workflows/publish.yml", "*", "input.before-build", "code-injection", "generated"] - ["flyteorg/flyte/.github/workflows/integration.yml", "*", "input.component", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/foundatiofx_foundatio.model.yml b/ql/lib/ext/generated/reusable-workflows/foundatiofx_foundatio.model.yml index 0e03216fc69..da5617fd144 100644 --- a/ql/lib/ext/generated/reusable-workflows/foundatiofx_foundatio.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/foundatiofx_foundatio.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["foundatiofx/foundatio/.github/workflows/build-workflow.yml", "*", "input.org", "code-injection", "generated"] - ["foundatiofx/foundatio/.github/workflows/build-workflow.yml", "*", "input.solution", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/freecad_freecad.model.yml b/ql/lib/ext/generated/reusable-workflows/freecad_freecad.model.yml index 081378c9617..78821b4dad3 100644 --- a/ql/lib/ext/generated/reusable-workflows/freecad_freecad.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/freecad_freecad.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["freecad/freecad/.github/workflows/sub_wrapup.yml", "*", "input.previousSteps", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/getpelican_pelican.model.yml b/ql/lib/ext/generated/reusable-workflows/getpelican_pelican.model.yml index fcd9c292901..f0c9290ca22 100644 --- a/ql/lib/ext/generated/reusable-workflows/getpelican_pelican.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/getpelican_pelican.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["getpelican/pelican/.github/workflows/github_pages.yml", "*", "input.output-path", "code-injection", "generated"] - ["getpelican/pelican/.github/workflows/github_pages.yml", "*", "input.settings", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/getporter_porter.model.yml b/ql/lib/ext/generated/reusable-workflows/getporter_porter.model.yml index 19822c29fcd..21d23698931 100644 --- a/ql/lib/ext/generated/reusable-workflows/getporter_porter.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/getporter_porter.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["getporter/porter/.github/workflows/build_pipelinesrelease_template.yml", "*", "input.registry", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-dart.model.yml b/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-dart.model.yml index d0ccde698b1..ac38cac602d 100644 --- a/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-dart.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-dart.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["getsentry/sentry-dart/.github/workflows/analyze.yml", "*", "input.panaThreshold", "code-injection", "generated"] - ["getsentry/sentry-dart/.github/workflows/analyze.yml", "*", "input.sdk", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-unity.model.yml b/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-unity.model.yml index 027da83e922..a9f87db955e 100644 --- a/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-unity.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/getsentry_sentry-unity.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["getsentry/sentry-unity/.github/workflows/sdk.yml", "*", "input.target", "code-injection", "generated"] - ["getsentry/sentry-unity/.github/workflows/android-smoke-test.yml", "*", "input.api-level", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/gitpod-io_gitpod.model.yml b/ql/lib/ext/generated/reusable-workflows/gitpod-io_gitpod.model.yml index a914aa631c3..99c706b0c28 100644 --- a/ql/lib/ext/generated/reusable-workflows/gitpod-io_gitpod.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/gitpod-io_gitpod.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["gitpod-io/gitpod/.github/workflows/jetbrains-auto-update-template.yml", "*", "input.productId", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/gittools_gitversion.model.yml b/ql/lib/ext/generated/reusable-workflows/gittools_gitversion.model.yml index d0fe6b0eff5..f8d0172d684 100644 --- a/ql/lib/ext/generated/reusable-workflows/gittools_gitversion.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/gittools_gitversion.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["gittools/gitversion/.github/workflows/_artifacts_linux.yml", "*", "input.arch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_magic-modules.model.yml b/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_magic-modules.model.yml index 3d3a4de2946..5afda471f8b 100644 --- a/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_magic-modules.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_magic-modules.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["googlecloudplatform/magic-modules/.github/workflows/build-downstream.yml", "*", "input.repo", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_nodejs-docs-samples.model.yml b/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_nodejs-docs-samples.model.yml index 4c58af6969d..4e5ca50ccec 100644 --- a/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_nodejs-docs-samples.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/googlecloudplatform_nodejs-docs-samples.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["googlecloudplatform/nodejs-docs-samples/.github/workflows/test.yaml", "*", "input.path", "code-injection", "generated"] - ["googlecloudplatform/nodejs-docs-samples/.github/workflows/test.yaml", "*", "input.name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/gravitational_teleport.model.yml b/ql/lib/ext/generated/reusable-workflows/gravitational_teleport.model.yml index 8629f279891..02801615bd5 100644 --- a/ql/lib/ext/generated/reusable-workflows/gravitational_teleport.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/gravitational_teleport.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["gravitational/teleport/.github/workflows/update-ami-ids.yaml", "*", "input.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/gravitl_netmaker.model.yml b/ql/lib/ext/generated/reusable-workflows/gravitl_netmaker.model.yml index 4a6bbd77ec9..d808d612857 100644 --- a/ql/lib/ext/generated/reusable-workflows/gravitl_netmaker.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/gravitl_netmaker.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["gravitl/netmaker/.github/workflows/publish-docker.yml", "*", "input.tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/h2oai_wave.model.yml b/ql/lib/ext/generated/reusable-workflows/h2oai_wave.model.yml index c22998ee52a..e543dc8b7f3 100644 --- a/ql/lib/ext/generated/reusable-workflows/h2oai_wave.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/h2oai_wave.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["h2oai/wave/.github/workflows/wave-bundle-docker-build-publish.yaml", "*", "input.build-version", "code-injection", "generated"] - ["h2oai/wave/.github/workflows/wave-bundle-docker-build-publish.yaml", "*", "input.wave-app-name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/hadashia_vcontainer.model.yml b/ql/lib/ext/generated/reusable-workflows/hadashia_vcontainer.model.yml index c74922e61dc..891d902f470 100644 --- a/ql/lib/ext/generated/reusable-workflows/hadashia_vcontainer.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/hadashia_vcontainer.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hadashia/vcontainer/.github/workflows/update-version-number.yaml", "*", "input.dry-run", "code-injection", "generated"] - ["hadashia/vcontainer/.github/workflows/update-version-number.yaml", "*", "input.tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hashgraph_hedera-services.model.yml b/ql/lib/ext/generated/reusable-workflows/hashgraph_hedera-services.model.yml index c9c7e8318f7..334d64dfbec 100644 --- a/ql/lib/ext/generated/reusable-workflows/hashgraph_hedera-services.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/hashgraph_hedera-services.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["hashgraph/hedera-services/.github/workflows/zxc-publish-production-image.yaml", "*", "input.version", "output.docker-image-tag", "taint", "manual"] - ["hashgraph/hedera-services/.github/workflows/zxc-publish-production-image.yaml", "*", "input.version", "output.docker-image", "taint", "manual"] diff --git a/ql/lib/ext/generated/reusable-workflows/hashicorp_boundary.model.yml b/ql/lib/ext/generated/reusable-workflows/hashicorp_boundary.model.yml index 169094c3eb3..2c600cd7f7d 100644 --- a/ql/lib/ext/generated/reusable-workflows/hashicorp_boundary.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_boundary.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hashicorp/boundary/.github/workflows/test-cli-ui_oss.yml", "*", "input.artifact-name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hashicorp_consul.model.yml b/ql/lib/ext/generated/reusable-workflows/hashicorp_consul.model.yml index 6e4e4f4f1e9..cc6c4e620e6 100644 --- a/ql/lib/ext/generated/reusable-workflows/hashicorp_consul.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_consul.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hashicorp/consul/.github/workflows/reusable-unit.yml", "*", "input.package-names-command", "code-injection", "generated"] - ["hashicorp/consul/.github/workflows/reusable-unit.yml", "*", "input.go-test-flags", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-cdk.model.yml b/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-cdk.model.yml index dbc26ef9f04..efbf050ddc9 100644 --- a/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-cdk.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-cdk.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hashicorp/terraform-cdk/.github/workflows/unit.yml", "*", "input.package", "code-injection", "generated"] - ["hashicorp/terraform-cdk/.github/workflows/registry-docs-pr-based.yml", "*", "input.gitUser", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-provider-tfe.model.yml b/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-provider-tfe.model.yml index c69de7cfcc2..9860bd3ab92 100644 --- a/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-provider-tfe.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform-provider-tfe.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hashicorp/terraform-provider-tfe/.github/workflows/jira-issue-sync.yml", "*", "input.issue-extra-fields", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform.model.yml b/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform.model.yml index 685b0b144c9..c160c29f6f6 100644 --- a/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_terraform.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hashicorp/terraform/.github/workflows/build-terraform-cli.yml", "*", "input.product-version", "code-injection", "generated"] - ["hashicorp/terraform/.github/workflows/build-terraform-cli.yml", "*", "input.package-name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/hashicorp_vault.model.yml b/ql/lib/ext/generated/reusable-workflows/hashicorp_vault.model.yml index 9e3fc5cdc4f..910715eece0 100644 --- a/ql/lib/ext/generated/reusable-workflows/hashicorp_vault.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_vault.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hashicorp/vault/.github/workflows/test-run-enos-scenario-matrix.yml", "*", "input.sample-max", "code-injection", "generated"] - ["hashicorp/vault/.github/workflows/test-run-enos-scenario-matrix.yml", "*", "input.sample-name", "code-injection", "generated"] @@ -16,7 +16,7 @@ extensions: - ["hashicorp/vault/.github/workflows/test-enos-scenario-ui.yml", "*", "input.storage_backend", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["hashicorp/vault/.github/workflows/build-artifacts-ce.yml", "*", "input.vault-version-package", "output.testable-packages", "taint", "manual"] - ["hashicorp/vault/.github/workflows/build-artifacts-ce.yml", "*", "input.vault-revision", "output.testable-containers", "taint", "manual"] diff --git a/ql/lib/ext/generated/reusable-workflows/heroku_cli.model.yml b/ql/lib/ext/generated/reusable-workflows/heroku_cli.model.yml index 4cd6cd8f591..f04e67670d3 100644 --- a/ql/lib/ext/generated/reusable-workflows/heroku_cli.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/heroku_cli.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["heroku/cli/.github/workflows/publish-npm.yml", "*", "input.isStableRelease", "code-injection", "generated"] - ["heroku/cli/.github/workflows/promote.yml", "*", "input.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hitobito_hitobito.model.yml b/ql/lib/ext/generated/reusable-workflows/hitobito_hitobito.model.yml index 01726410e18..3d5fa057987 100644 --- a/ql/lib/ext/generated/reusable-workflows/hitobito_hitobito.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/hitobito_hitobito.model.yml @@ -1,13 +1,13 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hitobito/hitobito/.github/workflows/sbom.yml", "*", "input.project_name", "code-injection", "generated"] - ["hitobito/hitobito/.github/workflows/sbom.yml", "*", "input.dependency_track_url", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["hitobito/hitobito/.github/workflows/stage-settings.yml", "*", "input.stage", "output.release_stage", "taint", "manual"] - ["hitobito/hitobito/.github/workflows/stage-settings.yml", "*", "input.repository", "output.repo_url", "taint", "manual"] diff --git a/ql/lib/ext/generated/reusable-workflows/home-assistant_operating-system.model.yml b/ql/lib/ext/generated/reusable-workflows/home-assistant_operating-system.model.yml index 90e61bcf11a..31d0e691e7f 100644 --- a/ql/lib/ext/generated/reusable-workflows/home-assistant_operating-system.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/home-assistant_operating-system.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["home-assistant/operating-system/.github/workflows/test.yaml", "*", "input.version", "code-injection", "generated"] - ["home-assistant/operating-system/.github/workflows/artifacts-index.yaml", "*", "input.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/homuler_mediapipeunityplugin.model.yml b/ql/lib/ext/generated/reusable-workflows/homuler_mediapipeunityplugin.model.yml index b4e1ff8155a..5f9da314f90 100644 --- a/ql/lib/ext/generated/reusable-workflows/homuler_mediapipeunityplugin.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/homuler_mediapipeunityplugin.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["homuler/mediapipeunityplugin/.github/workflows/package.yml", "*", "input.windowsBuildArgs", "code-injection", "generated"] - ["homuler/mediapipeunityplugin/.github/workflows/package.yml", "*", "input.bazelBuildArgs", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/huggingface_doc-builder.model.yml b/ql/lib/ext/generated/reusable-workflows/huggingface_doc-builder.model.yml index 3621105b74e..7ae494adb2b 100644 --- a/ql/lib/ext/generated/reusable-workflows/huggingface_doc-builder.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/huggingface_doc-builder.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["huggingface/doc-builder/.github/workflows/upload_pr_documentation.yml", "*", "input.package_name", "code-injection", "generated"] - ["huggingface/doc-builder/.github/workflows/upload_pr_documentation.yml", "*", "input.repo_owner", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/huggingface_transformers.model.yml b/ql/lib/ext/generated/reusable-workflows/huggingface_transformers.model.yml index b6660df1c9b..dce969719d2 100644 --- a/ql/lib/ext/generated/reusable-workflows/huggingface_transformers.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/huggingface_transformers.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["huggingface/transformers/.github/workflows/slack-report.yml", "*", "input.folder_slices", "code-injection", "generated"] - ["huggingface/transformers/.github/workflows/slack-report.yml", "*", "input.setup_status", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/hyperion-project_hyperion.ng.model.yml b/ql/lib/ext/generated/reusable-workflows/hyperion-project_hyperion.ng.model.yml index ead0bcfab16..cd5d5ff7d0f 100644 --- a/ql/lib/ext/generated/reusable-workflows/hyperion-project_hyperion.ng.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/hyperion-project_hyperion.ng.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["hyperion-project/hyperion.ng/.github/workflows/qt5_6.yml", "*", "input.pull_request_number", "code-injection", "generated"] - ["hyperion-project/hyperion.ng/.github/workflows/qt5_6.yml", "*", "input.qt_version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/ibm_sarama.model.yml b/ql/lib/ext/generated/reusable-workflows/ibm_sarama.model.yml index 6f9a12e9069..fd17e601d80 100644 --- a/ql/lib/ext/generated/reusable-workflows/ibm_sarama.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/ibm_sarama.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ibm/sarama/.github/workflows/fvt.yml", "*", "input.kafka-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/icloud-photos-downloader_icloud_photos_downloader.model.yml b/ql/lib/ext/generated/reusable-workflows/icloud-photos-downloader_icloud_photos_downloader.model.yml index 8ac32e4a7b7..bed40dce429 100644 --- a/ql/lib/ext/generated/reusable-workflows/icloud-photos-downloader_icloud_photos_downloader.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/icloud-photos-downloader_icloud_photos_downloader.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["icloud-photos-downloader/icloud_photos_downloader/.github/workflows/build-package.yml", "*", "input.icloudpd_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/immich-app_immich.model.yml b/ql/lib/ext/generated/reusable-workflows/immich-app_immich.model.yml index 3c21fcad386..62a12e47138 100644 --- a/ql/lib/ext/generated/reusable-workflows/immich-app_immich.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/immich-app_immich.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["immich-app/immich/.github/workflows/build-mobile.yml", "*", "input.ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/inria_spoon.model.yml b/ql/lib/ext/generated/reusable-workflows/inria_spoon.model.yml index e0d2508932f..7491c4f951a 100644 --- a/ql/lib/ext/generated/reusable-workflows/inria_spoon.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/inria_spoon.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["inria/spoon/.github/workflows/jreleaser.yml", "*", "input.release-script-to-run", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/intel_intel-device-plugins-for-kubernetes.model.yml b/ql/lib/ext/generated/reusable-workflows/intel_intel-device-plugins-for-kubernetes.model.yml index 96830183506..1876f1146cb 100644 --- a/ql/lib/ext/generated/reusable-workflows/intel_intel-device-plugins-for-kubernetes.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/intel_intel-device-plugins-for-kubernetes.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["intel/intel-device-plugins-for-kubernetes/.github/workflows/lib-publish.yaml", "*", "input.image_tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/inverse-inc_packetfence.model.yml b/ql/lib/ext/generated/reusable-workflows/inverse-inc_packetfence.model.yml index 7f9299eb4d3..4a8534429f9 100644 --- a/ql/lib/ext/generated/reusable-workflows/inverse-inc_packetfence.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/inverse-inc_packetfence.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["inverse-inc/packetfence/.github/workflows/reusable_upload_packages.yml", "*", "input._PACKAGE_NAME", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/ispc_ispc.model.yml b/ql/lib/ext/generated/reusable-workflows/ispc_ispc.model.yml index 7a79d4c1e09..ecac3f22f85 100644 --- a/ql/lib/ext/generated/reusable-workflows/ispc_ispc.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/ispc_ispc.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ispc/ispc/.github/workflows/reusable.rebuild.yml", "*", "input.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/jetbrains_intellij-platform-gradle-plugin.model.yml b/ql/lib/ext/generated/reusable-workflows/jetbrains_intellij-platform-gradle-plugin.model.yml index 55888f48551..ffc4193edbf 100644 --- a/ql/lib/ext/generated/reusable-workflows/jetbrains_intellij-platform-gradle-plugin.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/jetbrains_intellij-platform-gradle-plugin.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["jetbrains/intellij-platform-gradle-plugin/.github/workflows/reusable-single-unitTest.yml", "*", "input.gradleVersion", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/jupyter_docker-stacks.model.yml b/ql/lib/ext/generated/reusable-workflows/jupyter_docker-stacks.model.yml index ea453ec4811..93b29308ff2 100644 --- a/ql/lib/ext/generated/reusable-workflows/jupyter_docker-stacks.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/jupyter_docker-stacks.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["jupyter/docker-stacks/.github/workflows/docker-tag-push.yml", "*", "input.image", "code-injection", "generated"] - ["jupyter/docker-stacks/.github/workflows/docker-tag-push.yml", "*", "input.variant", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/kairos-io_kairos.model.yml b/ql/lib/ext/generated/reusable-workflows/kairos-io_kairos.model.yml index 39005b693e7..c5965c5d8ef 100644 --- a/ql/lib/ext/generated/reusable-workflows/kairos-io_kairos.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/kairos-io_kairos.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kairos-io/kairos/.github/workflows/reusable-zfs-test.yaml", "*", "input.flavor", "code-injection", "generated"] - ["kairos-io/kairos/.github/workflows/reusable-upgrade-with-cli-test.yaml", "*", "input.flavor_release", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/kanidm_kanidm.model.yml b/ql/lib/ext/generated/reusable-workflows/kanidm_kanidm.model.yml index 4b485083191..1fc5159e55a 100644 --- a/ql/lib/ext/generated/reusable-workflows/kanidm_kanidm.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/kanidm_kanidm.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kanidm/kanidm/.github/workflows/kanidm_individual_book.yml", "*", "input.tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/kata-containers_kata-containers.model.yml b/ql/lib/ext/generated/reusable-workflows/kata-containers_kata-containers.model.yml index f45709cfa0f..bce14a98edd 100644 --- a/ql/lib/ext/generated/reusable-workflows/kata-containers_kata-containers.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/kata-containers_kata-containers.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kata-containers/kata-containers/.github/workflows/release-s390x.yaml", "*", "input.target-arch", "code-injection", "generated"] - ["kata-containers/kata-containers/.github/workflows/release-ppc64le.yaml", "*", "input.target-arch", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/kiali_kiali.model.yml b/ql/lib/ext/generated/reusable-workflows/kiali_kiali.model.yml index 1d8dc84c2f0..0439d6e1d4c 100644 --- a/ql/lib/ext/generated/reusable-workflows/kiali_kiali.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/kiali_kiali.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kiali/kiali/.github/workflows/test-images-creator.yml", "*", "input.build_mode", "code-injection", "generated"] - ["kiali/kiali/.github/workflows/test-images-creator.yml", "*", "input.release_branch", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/kotest_kotest.model.yml b/ql/lib/ext/generated/reusable-workflows/kotest_kotest.model.yml index f404aa73762..357e11b3c0b 100644 --- a/ql/lib/ext/generated/reusable-workflows/kotest_kotest.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/kotest_kotest.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kotest/kotest/.github/workflows/run-gradle.yml", "*", "input.task", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/kubernetes_ingress-nginx.model.yml b/ql/lib/ext/generated/reusable-workflows/kubernetes_ingress-nginx.model.yml index 2f546ce3f57..4d3ea1e9156 100644 --- a/ql/lib/ext/generated/reusable-workflows/kubernetes_ingress-nginx.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/kubernetes_ingress-nginx.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kubernetes/ingress-nginx/.github/workflows/zz-tmpl-k8s-e2e.yaml", "*", "input.k8s-version", "code-injection", "generated"] - ["kubernetes/ingress-nginx/.github/workflows/zz-tmpl-images.yaml", "*", "input.name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/kubescape_kubescape.model.yml b/ql/lib/ext/generated/reusable-workflows/kubescape_kubescape.model.yml index 9e8b1e43993..44b905cab67 100644 --- a/ql/lib/ext/generated/reusable-workflows/kubescape_kubescape.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/kubescape_kubescape.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kubescape/kubescape/.github/workflows/d-publish-image.yaml", "*", "input.image_tag", "code-injection", "generated"] - ["kubescape/kubescape/.github/workflows/d-publish-image.yaml", "*", "input.image_name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/kubeshop_botkube.model.yml b/ql/lib/ext/generated/reusable-workflows/kubeshop_botkube.model.yml index 20a24a4ec7f..192d975ea57 100644 --- a/ql/lib/ext/generated/reusable-workflows/kubeshop_botkube.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/kubeshop_botkube.model.yml @@ -1,12 +1,12 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kubeshop/botkube/.github/workflows/process-chart.yml", "*", "input.next-version", "code-injection", "generated"] - ["kubeshop/botkube/.github/workflows/process-chart.yml", "*", "input.release-branch", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["kubeshop/botkube/.github/workflows/process-chart.yml", "*", "input.next-version", "output.new-version", "taint", "manual"] diff --git a/ql/lib/ext/generated/reusable-workflows/kumahq_kuma.model.yml b/ql/lib/ext/generated/reusable-workflows/kumahq_kuma.model.yml index 666a86caf88..627fca5d3ff 100644 --- a/ql/lib/ext/generated/reusable-workflows/kumahq_kuma.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/kumahq_kuma.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["kumahq/kuma/.github/workflows/_build_publish.yaml", "*", "input.VERSION_NAME", "code-injection", "generated"] - ["kumahq/kuma/.github/workflows/_build_publish.yaml", "*", "input.REGISTRY", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/labring_sealos.model.yml b/ql/lib/ext/generated/reusable-workflows/labring_sealos.model.yml index d4926952f1a..4d4fd0f229e 100644 --- a/ql/lib/ext/generated/reusable-workflows/labring_sealos.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/labring_sealos.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["labring/sealos/.github/workflows/services.yml", "*", "input.push_image_tag", "code-injection", "generated"] - ["labring/sealos/.github/workflows/services.yml", "*", "input.push_image", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/laion-ai_open-assistant.model.yml b/ql/lib/ext/generated/reusable-workflows/laion-ai_open-assistant.model.yml index 144c16ff8de..1ceacd2f1c0 100644 --- a/ql/lib/ext/generated/reusable-workflows/laion-ai_open-assistant.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/laion-ai_open-assistant.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["laion-ai/open-assistant/.github/workflows/docker-build.yaml", "*", "input.context", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/learningequality_kolibri.model.yml b/ql/lib/ext/generated/reusable-workflows/learningequality_kolibri.model.yml index f97ee81bcb9..ba0f5c06a67 100644 --- a/ql/lib/ext/generated/reusable-workflows/learningequality_kolibri.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/learningequality_kolibri.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["learningequality/kolibri/.github/workflows/upload_github_release_asset.yml", "*", "input.release_id", "code-injection", "generated"] - ["learningequality/kolibri/.github/workflows/upload_github_release_asset.yml", "*", "input.filename", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/lensesio_stream-reactor.model.yml b/ql/lib/ext/generated/reusable-workflows/lensesio_stream-reactor.model.yml index 401875059ec..3c8f11dd0cd 100644 --- a/ql/lib/ext/generated/reusable-workflows/lensesio_stream-reactor.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/lensesio_stream-reactor.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["lensesio/stream-reactor/.github/workflows/build.yml", "*", "input.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/leptos-rs_leptos.model.yml b/ql/lib/ext/generated/reusable-workflows/leptos-rs_leptos.model.yml index 6d6f9e17740..b7c00fff318 100644 --- a/ql/lib/ext/generated/reusable-workflows/leptos-rs_leptos.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/leptos-rs_leptos.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["leptos-rs/leptos/.github/workflows/run-cargo-make-task.yml", "*", "input.directory", "code-injection", "generated"] - ["leptos-rs/leptos/.github/workflows/run-cargo-make-task.yml", "*", "input.cargo_make_task", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/lightning-ai_pytorch-lightning.model.yml b/ql/lib/ext/generated/reusable-workflows/lightning-ai_pytorch-lightning.model.yml index a4b2b55262f..5a129691bc5 100644 --- a/ql/lib/ext/generated/reusable-workflows/lightning-ai_pytorch-lightning.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/lightning-ai_pytorch-lightning.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["lightning-ai/pytorch-lightning/.github/workflows/_legacy-checkpoints.yml", "*", "input.push_to_s3", "code-injection", "generated"] - ["lightning-ai/pytorch-lightning/.github/workflows/_legacy-checkpoints.yml", "*", "input.pl_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/liquibase_liquibase.model.yml b/ql/lib/ext/generated/reusable-workflows/liquibase_liquibase.model.yml index dd3bfe71b7b..bd07156d06b 100644 --- a/ql/lib/ext/generated/reusable-workflows/liquibase_liquibase.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/liquibase_liquibase.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["liquibase/liquibase/.github/workflows/build-azure-uber-jar.yml", "*", "input.liquibase-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/litestar-org_litestar.model.yml b/ql/lib/ext/generated/reusable-workflows/litestar-org_litestar.model.yml index 2207feeec22..b029e341710 100644 --- a/ql/lib/ext/generated/reusable-workflows/litestar-org_litestar.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/litestar-org_litestar.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["litestar-org/litestar/.github/workflows/test.yml", "*", "input.python-version", "code-injection", "generated"] - ["litestar-org/litestar/.github/workflows/notify-released-issues.yml", "*", "input.release_tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/llvm_circt.model.yml b/ql/lib/ext/generated/reusable-workflows/llvm_circt.model.yml index 2128369a7a9..995e692e494 100644 --- a/ql/lib/ext/generated/reusable-workflows/llvm_circt.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/llvm_circt.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["llvm/circt/.github/workflows/unifiedBuildTestAndInstall.yml", "*", "input.package_name_prefix", "code-injection", "generated"] - ["llvm/circt/.github/workflows/unifiedBuildTestAndInstall.yml", "*", "input.install", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/lnbits_lnbits.model.yml b/ql/lib/ext/generated/reusable-workflows/lnbits_lnbits.model.yml index 57791c68c0a..db325a06baa 100644 --- a/ql/lib/ext/generated/reusable-workflows/lnbits_lnbits.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/lnbits_lnbits.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["lnbits/lnbits/.github/workflows/make.yml", "*", "input.make", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/lutris_lutris.model.yml b/ql/lib/ext/generated/reusable-workflows/lutris_lutris.model.yml index 2a65a351255..2c91ab62b0c 100644 --- a/ql/lib/ext/generated/reusable-workflows/lutris_lutris.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/lutris_lutris.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["lutris/lutris/.github/workflows/publish-ppa.yml", "*", "input.PPA_URI", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mailu_mailu.model.yml b/ql/lib/ext/generated/reusable-workflows/mailu_mailu.model.yml index 53f6f6da728..8fdf39a0bbc 100644 --- a/ql/lib/ext/generated/reusable-workflows/mailu_mailu.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/mailu_mailu.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mailu/mailu/.github/workflows/build_test_deploy.yml", "*", "input.pinned_mailu_version", "code-injection", "generated"] - ["mailu/mailu/.github/workflows/build_test_deploy.yml", "*", "input.mailu_version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/mamba-org_mamba.model.yml b/ql/lib/ext/generated/reusable-workflows/mamba-org_mamba.model.yml index 8ef924313a9..00fceb9c7bd 100644 --- a/ql/lib/ext/generated/reusable-workflows/mamba-org_mamba.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/mamba-org_mamba.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mamba-org/mamba/.github/workflows/windows_impl.yml", "*", "input.build_type", "code-injection", "generated"] - ["mamba-org/mamba/.github/workflows/unix_impl.yml", "*", "input.build_type", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/manticoresoftware_manticoresearch.model.yml b/ql/lib/ext/generated/reusable-workflows/manticoresoftware_manticoresearch.model.yml index 800c95ac1bf..a6b947dfbce 100644 --- a/ql/lib/ext/generated/reusable-workflows/manticoresoftware_manticoresearch.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/manticoresoftware_manticoresearch.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["manticoresoftware/manticoresearch/.github/workflows/win_test_template.yml", "*", "input.CTEST_END", "code-injection", "generated"] - ["manticoresoftware/manticoresearch/.github/workflows/win_test_template.yml", "*", "input.CTEST_START", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/marcelotduarte_cx_freeze.model.yml b/ql/lib/ext/generated/reusable-workflows/marcelotduarte_cx_freeze.model.yml index 7a73bee6e57..9359ea482c0 100644 --- a/ql/lib/ext/generated/reusable-workflows/marcelotduarte_cx_freeze.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/marcelotduarte_cx_freeze.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["marcelotduarte/cx_freeze/.github/workflows/build-wheel.yml", "*", "input.branch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/materialdesigninxaml_materialdesigninxamltoolkit.model.yml b/ql/lib/ext/generated/reusable-workflows/materialdesigninxaml_materialdesigninxamltoolkit.model.yml index 08d64944bd9..023666e67ff 100644 --- a/ql/lib/ext/generated/reusable-workflows/materialdesigninxaml_materialdesigninxamltoolkit.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/materialdesigninxaml_materialdesigninxamltoolkit.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["materialdesigninxaml/materialdesigninxamltoolkit/.github/workflows/build_artifacts.yml", "*", "input.mdix-mahapps-version", "code-injection", "generated"] - ["materialdesigninxaml/materialdesigninxamltoolkit/.github/workflows/build_artifacts.yml", "*", "input.mdix-colors-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/matter-labs_zksync-era.model.yml b/ql/lib/ext/generated/reusable-workflows/matter-labs_zksync-era.model.yml index d1097c47aeb..7005b7dd7c9 100644 --- a/ql/lib/ext/generated/reusable-workflows/matter-labs_zksync-era.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/matter-labs_zksync-era.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["matter-labs/zksync-era/.github/workflows/ci-core-reusable.yml", "*", "input.compilers", "code-injection", "generated"] - ["matter-labs/zksync-era/.github/workflows/build-prover-template.yml", "*", "input.image_tag_suffix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mattermost_desktop.model.yml b/ql/lib/ext/generated/reusable-workflows/mattermost_desktop.model.yml index 8d7fb64ad3a..8b73f89401a 100644 --- a/ql/lib/ext/generated/reusable-workflows/mattermost_desktop.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/mattermost_desktop.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mattermost/desktop/.github/workflows/e2e-functional-template.yml", "*", "input.nightly", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mattermost_mattermost.model.yml b/ql/lib/ext/generated/reusable-workflows/mattermost_mattermost.model.yml index d7790e533c9..3cf43b814db 100644 --- a/ql/lib/ext/generated/reusable-workflows/mattermost_mattermost.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/mattermost_mattermost.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mattermost/mattermost/.github/workflows/server-test-template.yml", "*", "input.name", "code-injection", "generated"] - ["mattermost/mattermost/.github/workflows/server-test-template.yml", "*", "input.drivername", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/mealie-recipes_mealie.model.yml b/ql/lib/ext/generated/reusable-workflows/mealie-recipes_mealie.model.yml index 093ed8bcfd1..d33e308c7eb 100644 --- a/ql/lib/ext/generated/reusable-workflows/mealie-recipes_mealie.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/mealie-recipes_mealie.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mealie-recipes/mealie/.github/workflows/partial-builder.yml", "*", "input.tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/meshery_meshery.model.yml b/ql/lib/ext/generated/reusable-workflows/meshery_meshery.model.yml index 0ce99bc5fa9..5c1de93f08a 100644 --- a/ql/lib/ext/generated/reusable-workflows/meshery_meshery.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/meshery_meshery.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["meshery/meshery/.github/workflows/test_adaptersv2.yaml", "*", "input.adapter_version", "code-injection", "generated"] - ["meshery/meshery/.github/workflows/test_adaptersv2.yaml", "*", "input.sm_version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/meshtastic_firmware.model.yml b/ql/lib/ext/generated/reusable-workflows/meshtastic_firmware.model.yml index 2767dfbec76..aab9fa502cb 100644 --- a/ql/lib/ext/generated/reusable-workflows/meshtastic_firmware.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/meshtastic_firmware.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["meshtastic/firmware/.github/workflows/build_rpi2040.yml", "*", "input.board", "code-injection", "generated"] - ["meshtastic/firmware/.github/workflows/build_nrf52.yml", "*", "input.board", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/microcks_microcks.model.yml b/ql/lib/ext/generated/reusable-workflows/microcks_microcks.model.yml index 2c5679329c1..b58fff831e1 100644 --- a/ql/lib/ext/generated/reusable-workflows/microcks_microcks.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/microcks_microcks.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["microcks/microcks/.github/workflows/package-native.yml", "*", "input.image-tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_applicationinsights-java.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_applicationinsights-java.model.yml index b3e26a1cf13..f96264fbf42 100644 --- a/ql/lib/ext/generated/reusable-workflows/microsoft_applicationinsights-java.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_applicationinsights-java.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["microsoft/applicationinsights-java/.github/workflows/reusable-scheduled-job-notification.yml", "*", "input.success", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_chat-copilot.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_chat-copilot.model.yml index 963b64673a9..6aaf6aa2783 100644 --- a/ql/lib/ext/generated/reusable-workflows/microsoft_chat-copilot.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_chat-copilot.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["microsoft/chat-copilot/.github/workflows/copilot-run-integration-tests.yml", "*", "input.BACKEND_HOST", "code-injection", "generated"] - ["microsoft/chat-copilot/.github/workflows/copilot-deploy-plugins.yml", "*", "input.DEPLOYMENT_NAME", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_msquic.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_msquic.model.yml index fcf55466a9e..d246f4ce644 100644 --- a/ql/lib/ext/generated/reusable-workflows/microsoft_msquic.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_msquic.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["microsoft/msquic/.github/workflows/build-reuse-winkernel.yml", "*", "input.arch", "code-injection", "generated"] - ["microsoft/msquic/.github/workflows/build-reuse-winkernel.yml", "*", "input.tls", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_oryx.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_oryx.model.yml index 979bd414141..a35a1a628e6 100644 --- a/ql/lib/ext/generated/reusable-workflows/microsoft_oryx.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_oryx.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["microsoft/oryx/.github/workflows/automationTemplate.yaml", "*", "input.platformName", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_pr-metrics.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_pr-metrics.model.yml index 55d810d29b5..ec22645570f 100644 --- a/ql/lib/ext/generated/reusable-workflows/microsoft_pr-metrics.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_pr-metrics.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["microsoft/pr-metrics/.github/workflows/release-phase-1-internal.yml", "*", "input.patch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_react-native-windows-samples.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_react-native-windows-samples.model.yml index 19350db868c..e0eccb26a54 100644 --- a/ql/lib/ext/generated/reusable-workflows/microsoft_react-native-windows-samples.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_react-native-windows-samples.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["microsoft/react-native-windows-samples/.github/workflows/template-upgradesample.yml", "*", "input.extraRunWindowsArgs", "code-injection", "generated"] - ["microsoft/react-native-windows-samples/.github/workflows/template-upgradesample.yml", "*", "input.platform", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/microsoft_vscode-cpptools.model.yml b/ql/lib/ext/generated/reusable-workflows/microsoft_vscode-cpptools.model.yml index 8d9af1a4e15..5f85bb1a91a 100644 --- a/ql/lib/ext/generated/reusable-workflows/microsoft_vscode-cpptools.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/microsoft_vscode-cpptools.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["microsoft/vscode-cpptools/.github/workflows/job-compile-and-test.yml", "*", "input.yarn-args", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/moby_buildkit.model.yml b/ql/lib/ext/generated/reusable-workflows/moby_buildkit.model.yml index 47c09bf4f63..7f1af324260 100644 --- a/ql/lib/ext/generated/reusable-workflows/moby_buildkit.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/moby_buildkit.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["moby/buildkit/.github/workflows/.test.yml", "*", "input.env", "code-injection", "generated"] - ["moby/buildkit/.github/workflows/.test.yml", "*", "input.includes", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/moby_moby.model.yml b/ql/lib/ext/generated/reusable-workflows/moby_moby.model.yml index 4ff0273b47a..b06b390e718 100644 --- a/ql/lib/ext/generated/reusable-workflows/moby_moby.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/moby_moby.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["moby/moby/.github/workflows/.windows.yml", "*", "input.storage", "code-injection", "generated"] - ["moby/moby/.github/workflows/.windows.yml", "*", "input.os", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mosaicml_composer.model.yml b/ql/lib/ext/generated/reusable-workflows/mosaicml_composer.model.yml index ba53c900ce8..d5746b566cc 100644 --- a/ql/lib/ext/generated/reusable-workflows/mosaicml_composer.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/mosaicml_composer.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mosaicml/composer/.github/workflows/docker-configure-build-push.yaml", "*", "input.context", "code-injection", "generated"] - ["mosaicml/composer/.github/workflows/docker-configure-build-push.yaml", "*", "input.tags", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/msys2_setup-msys2.model.yml b/ql/lib/ext/generated/reusable-workflows/msys2_setup-msys2.model.yml index e43a220a278..fbe9e286d2b 100644 --- a/ql/lib/ext/generated/reusable-workflows/msys2_setup-msys2.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/msys2_setup-msys2.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["msys2/setup-msys2/.github/workflows/PKGBUILD.yml", "*", "input.test", "code-injection", "generated"] - ["msys2/setup-msys2/.github/workflows/PKGBUILD.yml", "*", "input.path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mudler_localai.model.yml b/ql/lib/ext/generated/reusable-workflows/mudler_localai.model.yml index dd20d310079..6ba2fc75375 100644 --- a/ql/lib/ext/generated/reusable-workflows/mudler_localai.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/mudler_localai.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mudler/localai/.github/workflows/image_build.yml", "*", "input.latest-image-aio", "code-injection", "generated"] - ["mudler/localai/.github/workflows/image_build.yml", "*", "input.latest-image", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/mustardchef_wsabuilds.model.yml b/ql/lib/ext/generated/reusable-workflows/mustardchef_wsabuilds.model.yml index 3b9777b3f3a..6d522b776dc 100644 --- a/ql/lib/ext/generated/reusable-workflows/mustardchef_wsabuilds.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/mustardchef_wsabuilds.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mustardchef/wsabuilds/.github/workflows/buildarm64.yml", "*", "input.amazonflag", "code-injection", "generated"] - ["mustardchef/wsabuilds/.github/workflows/buildarm64.yml", "*", "input.magiskver", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/n8n-io_n8n.model.yml b/ql/lib/ext/generated/reusable-workflows/n8n-io_n8n.model.yml index 3561bd15c36..c210f350439 100644 --- a/ql/lib/ext/generated/reusable-workflows/n8n-io_n8n.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/n8n-io_n8n.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["n8n-io/n8n/.github/workflows/e2e-reusable.yml", "*", "input.pr_number", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/napari_napari.model.yml b/ql/lib/ext/generated/reusable-workflows/napari_napari.model.yml index 29da5a83b62..81eeb82033c 100644 --- a/ql/lib/ext/generated/reusable-workflows/napari_napari.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/napari_napari.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["napari/napari/.github/workflows/reusable_run_tox_test.yml", "*", "input.qt_backend", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/nasa_fprime.model.yml b/ql/lib/ext/generated/reusable-workflows/nasa_fprime.model.yml index 9b92197cf5d..6d81f2ff242 100644 --- a/ql/lib/ext/generated/reusable-workflows/nasa_fprime.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/nasa_fprime.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nasa/fprime/.github/workflows/reusable-project-builder.yml", "*", "input.target_platform", "code-injection", "generated"] - ["nasa/fprime/.github/workflows/reusable-project-builder.yml", "*", "input.fprime_location", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/nautobot_nautobot.model.yml b/ql/lib/ext/generated/reusable-workflows/nautobot_nautobot.model.yml index cbed3964cff..b7ea7250825 100644 --- a/ql/lib/ext/generated/reusable-workflows/nautobot_nautobot.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/nautobot_nautobot.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nautobot/nautobot/.github/workflows/plugin_upstream_testing_base.yml", "*", "input.invoke_context_name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/nektos_act.model.yml b/ql/lib/ext/generated/reusable-workflows/nektos_act.model.yml index 29b47c04336..972b6f15baa 100644 --- a/ql/lib/ext/generated/reusable-workflows/nektos_act.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/nektos_act.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nektos/act/pkg/runner/testdata/workflow_call_inputs/workflow_call_inputs.yml", "*", "input.with_default", "code-injection", "generated"] - ["nektos/act/pkg/runner/testdata/workflow_call_inputs/workflow_call_inputs.yml", "*", "input.required", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/neondatabase_neon.model.yml b/ql/lib/ext/generated/reusable-workflows/neondatabase_neon.model.yml index 3b8a83bc8c6..07f0c5c0f69 100644 --- a/ql/lib/ext/generated/reusable-workflows/neondatabase_neon.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/neondatabase_neon.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["neondatabase/neon/.github/workflows/build-build-tools-image.yml", "*", "input.image-tag", "output.image-tag", "taint", "manual"] - ["neondatabase/neon/.github/workflows/build-build-tools-image.yml", "*", "input.image-tag", "output.image", "taint", "manual"] diff --git a/ql/lib/ext/generated/reusable-workflows/neovim_neovim.model.yml b/ql/lib/ext/generated/reusable-workflows/neovim_neovim.model.yml index 3c406b3bc0e..6bbf33e7f89 100644 --- a/ql/lib/ext/generated/reusable-workflows/neovim_neovim.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/neovim_neovim.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["neovim/neovim/.github/workflows/test_windows.yml", "*", "input.build_flags", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/nethermindeth_nethermind.model.yml b/ql/lib/ext/generated/reusable-workflows/nethermindeth_nethermind.model.yml index 3a94887f8ff..165965dd568 100644 --- a/ql/lib/ext/generated/reusable-workflows/nethermindeth_nethermind.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/nethermindeth_nethermind.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nethermindeth/nethermind/.github/workflows/run-a-single-node-from-branch.yml", "*", "input.custom_run_id", "code-injection", "generated"] - ["nethermindeth/nethermind/.github/workflows/run-a-single-node-from-branch.yml", "*", "input.non_validator_mode", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-dotnet-agent.model.yml b/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-dotnet-agent.model.yml index 5198d5f418a..3d1e182458e 100644 --- a/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-dotnet-agent.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-dotnet-agent.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["newrelic/newrelic-dotnet-agent/.github/workflows/publish_release_notes.yml", "*", "input.agent_version", "code-injection", "generated"] - ["newrelic/newrelic-dotnet-agent/.github/workflows/post_deploy_agent.yml", "*", "input.test_mode", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-java-agent.model.yml b/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-java-agent.model.yml index e3694a38973..689cc91871a 100644 --- a/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-java-agent.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/newrelic_newrelic-java-agent.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["newrelic/newrelic-java-agent/.github/workflows/X-Reusable-VerifyInstrumentation.yml", "*", "input.page", "code-injection", "generated"] - ["newrelic/newrelic-java-agent/.github/workflows/GHA-Unit-Tests.yaml", "*", "input.agent-ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/newrelic_node-newrelic.model.yml b/ql/lib/ext/generated/reusable-workflows/newrelic_node-newrelic.model.yml index f6f33154581..0481c04cb67 100644 --- a/ql/lib/ext/generated/reusable-workflows/newrelic_node-newrelic.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/newrelic_node-newrelic.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["newrelic/node-newrelic/.github/workflows/release-creation.yml", "*", "input.changelog_file", "code-injection", "generated"] - ["newrelic/node-newrelic/.github/workflows/release-creation.yml", "*", "input.workflows", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/nexus-mods_nexusmods.app.model.yml b/ql/lib/ext/generated/reusable-workflows/nexus-mods_nexusmods.app.model.yml index 34efc8414d8..8c0c944a393 100644 --- a/ql/lib/ext/generated/reusable-workflows/nexus-mods_nexusmods.app.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/nexus-mods_nexusmods.app.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nexus-mods/nexusmods.app/.github/workflows/build-windows-pupnet.yaml", "*", "input.AppVersion", "code-injection", "generated"] - ["nexus-mods/nexusmods.app/.github/workflows/build-windows-pupnet.yaml", "*", "input.PupNetVersion", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/nginxinc_kubernetes-ingress.model.yml b/ql/lib/ext/generated/reusable-workflows/nginxinc_kubernetes-ingress.model.yml index 71866026ef9..8f4c4432408 100644 --- a/ql/lib/ext/generated/reusable-workflows/nginxinc_kubernetes-ingress.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/nginxinc_kubernetes-ingress.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nginxinc/kubernetes-ingress/.github/workflows/retag-images.yml", "*", "input.target_tag", "code-injection", "generated"] - ["nginxinc/kubernetes-ingress/.github/workflows/retag-images.yml", "*", "input.source_tag", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/nocodb_nocodb.model.yml b/ql/lib/ext/generated/reusable-workflows/nocodb_nocodb.model.yml index 83d241d21c0..9406f7d299c 100644 --- a/ql/lib/ext/generated/reusable-workflows/nocodb_nocodb.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/nocodb_nocodb.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nocodb/nocodb/.github/workflows/playwright-test-workflow.yml", "*", "input.shard", "code-injection", "generated"] - ["nocodb/nocodb/.github/workflows/playwright-test-workflow.yml", "*", "input.db", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/novuhq_novu.model.yml b/ql/lib/ext/generated/reusable-workflows/novuhq_novu.model.yml index 3021de12568..36838ef4ddb 100644 --- a/ql/lib/ext/generated/reusable-workflows/novuhq_novu.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/novuhq_novu.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["novuhq/novu/.github/workflows/reusable-workers-service-deploy.yml", "*", "input.docker_image", "code-injection", "generated"] - ["novuhq/novu/.github/workflows/reusable-workers-service-deploy.yml", "*", "input.terraform_workspace", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/npm_abbrev-js.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_abbrev-js.model.yml index d2cb1da1e9f..8b16601e6c2 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_abbrev-js.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_abbrev-js.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/abbrev-js/.github/workflows/release-integration.yml", "*", "input.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_cli.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_cli.model.yml index c551a135a14..e8db2ff568d 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_cli.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_cli.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/cli/.github/workflows/node-integration.yml", "*", "input.npmVersion", "code-injection", "generated"] - ["npm/cli/.github/workflows/node-integration.yml", "*", "input.nodeVersion", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_fs-minipass.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_fs-minipass.model.yml index f469f5de268..208e444adeb 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_fs-minipass.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_fs-minipass.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/fs-minipass/.github/workflows/release-integration.yml", "*", "input.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_hosted-git-info.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_hosted-git-info.model.yml index 7ec8dac3f7b..41edf0b0373 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_hosted-git-info.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_hosted-git-info.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/hosted-git-info/.github/workflows/release-integration.yml", "*", "input.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_ini.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_ini.model.yml index 4ce9252ce76..faca7973f1f 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_ini.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_ini.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/ini/.github/workflows/release-integration.yml", "*", "input.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_json-parse-even-better-errors.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_json-parse-even-better-errors.model.yml index abb5b43c327..76db6821c5e 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_json-parse-even-better-errors.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_json-parse-even-better-errors.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/json-parse-even-better-errors/.github/workflows/release-integration.yml", "*", "input.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_minify-registry-metadata.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_minify-registry-metadata.model.yml index 9e9da70e88e..383a88ed055 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_minify-registry-metadata.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_minify-registry-metadata.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/minify-registry-metadata/.github/workflows/release-integration.yml", "*", "input.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_mute-stream.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_mute-stream.model.yml index 8de3f4c1ca4..bcd3b09ed68 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_mute-stream.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_mute-stream.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/mute-stream/.github/workflows/release-integration.yml", "*", "input.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_node-semver.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_node-semver.model.yml index 5ec8c096934..53e16f8771a 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_node-semver.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_node-semver.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/node-semver/.github/workflows/release-integration.yml", "*", "input.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_node-which.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_node-which.model.yml index af9582282d0..4310e028de1 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_node-which.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_node-which.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/node-which/.github/workflows/release-integration.yml", "*", "input.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_nopt.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_nopt.model.yml index 61bbb9d5372..84d2f57a3fb 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_nopt.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_nopt.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/nopt/.github/workflows/release-integration.yml", "*", "input.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_normalize-package-data.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_normalize-package-data.model.yml index fdb440a742f..7debf6960ed 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_normalize-package-data.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_normalize-package-data.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/normalize-package-data/.github/workflows/release-integration.yml", "*", "input.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/npm_write-file-atomic.model.yml b/ql/lib/ext/generated/reusable-workflows/npm_write-file-atomic.model.yml index efd05d69abe..640180b870a 100644 --- a/ql/lib/ext/generated/reusable-workflows/npm_write-file-atomic.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/npm_write-file-atomic.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["npm/write-file-atomic/.github/workflows/release-integration.yml", "*", "input.releases", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/onflow_cadence.model.yml b/ql/lib/ext/generated/reusable-workflows/onflow_cadence.model.yml index 9be191425ff..7ea3039b552 100644 --- a/ql/lib/ext/generated/reusable-workflows/onflow_cadence.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/onflow_cadence.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["onflow/cadence/.github/workflows/compatibility-check-template.yml", "*", "input.base-branch", "code-injection", "generated"] - ["onflow/cadence/.github/workflows/compatibility-check-template.yml", "*", "input.repo", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/open-goal_jak-project.model.yml b/ql/lib/ext/generated/reusable-workflows/open-goal_jak-project.model.yml index 65a14c7cfaa..ced66aee32f 100644 --- a/ql/lib/ext/generated/reusable-workflows/open-goal_jak-project.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/open-goal_jak-project.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["open-goal/jak-project/.github/workflows/windows-build-msvc.yaml", "*", "input.cmakePreset", "code-injection", "generated"] - ["open-goal/jak-project/.github/workflows/windows-build-clang.yaml", "*", "input.cmakePreset", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-demo.model.yml b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-demo.model.yml index 2c031ea9dc6..e63440d1fca 100644 --- a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-demo.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-demo.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["open-telemetry/opentelemetry-demo/.github/workflows/build-images.yml", "*", "input.push", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet-contrib.model.yml b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet-contrib.model.yml index b90aacee9ca..f7021148c51 100644 --- a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet-contrib.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet-contrib.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["open-telemetry/opentelemetry-dotnet-contrib/.github/workflows/Component.Package.yml", "*", "input.project-name", "code-injection", "generated"] - ["open-telemetry/opentelemetry-dotnet-contrib/.github/workflows/Component.BuildTest.yml", "*", "input.project-name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet.model.yml b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet.model.yml index 56823f4e1ac..8345368057c 100644 --- a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-dotnet.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["open-telemetry/opentelemetry-dotnet/.github/workflows/Component.BuildTest.yml", "*", "input.project-name", "code-injection", "generated"] - ["open-telemetry/opentelemetry-dotnet/.github/workflows/Component.BuildTest.yml", "*", "input.project-build-commands", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-java-instrumentation.model.yml b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-java-instrumentation.model.yml index 0f2937f9d14..3754ebfa63d 100644 --- a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-java-instrumentation.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-java-instrumentation.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["open-telemetry/opentelemetry-java-instrumentation/.github/workflows/reusable-workflow-notification.yml", "*", "input.success", "code-injection", "generated"] - ["open-telemetry/opentelemetry-java-instrumentation/.github/workflows/reusable-smoke-test-images.yml", "*", "input.project", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-js-contrib.model.yml b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-js-contrib.model.yml index a88c74f8537..3e35747b558 100644 --- a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-js-contrib.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-js-contrib.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["open-telemetry/opentelemetry-js-contrib/.github/workflows/test-all-versions.yml", "*", "input.npm-workspace-args", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-operator.model.yml b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-operator.model.yml index b7dfd8fcc9b..a13f6863caa 100644 --- a/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-operator.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/open-telemetry_opentelemetry-operator.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["open-telemetry/opentelemetry-operator/.github/workflows/reusable-publish-autoinstrumentation-e2e-images.yaml", "*", "input.language", "code-injection", "generated"] - ["open-telemetry/opentelemetry-operator/.github/workflows/reusable-operator-hub-release.yaml", "*", "input.org", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/openbao_openbao.model.yml b/ql/lib/ext/generated/reusable-workflows/openbao_openbao.model.yml index 9de8130a93e..af5c300ea8b 100644 --- a/ql/lib/ext/generated/reusable-workflows/openbao_openbao.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/openbao_openbao.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["openbao/openbao/.github/workflows/test-run-acc-tests-for-path.yml", "*", "input.path", "code-injection", "generated"] - ["openbao/openbao/.github/workflows/test-run-acc-tests-for-path.yml", "*", "input.name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/openhab_openhab-docs.model.yml b/ql/lib/ext/generated/reusable-workflows/openhab_openhab-docs.model.yml index ea4980b8cd7..449ea8b7b49 100644 --- a/ql/lib/ext/generated/reusable-workflows/openhab_openhab-docs.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/openhab_openhab-docs.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["openhab/openhab-docs/.github/workflows/fetch_external_docs_reusable.yml", "*", "input.doc_base_name", "code-injection", "generated"] - ["openhab/openhab-docs/.github/workflows/fetch_external_docs_reusable.yml", "*", "input.base_file", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/openmined_pysyft.model.yml b/ql/lib/ext/generated/reusable-workflows/openmined_pysyft.model.yml index 8787c7e32c9..6656d42c4e6 100644 --- a/ql/lib/ext/generated/reusable-workflows/openmined_pysyft.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/openmined_pysyft.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["openmined/pysyft/.github/workflows/cd-post-release-tests.yml", "*", "input.release_platform", "code-injection", "generated"] - ["openmined/pysyft/.github/workflows/cd-post-release-tests.yml", "*", "input.syft_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/opentofu_opentofu.model.yml b/ql/lib/ext/generated/reusable-workflows/opentofu_opentofu.model.yml index ea55d53c215..6e7fdc34a54 100644 --- a/ql/lib/ext/generated/reusable-workflows/opentofu_opentofu.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/opentofu_opentofu.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["opentofu/opentofu/.github/workflows/build-opentofu-oss.yml", "*", "input.package-name", "code-injection", "generated"] - ["opentofu/opentofu/.github/workflows/build-opentofu-oss.yml", "*", "input.product-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/openttd_openttd.model.yml b/ql/lib/ext/generated/reusable-workflows/openttd_openttd.model.yml index add2fe0d2e2..8fc02a27e1c 100644 --- a/ql/lib/ext/generated/reusable-workflows/openttd_openttd.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/openttd_openttd.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["openttd/openttd/.github/workflows/release-windows.yml", "*", "input.survey_key", "code-injection", "generated"] - ["openttd/openttd/.github/workflows/upload-steam.yml", "*", "input.trigger_type", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/openvinotoolkit_openvino.model.yml b/ql/lib/ext/generated/reusable-workflows/openvinotoolkit_openvino.model.yml index 400cd50b59f..80f19676b4a 100644 --- a/ql/lib/ext/generated/reusable-workflows/openvinotoolkit_openvino.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/openvinotoolkit_openvino.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["openvinotoolkit/openvino/.github/workflows/job_tensorflow_models_tests.yml", "*", "input.model_scope", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/openxla_iree.model.yml b/ql/lib/ext/generated/reusable-workflows/openxla_iree.model.yml index 42122b5ee22..56b2ef6691e 100644 --- a/ql/lib/ext/generated/reusable-workflows/openxla_iree.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/openxla_iree.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["openxla/iree/.github/workflows/pkgci_regression_test_nvidiagpu_vulkan.yml", "*", "input.artifact_run_id", "code-injection", "generated"] - ["openxla/iree/.github/workflows/pkgci_regression_test_nvidiagpu_cuda.yml", "*", "input.artifact_run_id", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/openzfs_zfs.model.yml b/ql/lib/ext/generated/reusable-workflows/openzfs_zfs.model.yml index c694d3953f6..7bc952a8483 100644 --- a/ql/lib/ext/generated/reusable-workflows/openzfs_zfs.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/openzfs_zfs.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["openzfs/zfs/.github/workflows/zfs-linux-tests.yml", "*", "input.os", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/operator-framework_java-operator-sdk.model.yml b/ql/lib/ext/generated/reusable-workflows/operator-framework_java-operator-sdk.model.yml index 9ecf401cab5..1c0663dd01c 100644 --- a/ql/lib/ext/generated/reusable-workflows/operator-framework_java-operator-sdk.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/operator-framework_java-operator-sdk.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["operator-framework/java-operator-sdk/.github/workflows/integration-tests.yml", "*", "input.http-client", "code-injection", "generated"] - ["operator-framework/java-operator-sdk/.github/workflows/integration-tests.yml", "*", "input.kube-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/orange-opensource_hurl.model.yml b/ql/lib/ext/generated/reusable-workflows/orange-opensource_hurl.model.yml index 19fee627702..4da8f327662 100644 --- a/ql/lib/ext/generated/reusable-workflows/orange-opensource_hurl.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/orange-opensource_hurl.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["orange-opensource/hurl/.github/workflows/update-branch-version.yml", "*", "input.new_version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/paolosalvatori_servicebusexplorer.model.yml b/ql/lib/ext/generated/reusable-workflows/paolosalvatori_servicebusexplorer.model.yml index 4eb201001e1..4e8adfafe3c 100644 --- a/ql/lib/ext/generated/reusable-workflows/paolosalvatori_servicebusexplorer.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/paolosalvatori_servicebusexplorer.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["paolosalvatori/servicebusexplorer/.github/workflows/publish.yml", "*", "input.release-version", "code-injection", "generated"] - ["paolosalvatori/servicebusexplorer/.github/workflows/build-test.yml", "*", "input.release-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/parcel-bundler_parcel.model.yml b/ql/lib/ext/generated/reusable-workflows/parcel-bundler_parcel.model.yml index 94c7292b655..28cb702ce13 100644 --- a/ql/lib/ext/generated/reusable-workflows/parcel-bundler_parcel.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/parcel-bundler_parcel.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["parcel-bundler/parcel/.github/workflows/release.yml", "*", "input.release-command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pardeike_harmony.model.yml b/ql/lib/ext/generated/reusable-workflows/pardeike_harmony.model.yml index 6088ffcd702..cb315ee4328 100644 --- a/ql/lib/ext/generated/reusable-workflows/pardeike_harmony.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/pardeike_harmony.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pardeike/harmony/.github/workflows/test-build.yml", "*", "input.build_configuration", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pcsx2_pcsx2.model.yml b/ql/lib/ext/generated/reusable-workflows/pcsx2_pcsx2.model.yml index 05c4dc8ddf3..956c4cba966 100644 --- a/ql/lib/ext/generated/reusable-workflows/pcsx2_pcsx2.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/pcsx2_pcsx2.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pcsx2/pcsx2/.github/workflows/windows_build_qt.yml", "*", "input.configuration", "code-injection", "generated"] - ["pcsx2/pcsx2/.github/workflows/windows_build_qt.yml", "*", "input.platform", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/pennylaneai_pennylane.model.yml b/ql/lib/ext/generated/reusable-workflows/pennylaneai_pennylane.model.yml index affc12cdc4a..804c1bdae4e 100644 --- a/ql/lib/ext/generated/reusable-workflows/pennylaneai_pennylane.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/pennylaneai_pennylane.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pennylaneai/pennylane/.github/workflows/unit-test.yml", "*", "input.pytest_test_directory", "code-injection", "generated"] - ["pennylaneai/pennylane/.github/workflows/unit-test.yml", "*", "input.job_name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/pinecone-io_pinecone-python-client.model.yml b/ql/lib/ext/generated/reusable-workflows/pinecone-io_pinecone-python-client.model.yml index b1c4d2f2cbf..78d91b2afb5 100644 --- a/ql/lib/ext/generated/reusable-workflows/pinecone-io_pinecone-python-client.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/pinecone-io_pinecone-python-client.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pinecone-io/pinecone-python-client/.github/workflows/publish-to-pypi.yaml", "*", "input.prereleaseSuffix", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pixie-io_pixie.model.yml b/ql/lib/ext/generated/reusable-workflows/pixie-io_pixie.model.yml index 4ccbd71f8c3..31cadc3ff17 100644 --- a/ql/lib/ext/generated/reusable-workflows/pixie-io_pixie.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/pixie-io_pixie.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pixie-io/pixie/.github/workflows/perf_common.yaml", "*", "input.tags", "code-injection", "generated"] - ["pixie-io/pixie/.github/workflows/perf_common.yaml", "*", "input.suites", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/plantuml_plantuml.model.yml b/ql/lib/ext/generated/reusable-workflows/plantuml_plantuml.model.yml index 2eb2104b542..11362fda1e5 100644 --- a/ql/lib/ext/generated/reusable-workflows/plantuml_plantuml.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/plantuml_plantuml.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["plantuml/plantuml/.github/workflows/native-image.yml", "*", "input.release-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/powerdns_pdns.model.yml b/ql/lib/ext/generated/reusable-workflows/powerdns_pdns.model.yml index fee95860030..131cff3e92a 100644 --- a/ql/lib/ext/generated/reusable-workflows/powerdns_pdns.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/powerdns_pdns.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["powerdns/pdns/.github/workflows/build-packages.yml", "*", "input.os", "code-injection", "generated"] - ["powerdns/pdns/.github/workflows/build-packages.yml", "*", "input.product", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/preactjs_preact.model.yml b/ql/lib/ext/generated/reusable-workflows/preactjs_preact.model.yml index 49a98d4dda5..acc5bf51e35 100644 --- a/ql/lib/ext/generated/reusable-workflows/preactjs_preact.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/preactjs_preact.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["preactjs/preact/.github/workflows/run-bench.yml", "*", "input.benchmark", "code-injection", "generated"] - ["preactjs/preact/.github/workflows/run-bench.yml", "*", "input.trace", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/prismlauncher_prismlauncher.model.yml b/ql/lib/ext/generated/reusable-workflows/prismlauncher_prismlauncher.model.yml index aa432107a0d..c89d1c808c3 100644 --- a/ql/lib/ext/generated/reusable-workflows/prismlauncher_prismlauncher.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/prismlauncher_prismlauncher.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["prismlauncher/prismlauncher/.github/workflows/build.yml", "*", "input.build_type", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/product-os_flowzone.model.yml b/ql/lib/ext/generated/reusable-workflows/product-os_flowzone.model.yml index 40053c68c1a..0258c79e83f 100644 --- a/ql/lib/ext/generated/reusable-workflows/product-os_flowzone.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/product-os_flowzone.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["product-os/flowzone/.github/workflows/flowzone.yml", "*", "input.ok_to_test_label", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/project-oak_oak.model.yml b/ql/lib/ext/generated/reusable-workflows/project-oak_oak.model.yml index 645ec756783..ebeba1eb226 100644 --- a/ql/lib/ext/generated/reusable-workflows/project-oak_oak.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/project-oak_oak.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["project-oak/oak/.github/workflows/reusable_provenance.yaml", "*", "input.ent-public-key", "code-injection", "generated"] - ["project-oak/oak/.github/workflows/reusable_provenance.yaml", "*", "input.build-config-path", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/prql_prql.model.yml b/ql/lib/ext/generated/reusable-workflows/prql_prql.model.yml index 3d80594c0d5..5f709385839 100644 --- a/ql/lib/ext/generated/reusable-workflows/prql_prql.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/prql_prql.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["prql/prql/.github/workflows/test-rust.yaml", "*", "input.target", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pulumi_pulumi.model.yml b/ql/lib/ext/generated/reusable-workflows/pulumi_pulumi.model.yml index e542d409efe..e96dbba0699 100644 --- a/ql/lib/ext/generated/reusable-workflows/pulumi_pulumi.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/pulumi_pulumi.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pulumi/pulumi/.github/workflows/ci-run-test.yml", "*", "input.test-command", "code-injection", "generated"] - ["pulumi/pulumi/.github/workflows/ci-run-test.yml", "*", "input.test-name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/puppeteer_puppeteer.model.yml b/ql/lib/ext/generated/reusable-workflows/puppeteer_puppeteer.model.yml index 9cc02d3b38c..2a7a9afd5a6 100644 --- a/ql/lib/ext/generated/reusable-workflows/puppeteer_puppeteer.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/puppeteer_puppeteer.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["puppeteer/puppeteer/.github/workflows/changed-packages.yml", "*", "output.changes", "filename", "manual"] diff --git a/ql/lib/ext/generated/reusable-workflows/puppetlabs_puppetlabs-puppetdb.model.yml b/ql/lib/ext/generated/reusable-workflows/puppetlabs_puppetlabs-puppetdb.model.yml index 5ebf7426d16..5094422f3fe 100644 --- a/ql/lib/ext/generated/reusable-workflows/puppetlabs_puppetlabs-puppetdb.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/puppetlabs_puppetlabs-puppetdb.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["puppetlabs/puppetlabs-puppetdb/.github/workflows/module_spec.yml", "*", "input.ignore_dependency_check", "code-injection", "generated"] - ["puppetlabs/puppetlabs-puppetdb/.github/workflows/module_acceptance.yml", "*", "input.debug", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/pyo3_maturin.model.yml b/ql/lib/ext/generated/reusable-workflows/pyo3_maturin.model.yml index c5630248f7f..dff83745645 100644 --- a/ql/lib/ext/generated/reusable-workflows/pyo3_maturin.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/pyo3_maturin.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pyo3/maturin/.github/workflows/downstream.yml", "*", "input.manifest-dir", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pyo3_pyo3.model.yml b/ql/lib/ext/generated/reusable-workflows/pyo3_pyo3.model.yml index 4ea93f374b3..88b68dc4ea7 100644 --- a/ql/lib/ext/generated/reusable-workflows/pyo3_pyo3.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/pyo3_pyo3.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pyo3/pyo3/.github/workflows/build.yml", "*", "input.extra-features", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/python_cpython.model.yml b/ql/lib/ext/generated/reusable-workflows/python_cpython.model.yml index d702e7ad830..18c6974c74f 100644 --- a/ql/lib/ext/generated/reusable-workflows/python_cpython.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/python_cpython.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["python/cpython/.github/workflows/reusable-ubuntu.yml", "*", "input.options", "code-injection", "generated"] - ["python/cpython/.github/workflows/reusable-tsan.yml", "*", "input.options", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pytorch_botorch.model.yml b/ql/lib/ext/generated/reusable-workflows/pytorch_botorch.model.yml index baba2fc1e15..561c3e15e64 100644 --- a/ql/lib/ext/generated/reusable-workflows/pytorch_botorch.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/pytorch_botorch.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pytorch/botorch/.github/workflows/reusable_website.yml", "*", "input.release_tag", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/pytorch_xla.model.yml b/ql/lib/ext/generated/reusable-workflows/pytorch_xla.model.yml index feb68c4bdd7..961741f413f 100644 --- a/ql/lib/ext/generated/reusable-workflows/pytorch_xla.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/pytorch_xla.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pytorch/xla/.github/workflows/_test.yml", "*", "input.test-script", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/quarto-dev_quarto-cli.model.yml b/ql/lib/ext/generated/reusable-workflows/quarto-dev_quarto-cli.model.yml index d3b779c1afa..985652a265b 100644 --- a/ql/lib/ext/generated/reusable-workflows/quarto-dev_quarto-cli.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/quarto-dev_quarto-cli.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["quarto-dev/quarto-cli/.github/workflows/test-smokes.yml", "*", "input.buckets", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/rancher_dashboard.model.yml b/ql/lib/ext/generated/reusable-workflows/rancher_dashboard.model.yml index 6b0e733be17..3103913ab4f 100644 --- a/ql/lib/ext/generated/reusable-workflows/rancher_dashboard.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/rancher_dashboard.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["rancher/dashboard/.github/workflows/build-extension-charts.yml", "*", "input.tagged_release", "code-injection", "generated"] - ["rancher/dashboard/.github/workflows/build-extension-charts.yml", "*", "input.target_branch", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/rasterio_rasterio.model.yml b/ql/lib/ext/generated/reusable-workflows/rasterio_rasterio.model.yml index cf9971e8524..b89c1307d2d 100644 --- a/ql/lib/ext/generated/reusable-workflows/rasterio_rasterio.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/rasterio_rasterio.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["rasterio/rasterio/.github/workflows/test_gdal_build.yaml", "*", "input.gdal_ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/redisearch_redisearch.model.yml b/ql/lib/ext/generated/reusable-workflows/redisearch_redisearch.model.yml index b3518a7a8ee..9e60cc61bb5 100644 --- a/ql/lib/ext/generated/reusable-workflows/redisearch_redisearch.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/redisearch_redisearch.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["redisearch/redisearch/.github/workflows/flow-build-artifacts.yml", "*", "input.architecture", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/remix-run_remix.model.yml b/ql/lib/ext/generated/reusable-workflows/remix-run_remix.model.yml index a60fba237ef..cac4e298538 100644 --- a/ql/lib/ext/generated/reusable-workflows/remix-run_remix.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/remix-run_remix.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["remix-run/remix/.github/workflows/stacks.yml", "*", "input.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/rmcrackan_libation.model.yml b/ql/lib/ext/generated/reusable-workflows/rmcrackan_libation.model.yml index 37f2febb70f..eb2669a96ea 100644 --- a/ql/lib/ext/generated/reusable-workflows/rmcrackan_libation.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/rmcrackan_libation.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["rmcrackan/libation/.github/workflows/build-windows.yml", "*", "input.version_override", "code-injection", "generated"] - ["rmcrackan/libation/.github/workflows/build-linux.yml", "*", "input.architecture", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/rocketchat_rocket.chat.model.yml b/ql/lib/ext/generated/reusable-workflows/rocketchat_rocket.chat.model.yml index 6e3d48dbf89..590e518d350 100644 --- a/ql/lib/ext/generated/reusable-workflows/rocketchat_rocket.chat.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/rocketchat_rocket.chat.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["rocketchat/rocket.chat/.github/workflows/ci-test-e2e.yml", "*", "input.total-shard", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/ruby_ruby.wasm.model.yml b/ql/lib/ext/generated/reusable-workflows/ruby_ruby.wasm.model.yml index 465fff41145..d55af595b1c 100644 --- a/ql/lib/ext/generated/reusable-workflows/ruby_ruby.wasm.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/ruby_ruby.wasm.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ruby/ruby.wasm/.github/workflows/build.yml", "*", "input.prerel_name", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/rustdesk_rustdesk.model.yml b/ql/lib/ext/generated/reusable-workflows/rustdesk_rustdesk.model.yml index 3f091f1c961..1fd6cd394bc 100644 --- a/ql/lib/ext/generated/reusable-workflows/rustdesk_rustdesk.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/rustdesk_rustdesk.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["rustdesk/rustdesk/.github/workflows/third-party-RustDeskTempTopMostWindow.yml", "*", "input.target_version", "code-injection", "generated"] - ["rustdesk/rustdesk/.github/workflows/third-party-RustDeskTempTopMostWindow.yml", "*", "input.configuration", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/saadeghi_daisyui.model.yml b/ql/lib/ext/generated/reusable-workflows/saadeghi_daisyui.model.yml index efa591f749d..3583052045b 100644 --- a/ql/lib/ext/generated/reusable-workflows/saadeghi_daisyui.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/saadeghi_daisyui.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["saadeghi/daisyui/.github/workflows/write-release-notes.yml", "*", "input.daisyuiversion", "code-injection", "generated"] - ["saadeghi/daisyui/.github/workflows/deploy-docs.yml", "*", "input.daisyuiversion", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/sagemath_sage.model.yml b/ql/lib/ext/generated/reusable-workflows/sagemath_sage.model.yml index 4bd74701fde..f355ceee6da 100644 --- a/ql/lib/ext/generated/reusable-workflows/sagemath_sage.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/sagemath_sage.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["sagemath/sage/.github/workflows/macos.yml", "*", "input.stage", "code-injection", "generated"] - ["sagemath/sage/.github/workflows/macos.yml", "*", "input.targets_optional", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/schemastore_schemastore.model.yml b/ql/lib/ext/generated/reusable-workflows/schemastore_schemastore.model.yml index 34d11e19946..2b9190c87af 100644 --- a/ql/lib/ext/generated/reusable-workflows/schemastore_schemastore.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/schemastore_schemastore.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["schemastore/schemastore/src/test/github-workflow/reusable-workflow.yaml", "*", "input.constraints", "code-injection", "generated"] - ["schemastore/schemastore/src/negative_test/github-workflow/reusable-workflow-input-must-declare-type.yaml", "*", "input.constraints", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/scikit-learn_scikit-learn.model.yml b/ql/lib/ext/generated/reusable-workflows/scikit-learn_scikit-learn.model.yml index fb4a8248853..783ff3c0468 100644 --- a/ql/lib/ext/generated/reusable-workflows/scikit-learn_scikit-learn.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/scikit-learn_scikit-learn.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["scikit-learn/scikit-learn/.github/workflows/update_tracking_issue.yml", "*", "input.job_status", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/seleniumhq_selenium.model.yml b/ql/lib/ext/generated/reusable-workflows/seleniumhq_selenium.model.yml index ef3af44da3a..de853d30588 100644 --- a/ql/lib/ext/generated/reusable-workflows/seleniumhq_selenium.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/seleniumhq_selenium.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["seleniumhq/selenium/.github/workflows/bazel.yml", "*", "input.run", "code-injection", "generated"] - ["seleniumhq/selenium/.github/workflows/bazel.yml", "*", "input.ruby-version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-packager.model.yml b/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-packager.model.yml index a8c86c49d7c..31f09278ecd 100644 --- a/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-packager.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-packager.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["shaka-project/shaka-packager/.github/workflows/publish-npm.yaml", "*", "input.latest", "code-injection", "generated"] - ["shaka-project/shaka-packager/.github/workflows/publish-npm.yaml", "*", "input.tag", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-player.model.yml b/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-player.model.yml index 40549844d38..d45a2e2a03a 100644 --- a/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-player.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/shaka-project_shaka-player.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["shaka-project/shaka-player/.github/workflows/selenium-lab-tests.yaml", "*", "input.ignore_test_status", "code-injection", "generated"] - ["shaka-project/shaka-player/.github/workflows/selenium-lab-tests.yaml", "*", "input.test_filter", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/shimataro_ssh-key-action.model.yml b/ql/lib/ext/generated/reusable-workflows/shimataro_ssh-key-action.model.yml index bd180d9b367..896400bf2f1 100644 --- a/ql/lib/ext/generated/reusable-workflows/shimataro_ssh-key-action.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/shimataro_ssh-key-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["shimataro/ssh-key-action/.github/workflows/reusable-verify.yml", "*", "input.package_installation_command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/softfever_orcaslicer.model.yml b/ql/lib/ext/generated/reusable-workflows/softfever_orcaslicer.model.yml index 1e5721f1e7c..ade06c90c26 100644 --- a/ql/lib/ext/generated/reusable-workflows/softfever_orcaslicer.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/softfever_orcaslicer.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["softfever/orcaslicer/.github/workflows/build_orca.yml", "*", "input.arch", "code-injection", "generated"] - ["softfever/orcaslicer/.github/workflows/build_deps.yml", "*", "input.arch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/software-mansion_react-native-reanimated.model.yml b/ql/lib/ext/generated/reusable-workflows/software-mansion_react-native-reanimated.model.yml index b7a14240aed..f4c2d488ba3 100644 --- a/ql/lib/ext/generated/reusable-workflows/software-mansion_react-native-reanimated.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/software-mansion_react-native-reanimated.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["software-mansion/react-native-reanimated/.github/workflows/build-npm-package-action.yml", "*", "input.option", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/solana-labs_solana.model.yml b/ql/lib/ext/generated/reusable-workflows/solana-labs_solana.model.yml index 1a276f8812f..8a11ced42d0 100644 --- a/ql/lib/ext/generated/reusable-workflows/solana-labs_solana.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/solana-labs_solana.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["solana-labs/solana/.github/workflows/release-artifacts.yml", "*", "input.commit", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/sonarr_sonarr.model.yml b/ql/lib/ext/generated/reusable-workflows/sonarr_sonarr.model.yml index ef448c8f4c0..4c018b20f22 100644 --- a/ql/lib/ext/generated/reusable-workflows/sonarr_sonarr.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/sonarr_sonarr.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["sonarr/sonarr/.github/workflows/deploy.yml", "*", "input.version", "code-injection", "generated"] - ["sonarr/sonarr/.github/workflows/deploy.yml", "*", "input.branch", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/speedb-io_speedb.model.yml b/ql/lib/ext/generated/reusable-workflows/speedb-io_speedb.model.yml index 6c672170025..315c85efeb6 100644 --- a/ql/lib/ext/generated/reusable-workflows/speedb-io_speedb.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/speedb-io_speedb.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["speedb-io/speedb/.github/workflows/build_ubuntu_arm.yml", "*", "input.verSion", "code-injection", "generated"] - ["speedb-io/speedb/.github/workflows/build_macos_ARM.yml", "*", "input.verSion", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/spring-cloud_spring-cloud-dataflow.model.yml b/ql/lib/ext/generated/reusable-workflows/spring-cloud_spring-cloud-dataflow.model.yml index b7104a8b615..8a3132d5258 100644 --- a/ql/lib/ext/generated/reusable-workflows/spring-cloud_spring-cloud-dataflow.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/spring-cloud_spring-cloud-dataflow.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["spring-cloud/spring-cloud-dataflow/.github/workflows/build-images.yml", "*", "input.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/sqlfluff_sqlfluff.model.yml b/ql/lib/ext/generated/reusable-workflows/sqlfluff_sqlfluff.model.yml index cd81a723906..9a669c8c009 100644 --- a/ql/lib/ext/generated/reusable-workflows/sqlfluff_sqlfluff.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/sqlfluff_sqlfluff.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["sqlfluff/sqlfluff/.github/workflows/ci-test-python.yml", "*", "input.marks", "code-injection", "generated"] - ["sqlfluff/sqlfluff/.github/workflows/ci-test-python.yml", "*", "input.python-version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/stdlib-js_stdlib.model.yml b/ql/lib/ext/generated/reusable-workflows/stdlib-js_stdlib.model.yml index 1b2ce37480f..0ecb817822c 100644 --- a/ql/lib/ext/generated/reusable-workflows/stdlib-js_stdlib.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/stdlib-js_stdlib.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["stdlib-js/stdlib/.github/workflows/update_pr_copyright_years.yml", "*", "input.pull_request_number", "code-injection", "generated"] - ["stdlib-js/stdlib/.github/workflows/lint_autofix.yml", "*", "input.pull_request_number", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/stereokit_stereokit.model.yml b/ql/lib/ext/generated/reusable-workflows/stereokit_stereokit.model.yml index 91889927c45..e4590eeec8b 100644 --- a/ql/lib/ext/generated/reusable-workflows/stereokit_stereokit.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/stereokit_stereokit.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["stereokit/stereokit/.github/workflows/build.yml", "*", "input.patch", "code-injection", "generated"] - ["stereokit/stereokit/.github/workflows/build.yml", "*", "input.minor", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/streetsidesoftware_cspell.model.yml b/ql/lib/ext/generated/reusable-workflows/streetsidesoftware_cspell.model.yml index 8d4400bd3ea..ea0ddad0697 100644 --- a/ql/lib/ext/generated/reusable-workflows/streetsidesoftware_cspell.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/streetsidesoftware_cspell.model.yml @@ -1,11 +1,11 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["streetsidesoftware/cspell/.github/workflows/reuseable-pr-from-artifact.yml", "*", "input.patch_path", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["streetsidesoftware/cspell/.github/workflows/reuseable-load-integrations-repo-list.yml", "*", "input.ref", "output.ref", "taint", "manual"] diff --git a/ql/lib/ext/generated/reusable-workflows/supabase_auth.model.yml b/ql/lib/ext/generated/reusable-workflows/supabase_auth.model.yml index 29c7e1bd3e2..9352f766e82 100644 --- a/ql/lib/ext/generated/reusable-workflows/supabase_auth.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/supabase_auth.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["supabase/auth/.github/workflows/publish.yml", "*", "input.version", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/supabase_cli.model.yml b/ql/lib/ext/generated/reusable-workflows/supabase_cli.model.yml index 109dce9df0d..d436644f4ac 100644 --- a/ql/lib/ext/generated/reusable-workflows/supabase_cli.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/supabase_cli.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["supabase/cli/.github/workflows/mirror-image.yml", "*", "input.image", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/tencent_hippy.model.yml b/ql/lib/ext/generated/reusable-workflows/tencent_hippy.model.yml index e3643f0156b..c6c01abca90 100644 --- a/ql/lib/ext/generated/reusable-workflows/tencent_hippy.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/tencent_hippy.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["tencent/hippy/.github/workflows/reuse_get_workflow_output.yml", "*", "input.workflow_run", "code-injection", "generated"] - ["tencent/hippy/.github/workflows/reuse_classify_commits.yml", "*", "input.pull_request_number", "code-injection", "generated"] @@ -9,7 +9,7 @@ extensions: - ["tencent/hippy/.github/workflows/reuse_approve_checks_run.yml", "*", "input.pull_request_number", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["tencent/hippy/.github/workflows/reuse_approve_checks_run.yml", "*", "input.pull_request_head_sha", "output.pull_request_head_sha", "taint", "manual"] - ["tencent/hippy/.github/workflows/reuse_approve_checks_run.yml", "*", "input.pull_request_number", "output.pull_request_number", "taint", "manual"] diff --git a/ql/lib/ext/generated/reusable-workflows/tgstation_tgstation.model.yml b/ql/lib/ext/generated/reusable-workflows/tgstation_tgstation.model.yml index a4bba59b5a5..8a9f76e7e52 100644 --- a/ql/lib/ext/generated/reusable-workflows/tgstation_tgstation.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/tgstation_tgstation.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["tgstation/tgstation/.github/workflows/run_integration_tests.yml", "*", "input.map", "code-injection", "generated"] - ["tgstation/tgstation/.github/workflows/run_integration_tests.yml", "*", "input.minor", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/thesofproject_sof.model.yml b/ql/lib/ext/generated/reusable-workflows/thesofproject_sof.model.yml index d12982c35a4..8b3cfebc67b 100644 --- a/ql/lib/ext/generated/reusable-workflows/thesofproject_sof.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/thesofproject_sof.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["thesofproject/sof/.github/workflows/ipc_fuzzer.yml", "*", "input.fuzzing_duration_s", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/tiann_kernelsu.model.yml b/ql/lib/ext/generated/reusable-workflows/tiann_kernelsu.model.yml index deb10e5e4b4..9add4859f35 100644 --- a/ql/lib/ext/generated/reusable-workflows/tiann_kernelsu.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/tiann_kernelsu.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["tiann/kernelsu/.github/workflows/ksud.yml", "*", "input.target", "code-injection", "generated"] - ["tiann/kernelsu/.github/workflows/avd-kernel.yml", "*", "input.manifest_name", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/tiledb-inc_tiledb.model.yml b/ql/lib/ext/generated/reusable-workflows/tiledb-inc_tiledb.model.yml index 5c22f0ffcb7..efc8097b963 100644 --- a/ql/lib/ext/generated/reusable-workflows/tiledb-inc_tiledb.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/tiledb-inc_tiledb.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["tiledb-inc/tiledb/.github/workflows/ci-linux_mac.yml", "*", "input.asan", "code-injection", "generated"] - ["tiledb-inc/tiledb/.github/workflows/append-release-cmake.yml", "*", "input.ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/toeverything_affine.model.yml b/ql/lib/ext/generated/reusable-workflows/toeverything_affine.model.yml index 790e94c2aac..6a305522cfb 100644 --- a/ql/lib/ext/generated/reusable-workflows/toeverything_affine.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/toeverything_affine.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["toeverything/affine/.github/workflows/build-server-image.yml", "*", "input.flavor", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/tracel-ai_burn.model.yml b/ql/lib/ext/generated/reusable-workflows/tracel-ai_burn.model.yml index fedb21393bc..441325c76a5 100644 --- a/ql/lib/ext/generated/reusable-workflows/tracel-ai_burn.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/tracel-ai_burn.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["tracel-ai/burn/.github/workflows/publish-template.yml", "*", "input.crate", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/tribler_tribler.model.yml b/ql/lib/ext/generated/reusable-workflows/tribler_tribler.model.yml index f60fffb206e..5f0831afc07 100644 --- a/ql/lib/ext/generated/reusable-workflows/tribler_tribler.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/tribler_tribler.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["tribler/tribler/.github/workflows/pytest_custom_ipv8.yml", "*", "input.ipv8-git-ref", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/ubisoft_sharpmake.model.yml b/ql/lib/ext/generated/reusable-workflows/ubisoft_sharpmake.model.yml index c7fe932aba2..afd7aabc1fc 100644 --- a/ql/lib/ext/generated/reusable-workflows/ubisoft_sharpmake.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/ubisoft_sharpmake.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ubisoft/sharpmake/.github/workflows/build.yml", "*", "input.framework", "code-injection", "generated"] - ["ubisoft/sharpmake/.github/workflows/build.yml", "*", "input.configuration", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/unity-technologies_ml-agents.model.yml b/ql/lib/ext/generated/reusable-workflows/unity-technologies_ml-agents.model.yml index d47aea3363f..49e556f585f 100644 --- a/ql/lib/ext/generated/reusable-workflows/unity-technologies_ml-agents.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/unity-technologies_ml-agents.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["unity-technologies/ml-agents/.github/workflows/pytest.yml", "*", "input.pytest_markers", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/urbit_urbit.model.yml b/ql/lib/ext/generated/reusable-workflows/urbit_urbit.model.yml index f32acf5038e..24585aa50ed 100644 --- a/ql/lib/ext/generated/reusable-workflows/urbit_urbit.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/urbit_urbit.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["urbit/urbit/.github/workflows/shared.yml", "*", "input.pace", "code-injection", "generated"] - ["urbit/urbit/.github/workflows/shared.yml", "*", "input.next", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/uyuni-project_uyuni.model.yml b/ql/lib/ext/generated/reusable-workflows/uyuni-project_uyuni.model.yml index c739b5750cc..afc7af28f9b 100644 --- a/ql/lib/ext/generated/reusable-workflows/uyuni-project_uyuni.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/uyuni-project_uyuni.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["uyuni-project/uyuni/.github/workflows/acceptance_tests_common.yml", "*", "input.server_id", "code-injection", "generated"] - ["uyuni-project/uyuni/.github/workflows/acceptance_tests_common.yml", "*", "input.secondary_tests", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/vert-x3_vertx-hazelcast.model.yml b/ql/lib/ext/generated/reusable-workflows/vert-x3_vertx-hazelcast.model.yml index 7ac3c0fb530..5b3d91a8a7b 100644 --- a/ql/lib/ext/generated/reusable-workflows/vert-x3_vertx-hazelcast.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/vert-x3_vertx-hazelcast.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["vert-x3/vertx-hazelcast/.github/workflows/it.yml", "*", "input.hz", "code-injection", "generated"] - ["vert-x3/vertx-hazelcast/.github/workflows/ci.yml", "*", "input.hz", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/vkcom_vkui.model.yml b/ql/lib/ext/generated/reusable-workflows/vkcom_vkui.model.yml index c641035f966..b43253eb619 100644 --- a/ql/lib/ext/generated/reusable-workflows/vkcom_vkui.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/vkcom_vkui.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["vkcom/vkui/.github/workflows/reusable_workflow_test.yml", "*", "input.workspace", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/walletconnect_web3modal.model.yml b/ql/lib/ext/generated/reusable-workflows/walletconnect_web3modal.model.yml index adea8ae4bd2..89559cf57e3 100644 --- a/ql/lib/ext/generated/reusable-workflows/walletconnect_web3modal.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/walletconnect_web3modal.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["walletconnect/web3modal/.github/workflows/ui_tests.yml", "*", "input.command", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/warzone2100_warzone2100.model.yml b/ql/lib/ext/generated/reusable-workflows/warzone2100_warzone2100.model.yml index 857c946e2b7..6292841e56a 100644 --- a/ql/lib/ext/generated/reusable-workflows/warzone2100_warzone2100.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/warzone2100_warzone2100.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["warzone2100/warzone2100/.github/workflows/publish_web_build.yml", "*", "input.architecture", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/wasmedge_wasmedge.model.yml b/ql/lib/ext/generated/reusable-workflows/wasmedge_wasmedge.model.yml index 717022ea6e8..9f98fd51139 100644 --- a/ql/lib/ext/generated/reusable-workflows/wasmedge_wasmedge.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/wasmedge_wasmedge.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["wasmedge/wasmedge/.github/workflows/reusable-create-source-tarball.yml", "*", "input.version", "code-injection", "generated"] - ["wasmedge/wasmedge/.github/workflows/reusable-build-on-windows.yml", "*", "input.version", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/web-infra-dev_rspack.model.yml b/ql/lib/ext/generated/reusable-workflows/web-infra-dev_rspack.model.yml index 7dadb99209d..e04605511b8 100644 --- a/ql/lib/ext/generated/reusable-workflows/web-infra-dev_rspack.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/web-infra-dev_rspack.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["web-infra-dev/rspack/.github/workflows/reusable-build.yml", "*", "input.profile", "code-injection", "generated"] - ["web-infra-dev/rspack/.github/workflows/reusable-build.yml", "*", "input.target", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/werf_werf.model.yml b/ql/lib/ext/generated/reusable-workflows/werf_werf.model.yml index ca3cb0091e9..a77181e6c4e 100644 --- a/ql/lib/ext/generated/reusable-workflows/werf_werf.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/werf_werf.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["werf/werf/.github/workflows/_test_unit.yml", "*", "input.excludePackages", "code-injection", "generated"] - ["werf/werf/.github/workflows/_test_unit.yml", "*", "input.packages", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/widdix_aws-cf-templates.model.yml b/ql/lib/ext/generated/reusable-workflows/widdix_aws-cf-templates.model.yml index 6faf8b90057..6c90e29a43b 100644 --- a/ql/lib/ext/generated/reusable-workflows/widdix_aws-cf-templates.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/widdix_aws-cf-templates.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["widdix/aws-cf-templates/.github/workflows/acceptance-test-run.yml", "*", "input.tests", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/wildfly_wildfly.model.yml b/ql/lib/ext/generated/reusable-workflows/wildfly_wildfly.model.yml index 39b6773a2b1..6bacbc181da 100644 --- a/ql/lib/ext/generated/reusable-workflows/wildfly_wildfly.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/wildfly_wildfly.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["wildfly/wildfly/.github/workflows/shared-wildfly-build-and-test.yml", "*", "input.build-arguments", "code-injection", "generated"] - ["wildfly/wildfly/.github/workflows/shared-wildfly-build-and-test.yml", "*", "input.test-arguments", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/yt-dlp_yt-dlp.model.yml b/ql/lib/ext/generated/reusable-workflows/yt-dlp_yt-dlp.model.yml index cbbce950b41..83d438d4e3d 100644 --- a/ql/lib/ext/generated/reusable-workflows/yt-dlp_yt-dlp.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/yt-dlp_yt-dlp.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["yt-dlp/yt-dlp/.github/workflows/release.yml", "*", "input.target", "code-injection", "generated"] - ["yt-dlp/yt-dlp/.github/workflows/release.yml", "*", "input.source", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/zenml-io_zenml.model.yml b/ql/lib/ext/generated/reusable-workflows/zenml-io_zenml.model.yml index 48206551bcd..703a766cb4c 100644 --- a/ql/lib/ext/generated/reusable-workflows/zenml-io_zenml.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/zenml-io_zenml.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["zenml-io/zenml/.github/workflows/publish_docker_image.yml", "*", "input.config_file", "code-injection", "generated"] - ["zenml-io/zenml/.github/workflows/integration-test-slow.yml", "*", "input.test_environment", "code-injection", "generated"] diff --git a/ql/lib/ext/generated/reusable-workflows/zephyrproject-rtos_zephyr.model.yml b/ql/lib/ext/generated/reusable-workflows/zephyrproject-rtos_zephyr.model.yml index 256ad3f0e04..ecb4c809efe 100644 --- a/ql/lib/ext/generated/reusable-workflows/zephyrproject-rtos_zephyr.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/zephyrproject-rtos_zephyr.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["zephyrproject-rtos/zephyr/.github/workflows/ready-to-merge.yml", "*", "input.needs_context", "code-injection", "generated"] \ No newline at end of file diff --git a/ql/lib/ext/generated/reusable-workflows/zitadel_zitadel.model.yml b/ql/lib/ext/generated/reusable-workflows/zitadel_zitadel.model.yml index ae408b131e0..9b02577be7d 100644 --- a/ql/lib/ext/generated/reusable-workflows/zitadel_zitadel.model.yml +++ b/ql/lib/ext/generated/reusable-workflows/zitadel_zitadel.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["zitadel/zitadel/.github/workflows/release.yml", "*", "input.image_name", "code-injection", "generated"] - ["zitadel/zitadel/.github/workflows/release.yml", "*", "input.build_image_name", "code-injection", "generated"] @@ -9,6 +9,6 @@ extensions: - ["zitadel/zitadel/.github/workflows/compile.yml", "*", "input.version", "code-injection", "generated"] - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["zitadel/zitadel/.github/workflows/container.yml", "*", "input.build_image_name", "output.build_image", "taint", "manual"] diff --git a/ql/lib/ext/getsentry_action-release.model.yml b/ql/lib/ext/getsentry_action-release.model.yml index c7e2cf41b3f..1ffc3df1c81 100644 --- a/ql/lib/ext/getsentry_action-release.model.yml +++ b/ql/lib/ext/getsentry_action-release.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["getsentry/action-release", "*", "input.version", "output.version", "taint", "manual"] - ["getsentry/action-release", "*", "input.version_prefix", "output.version", "taint", "manual"] diff --git a/ql/lib/ext/github_codeql-action.model.yml b/ql/lib/ext/github_codeql-action.model.yml index 781384a2fe1..53ed1840b0a 100644 --- a/ql/lib/ext/github_codeql-action.model.yml +++ b/ql/lib/ext/github_codeql-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["github/codeql-action", "*", "input.output", "output.sarif-output", "taint", "manual"] diff --git a/ql/lib/ext/go-semantic-release_action.model.yml b/ql/lib/ext/go-semantic-release_action.model.yml index 9036f199f42..17d2ed2e473 100644 --- a/ql/lib/ext/go-semantic-release_action.model.yml +++ b/ql/lib/ext/go-semantic-release_action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["go-semantic-release/action", "*", "input.bin", "command-injection", "manual"] diff --git a/ql/lib/ext/golangci_golangci-lint-action.model.yml b/ql/lib/ext/golangci_golangci-lint-action.model.yml index 7eee95dbcce..68c2552c350 100644 --- a/ql/lib/ext/golangci_golangci-lint-action.model.yml +++ b/ql/lib/ext/golangci_golangci-lint-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["golangci/golangci-lint-action", "*", "input.version", "command-injection", "manual"] diff --git a/ql/lib/ext/gonuit_heroku-docker-deploy.model.yml b/ql/lib/ext/gonuit_heroku-docker-deploy.model.yml index 4fe9e32ce52..977f6b98ae4 100644 --- a/ql/lib/ext/gonuit_heroku-docker-deploy.model.yml +++ b/ql/lib/ext/gonuit_heroku-docker-deploy.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["gonuit/heroku-docker-deploy", "*", "input.email", "command-injection", "manual"] - ["gonuit/heroku-docker-deploy", "*", "input.heroku_api_key", "command-injection", "manual"] diff --git a/ql/lib/ext/goreleaser_goreleaser-action.model.yml b/ql/lib/ext/goreleaser_goreleaser-action.model.yml index 0352ece87b5..616f7fdb9ca 100644 --- a/ql/lib/ext/goreleaser_goreleaser-action.model.yml +++ b/ql/lib/ext/goreleaser_goreleaser-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["goreleaser/goreleaser-action", "*", "input.args", "command-injection", "manual"] diff --git a/ql/lib/ext/gr2m_create-or-update-pull-request-action.model.yml b/ql/lib/ext/gr2m_create-or-update-pull-request-action.model.yml index 712f2ce3395..e4961ae5ed6 100644 --- a/ql/lib/ext/gr2m_create-or-update-pull-request-action.model.yml +++ b/ql/lib/ext/gr2m_create-or-update-pull-request-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["gr2m/create-or-update-pull-request-action", "*", "input.branch", "command-injection", "manual"] - ["gr2m/create-or-update-pull-request-action", "*", "input.path", "command-injection", "manual"] diff --git a/ql/lib/ext/gradle_gradle-build-action.model.yml b/ql/lib/ext/gradle_gradle-build-action.model.yml index 45c00c1c30e..19cce83c691 100644 --- a/ql/lib/ext/gradle_gradle-build-action.model.yml +++ b/ql/lib/ext/gradle_gradle-build-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["gradle/gradle-build-action", "*", "input.cache-encryption-key", "env.GRADLE_ENCRYPTION_KEY", "taint", "manual"] - ["gradle/gradle-build-action", "*", "input.build-scan-terms-of-service-agree", "env.BUILD_SCAN_TERMS_OF_SERVICE_AGREE", "taint", "manual"] diff --git a/ql/lib/ext/haya14busa_action-cond.model.yml b/ql/lib/ext/haya14busa_action-cond.model.yml index 8f05918155e..f838eeed0eb 100644 --- a/ql/lib/ext/haya14busa_action-cond.model.yml +++ b/ql/lib/ext/haya14busa_action-cond.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["haya14busa/action-cond", "*", "input.if_true", "output.value", "taint", "manual"] - ["haya14busa/action-cond", "*", "input.if_false", "output.value", "taint", "manual"] diff --git a/ql/lib/ext/hexlet_project-action.model.yml b/ql/lib/ext/hexlet_project-action.model.yml index 708c310c05f..48e5b05128f 100644 --- a/ql/lib/ext/hexlet_project-action.model.yml +++ b/ql/lib/ext/hexlet_project-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["hexlet/project-action", "*", "input.mount-path", "env.PWD", "taint", "manual"] diff --git a/ql/lib/ext/ilammy_msvc-dev-cmd.model.yml b/ql/lib/ext/ilammy_msvc-dev-cmd.model.yml index 76177635899..448997b3136 100644 --- a/ql/lib/ext/ilammy_msvc-dev-cmd.model.yml +++ b/ql/lib/ext/ilammy_msvc-dev-cmd.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ilammy/msvc-dev-cmd", "*", "input.vsversion", "command-injection", "manual"] - ["ilammy/msvc-dev-cmd", "*", "input.arch", "command-injection", "manual"] diff --git a/ql/lib/ext/ilammy_setup-nasm.model.yml b/ql/lib/ext/ilammy_setup-nasm.model.yml index 7106115c17a..13af446f37d 100644 --- a/ql/lib/ext/ilammy_setup-nasm.model.yml +++ b/ql/lib/ext/ilammy_setup-nasm.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ilammy/setup-nasm", "*", "input.version", "command-injection", "manual"] - ["ilammy/setup-nasm", "*", "input.destination", "command-injection", "manual"] diff --git a/ql/lib/ext/imjohnbo_issue-bot.model.yml b/ql/lib/ext/imjohnbo_issue-bot.model.yml index 366e5dd1766..39e1c9ef624 100644 --- a/ql/lib/ext/imjohnbo_issue-bot.model.yml +++ b/ql/lib/ext/imjohnbo_issue-bot.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["imjohnbo/issue-bot", "*", "input.body", "code-injection", "manual"] - ["imjohnbo/issue-bot", "*", "input.linked-comments-previous-issue-text", "code-injection", "manual"] diff --git a/ql/lib/ext/iterative_setup-cml.model.yml b/ql/lib/ext/iterative_setup-cml.model.yml index a469063fc50..a442ed5cd53 100644 --- a/ql/lib/ext/iterative_setup-cml.model.yml +++ b/ql/lib/ext/iterative_setup-cml.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["iterative/setup-cml", "*", "input.version", "command-injection", "manual"] diff --git a/ql/lib/ext/iterative_setup-dvc.model.yml b/ql/lib/ext/iterative_setup-dvc.model.yml index d0d5b57574b..a22fce01c45 100644 --- a/ql/lib/ext/iterative_setup-dvc.model.yml +++ b/ql/lib/ext/iterative_setup-dvc.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["iterative/setup-dvc", "*", "input.version", "command-injection", "manual"] diff --git a/ql/lib/ext/jamesives_github-pages-deploy-action.model.yml b/ql/lib/ext/jamesives_github-pages-deploy-action.model.yml index 3151e335d22..74a5c7d592c 100644 --- a/ql/lib/ext/jamesives_github-pages-deploy-action.model.yml +++ b/ql/lib/ext/jamesives_github-pages-deploy-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["jamesives/github-pages-deploy-action", "*", "input.branch", "command-injection", "manual"] - ["jamesives/github-pages-deploy-action", "*", "input.commit-message", "command-injection", "manual"] diff --git a/ql/lib/ext/jitterbit_get-changed-files.model.yml b/ql/lib/ext/jitterbit_get-changed-files.model.yml index e74f953a1a1..e78dfb3b073 100644 --- a/ql/lib/ext/jitterbit_get-changed-files.model.yml +++ b/ql/lib/ext/jitterbit_get-changed-files.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["jitterbit/get-changed-files", "*", "output.all", "filename", "manual"] - ["jitterbit/get-changed-files", "*", "output.added", "filename", "manual"] diff --git a/ql/lib/ext/johnnymorganz_stylua-action.model.yml b/ql/lib/ext/johnnymorganz_stylua-action.model.yml index 0930fc246c3..29dac5cffea 100644 --- a/ql/lib/ext/johnnymorganz_stylua-action.model.yml +++ b/ql/lib/ext/johnnymorganz_stylua-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["johnnymorganz/stylua-action", "*", "input.args", "command-injection", "manual"] diff --git a/ql/lib/ext/jsdaniell_create-json.model.yml b/ql/lib/ext/jsdaniell_create-json.model.yml index 5b344799ad9..f2331633485 100644 --- a/ql/lib/ext/jsdaniell_create-json.model.yml +++ b/ql/lib/ext/jsdaniell_create-json.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["jsdaniell/create-json", "*", "input.name", "output.successfully", "taint", "manual"] - ["jsdaniell/create-json", "*", "input.json", "output.successfully", "taint", "manual"] diff --git a/ql/lib/ext/jurplel_install-qt-action.model.yml b/ql/lib/ext/jurplel_install-qt-action.model.yml index 5b6f1342fc4..e492f601278 100644 --- a/ql/lib/ext/jurplel_install-qt-action.model.yml +++ b/ql/lib/ext/jurplel_install-qt-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["jurplel/install-qt-action", "*", "input.version", "command-injection", "manual"] - ["jurplel/install-qt-action", "*", "input.arch", "command-injection", "manual"] diff --git a/ql/lib/ext/jwalton_gh-ecr-push.model.yml b/ql/lib/ext/jwalton_gh-ecr-push.model.yml index b34833d85f3..a821b049232 100644 --- a/ql/lib/ext/jwalton_gh-ecr-push.model.yml +++ b/ql/lib/ext/jwalton_gh-ecr-push.model.yml @@ -1,12 +1,12 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["jwalton/gh-ecr-push", "*", "input.image", "output.imageUrl", "taint", "manual"] - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["jwalton/gh-ecr-push", "*", "input.image", "command-injection", "manual"] - ["jwalton/gh-ecr-push", "*", "input.local-image", "command-injection", "manual"] diff --git a/ql/lib/ext/khan_pull-request-comment-trigger.model.yml b/ql/lib/ext/khan_pull-request-comment-trigger.model.yml index 9a58d9a764f..4f9f887caf1 100644 --- a/ql/lib/ext/khan_pull-request-comment-trigger.model.yml +++ b/ql/lib/ext/khan_pull-request-comment-trigger.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["khan/pull-request-comment-trigger", "*", "output.comment_body", "text", "manual"] - ["khan/pull-request-comment-trigger", "*", "output.comment_body", "text", "manual"] diff --git a/ql/lib/ext/larsoner_circleci-artifacts-redirector-action.model.yml b/ql/lib/ext/larsoner_circleci-artifacts-redirector-action.model.yml index 74ef5820cb7..365f3ac98f8 100644 --- a/ql/lib/ext/larsoner_circleci-artifacts-redirector-action.model.yml +++ b/ql/lib/ext/larsoner_circleci-artifacts-redirector-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["larsoner/circleci-artifacts-redirector-action", "*", "input.artifact-path", "output.url", "taint", "manual"] diff --git a/ql/lib/ext/leafo_gh-actions-lua.model.yml b/ql/lib/ext/leafo_gh-actions-lua.model.yml index e05a3afd63a..f42e8465533 100644 --- a/ql/lib/ext/leafo_gh-actions-lua.model.yml +++ b/ql/lib/ext/leafo_gh-actions-lua.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["leafo/gh-actions-lua", "*", "input.luaVersion", "command-injection", "manual"] - ["leafo/gh-actions-lua", "*", "input.luaCompileFlags", "command-injection", "manual"] diff --git a/ql/lib/ext/leafo_gh-actions-luarocks.model.yml b/ql/lib/ext/leafo_gh-actions-luarocks.model.yml index a96ad45d624..e21b5224166 100644 --- a/ql/lib/ext/leafo_gh-actions-luarocks.model.yml +++ b/ql/lib/ext/leafo_gh-actions-luarocks.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["leafo/gh-actions-luarocks", "*", "input.withLuaPath", "command-injection", "manual"] diff --git a/ql/lib/ext/lucasbento_auto-close-issues.model.yml b/ql/lib/ext/lucasbento_auto-close-issues.model.yml index a70e8facf7c..6c4a5931b98 100644 --- a/ql/lib/ext/lucasbento_auto-close-issues.model.yml +++ b/ql/lib/ext/lucasbento_auto-close-issues.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["lucasbento/auto-close-issues", "*", "input.issue-close-message", "code-injection", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/mad9000_actions-find-and-replace-string.model.yml b/ql/lib/ext/mad9000_actions-find-and-replace-string.model.yml index 66280f8bdd6..c7e89697afb 100644 --- a/ql/lib/ext/mad9000_actions-find-and-replace-string.model.yml +++ b/ql/lib/ext/mad9000_actions-find-and-replace-string.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["mad9000/actions-find-and-replace-string", "*", "input.source", "output.value", "taint", "manual"] - ["mad9000/actions-find-and-replace-string", "*", "input.replace", "output.value", "taint", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/magefile_mage-action.model.yml b/ql/lib/ext/magefile_mage-action.model.yml index 65965daeb1d..aa849603836 100644 --- a/ql/lib/ext/magefile_mage-action.model.yml +++ b/ql/lib/ext/magefile_mage-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["magefile/mage-action", "*", "input.args", "command-injection", "manual"] diff --git a/ql/lib/ext/maierj_fastlane-action.model.yml b/ql/lib/ext/maierj_fastlane-action.model.yml index ba9a04f588b..ae869b6b531 100644 --- a/ql/lib/ext/maierj_fastlane-action.model.yml +++ b/ql/lib/ext/maierj_fastlane-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["maierj/fastlane-action", "*", "input.lane", "command-injection", "manual"] - ["maierj/fastlane-action", "*", "input.options", "command-injection", "manual"] diff --git a/ql/lib/ext/manusa_actions-setup-minikube.model.yml b/ql/lib/ext/manusa_actions-setup-minikube.model.yml index aea054e24b0..9f5801b79c0 100644 --- a/ql/lib/ext/manusa_actions-setup-minikube.model.yml +++ b/ql/lib/ext/manusa_actions-setup-minikube.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["manusa/actions-setup-minikube", "*", "input.kubernetes_version", "command-injection", "manual"] - ["manusa/actions-setup-minikube", "*", "input.driver", "command-injection", "manual"] diff --git a/ql/lib/ext/marocchino_on_artifact.model.yml b/ql/lib/ext/marocchino_on_artifact.model.yml index c8646cffe8e..a4a473b8efd 100644 --- a/ql/lib/ext/marocchino_on_artifact.model.yml +++ b/ql/lib/ext/marocchino_on_artifact.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["marocchino/on_artifact", "*", "output.*", "artifact", "manual"] diff --git a/ql/lib/ext/mattdavis0351_actions.model.yml b/ql/lib/ext/mattdavis0351_actions.model.yml index bb1c3ffca2a..10a03e4d186 100644 --- a/ql/lib/ext/mattdavis0351_actions.model.yml +++ b/ql/lib/ext/mattdavis0351_actions.model.yml @@ -1,13 +1,13 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["mattdavis0351/actions", "*", "input.image-name", "output.imageUrl", "taint", "manual"] - ["mattdavis0351/actions", "*", "input.tag", "output.imageUrl", "taint", "manual"] - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mattdavis0351/actions", "*", "input.repo-token", "command-injection", "manual"] - ["mattdavis0351/actions", "*", "input.dockerfile-location", "command-injection", "manual"] diff --git a/ql/lib/ext/meteorengineer_setup-meteor.model.yml b/ql/lib/ext/meteorengineer_setup-meteor.model.yml index d3bec5ea39d..9af82b985f3 100644 --- a/ql/lib/ext/meteorengineer_setup-meteor.model.yml +++ b/ql/lib/ext/meteorengineer_setup-meteor.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["meteorengineer/setup-meteor", "*", "input.meteor-release", "command-injection", "manual"] diff --git a/ql/lib/ext/metro-digital_setup-tools-for-waas.model.yml b/ql/lib/ext/metro-digital_setup-tools-for-waas.model.yml index c65527150b5..3b779d0b86d 100644 --- a/ql/lib/ext/metro-digital_setup-tools-for-waas.model.yml +++ b/ql/lib/ext/metro-digital_setup-tools-for-waas.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["metro-digital/setup-tools-for-waas", "*", "input.gcp_sa_key", "env.GCLOUD_PROJECT", "taint", "manual"] diff --git a/ql/lib/ext/microsoft_setup-msbuild.model.yml b/ql/lib/ext/microsoft_setup-msbuild.model.yml index 25565b445fc..6ad087730e4 100644 --- a/ql/lib/ext/microsoft_setup-msbuild.model.yml +++ b/ql/lib/ext/microsoft_setup-msbuild.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["microsoft/setup-msbuild", "*", "input.vs-version", "command-injection", "manual"] - ["microsoft/setup-msbuild", "*", "input.vswhere-path", "command-injection", "manual"] diff --git a/ql/lib/ext/mishakav_pytest-coverage-comment.model.yml b/ql/lib/ext/mishakav_pytest-coverage-comment.model.yml index d46a07dde96..fa9c1958352 100644 --- a/ql/lib/ext/mishakav_pytest-coverage-comment.model.yml +++ b/ql/lib/ext/mishakav_pytest-coverage-comment.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["mishakav/pytest-coverage-comment", "*", "input.multiple-files", "output.summaryReport", "taint", "manual"] diff --git a/ql/lib/ext/mr-smithers-excellent_docker-build-push.model.yml b/ql/lib/ext/mr-smithers-excellent_docker-build-push.model.yml index 2d162fbc914..6bfaffb2bba 100644 --- a/ql/lib/ext/mr-smithers-excellent_docker-build-push.model.yml +++ b/ql/lib/ext/mr-smithers-excellent_docker-build-push.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mr-smithers-excellent/docker-build-push", "*", "input.tags", "command-injection", "manual"] - ["mr-smithers-excellent/docker-build-push", "*", "input.buildArgs", "command-injection", "manual"] diff --git a/ql/lib/ext/msys2_setup-msys2.model.yml b/ql/lib/ext/msys2_setup-msys2.model.yml index fc91bacdb72..03fa8beaf0b 100644 --- a/ql/lib/ext/msys2_setup-msys2.model.yml +++ b/ql/lib/ext/msys2_setup-msys2.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["msys2/setup-msys2", "*", "input.install", "command-injection", "manual"] - ["msys2/setup-msys2", "*", "input.pacboy", "command-injection", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/mxschmitt_action-tmate.model.yml b/ql/lib/ext/mxschmitt_action-tmate.model.yml index 8b2b4e79afa..a4ccaac2d2e 100644 --- a/ql/lib/ext/mxschmitt_action-tmate.model.yml +++ b/ql/lib/ext/mxschmitt_action-tmate.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mxschmitt/action-tmate", "*", "input.tmate-server-rsa-fingerprint", "command-injection", "manual"] - ["mxschmitt/action-tmate", "*", "input.tmate-server-ed25519-fingerprint", "command-injection", "manual"] diff --git a/ql/lib/ext/mymindstorm_setup-emsdk.model.yml b/ql/lib/ext/mymindstorm_setup-emsdk.model.yml index 2ea1fdf6855..7c32705dde5 100644 --- a/ql/lib/ext/mymindstorm_setup-emsdk.model.yml +++ b/ql/lib/ext/mymindstorm_setup-emsdk.model.yml @@ -1,12 +1,12 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["mymindstorm/setup-emsdk", "*", "input.actions-cache-folder", "env.EMSDK", "taint", "manual"] - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["mymindstorm/setup-emsdk", "*", "input.actions-cache-folder", "command-injection", "manual"] - ["mymindstorm/setup-emsdk", "*", "input.version", "command-injection", "manual"] diff --git a/ql/lib/ext/nanasess_setup-chromedriver.model.yml b/ql/lib/ext/nanasess_setup-chromedriver.model.yml index 21e0d819db7..902483f4399 100644 --- a/ql/lib/ext/nanasess_setup-chromedriver.model.yml +++ b/ql/lib/ext/nanasess_setup-chromedriver.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nanasess/setup-chromedriver", "*", "input.chromedriver-version", "command-injection", "manual"] diff --git a/ql/lib/ext/nanasess_setup-php.model.yml b/ql/lib/ext/nanasess_setup-php.model.yml index bcc8ce6b80d..be86a330b97 100644 --- a/ql/lib/ext/nanasess_setup-php.model.yml +++ b/ql/lib/ext/nanasess_setup-php.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nanasess/setup-php", "*", "input.php-version", "command-injection", "manual"] diff --git a/ql/lib/ext/nick-fields_retry.model.yml b/ql/lib/ext/nick-fields_retry.model.yml index 741ab37eb9b..0a6f7c34722 100644 --- a/ql/lib/ext/nick-fields_retry.model.yml +++ b/ql/lib/ext/nick-fields_retry.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["nick-fields/retry", "*", "input.on_retry_command", "command-injection", "manual"] - ["nick-fields/retry", "*", "input.new_command_on_retry", "command-injection", "manual"] diff --git a/ql/lib/ext/octokit_graphql-action.model.yml b/ql/lib/ext/octokit_graphql-action.model.yml index a9d6b80a627..613b3e0fc59 100644 --- a/ql/lib/ext/octokit_graphql-action.model.yml +++ b/ql/lib/ext/octokit_graphql-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["octokit/graphql-action", "*", "input.query", "request-forgery", "manual"] diff --git a/ql/lib/ext/octokit_request-action.model.yml b/ql/lib/ext/octokit_request-action.model.yml index 73d4df99af2..489d47ac71e 100644 --- a/ql/lib/ext/octokit_request-action.model.yml +++ b/ql/lib/ext/octokit_request-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["octokit/request-action", "*", "input.route", "request-forgery", "manual"] diff --git a/ql/lib/ext/olafurpg_setup-scala.model.yml b/ql/lib/ext/olafurpg_setup-scala.model.yml index fb6ae5102e1..4a98ecd4af1 100644 --- a/ql/lib/ext/olafurpg_setup-scala.model.yml +++ b/ql/lib/ext/olafurpg_setup-scala.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["olafurpg/setup-scala", "*", "input.jabba-version", "command-injection", "manual"] diff --git a/ql/lib/ext/paambaati_codeclimate-action.model.yml b/ql/lib/ext/paambaati_codeclimate-action.model.yml index 8b29e5c9988..57dc40ef6b8 100644 --- a/ql/lib/ext/paambaati_codeclimate-action.model.yml +++ b/ql/lib/ext/paambaati_codeclimate-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["paambaati/codeclimate-action", "*", "input.coverageCommand", "command-injection", "manual"] diff --git a/ql/lib/ext/peter-evans_create-pull-request.model.yml b/ql/lib/ext/peter-evans_create-pull-request.model.yml index 5a5cedcaca5..3b92f667ae9 100644 --- a/ql/lib/ext/peter-evans_create-pull-request.model.yml +++ b/ql/lib/ext/peter-evans_create-pull-request.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["peter-evans/create-pull-request", "*", "input.branch", "command-injection", "manual"] diff --git a/ql/lib/ext/peter-murray_issue-body-parser-action.model.yml b/ql/lib/ext/peter-murray_issue-body-parser-action.model.yml index d156d7da658..da8b02312ea 100644 --- a/ql/lib/ext/peter-murray_issue-body-parser-action.model.yml +++ b/ql/lib/ext/peter-murray_issue-body-parser-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["peter-murray/issue-body-parser-action", "*", "output.*", "text", "manual"] diff --git a/ql/lib/ext/plasmicapp_plasmic-action.model.yml b/ql/lib/ext/plasmicapp_plasmic-action.model.yml index 12d3f23f8fd..c06d13301d2 100644 --- a/ql/lib/ext/plasmicapp_plasmic-action.model.yml +++ b/ql/lib/ext/plasmicapp_plasmic-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["plasmicapp/plasmic-action", "*", "input.project_id", "command-injection", "manual"] - ["plasmicapp/plasmic-action", "*", "input.project_api_token", "command-injection", "manual"] diff --git a/ql/lib/ext/preactjs_compressed-size-action.model.yml b/ql/lib/ext/preactjs_compressed-size-action.model.yml index 30be564c42a..61935c36f7d 100644 --- a/ql/lib/ext/preactjs_compressed-size-action.model.yml +++ b/ql/lib/ext/preactjs_compressed-size-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["preactjs/compressed-size-action", "*", "input.build-script", "command-injection", "manual"] - ["preactjs/compressed-size-action", "*", "input.clean-script", "command-injection", "manual"] diff --git a/ql/lib/ext/py-actions_flake8.model.yml b/ql/lib/ext/py-actions_flake8.model.yml index 13d4cfeb814..89f61cedc42 100644 --- a/ql/lib/ext/py-actions_flake8.model.yml +++ b/ql/lib/ext/py-actions_flake8.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["py-actions/flake8", "*", "input.flake8-version", "command-injection", "manual"] - ["py-actions/flake8", "*", "input.plugins", "command-injection", "manual"] diff --git a/ql/lib/ext/py-actions_py-dependency-install.model.yml b/ql/lib/ext/py-actions_py-dependency-install.model.yml index 3043c9b30ec..1aabfc23fc4 100644 --- a/ql/lib/ext/py-actions_py-dependency-install.model.yml +++ b/ql/lib/ext/py-actions_py-dependency-install.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["py-actions/py-dependency-install", "*", "input.path", "command-injection", "manual"] diff --git a/ql/lib/ext/pyo3_maturin-action.model.yml b/ql/lib/ext/pyo3_maturin-action.model.yml index 29d51d1bfbb..d55fdbc3ea9 100644 --- a/ql/lib/ext/pyo3_maturin-action.model.yml +++ b/ql/lib/ext/pyo3_maturin-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["pyo3/maturin-action", "*", "input.before-script-linux", "command-injection", "manual"] - ["pyo3/maturin-action", "*", "input.target", "command-injection", "manual"] diff --git a/ql/lib/ext/reactivecircus_android-emulator-runner.model.yml b/ql/lib/ext/reactivecircus_android-emulator-runner.model.yml index 75a9650a92f..d01ac86d317 100644 --- a/ql/lib/ext/reactivecircus_android-emulator-runner.model.yml +++ b/ql/lib/ext/reactivecircus_android-emulator-runner.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["reactivecircus/android-emulator-runner", "*", "input.api-level", "command-injection", "manual"] - ["reactivecircus/android-emulator-runner", "*", "input.target", "command-injection", "manual"] diff --git a/ql/lib/ext/redhat-plumbers-in-action_download-artifact.model.yml b/ql/lib/ext/redhat-plumbers-in-action_download-artifact.model.yml index a85a4b466e2..bab76cbe27f 100644 --- a/ql/lib/ext/redhat-plumbers-in-action_download-artifact.model.yml +++ b/ql/lib/ext/redhat-plumbers-in-action_download-artifact.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["redhat-plumbers-in-action/download-artifact", "*", "output.*", "artifact", "manual"] diff --git a/ql/lib/ext/reggionick_s3-deploy.model.yml b/ql/lib/ext/reggionick_s3-deploy.model.yml index a0c4d6f7ec5..02ac5032c79 100644 --- a/ql/lib/ext/reggionick_s3-deploy.model.yml +++ b/ql/lib/ext/reggionick_s3-deploy.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["reggionick/s3-deploy", "*", "input.bucket", "command-injection", "manual"] - ["reggionick/s3-deploy", "*", "input.bucket-region", "command-injection", "manual"] diff --git a/ql/lib/ext/renovatebot_github-action.model.yml b/ql/lib/ext/renovatebot_github-action.model.yml index b5d4629003b..0c484d44549 100644 --- a/ql/lib/ext/renovatebot_github-action.model.yml +++ b/ql/lib/ext/renovatebot_github-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["renovatebot/github-action", "*", "input.renovate-image", "command-injection", "manual"] - ["renovatebot/github-action", "*", "input.renovate-version", "command-injection", "manual"] diff --git a/ql/lib/ext/roots_issue-closer-action.model.yml b/ql/lib/ext/roots_issue-closer-action.model.yml index 4b96edeccc2..c088c7a644e 100644 --- a/ql/lib/ext/roots_issue-closer-action.model.yml +++ b/ql/lib/ext/roots_issue-closer-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["roots/issue-closer-action", "*", "input.issue-close-message", "code-injection", "manual"] - ["roots/issue-closer-action", "*", "input.pr-close-message", "code-injection", "manual"] diff --git a/ql/lib/ext/ros-tooling_setup-ros.model.yml b/ql/lib/ext/ros-tooling_setup-ros.model.yml index ae3ef2e2b1b..5b22ac1f5fe 100644 --- a/ql/lib/ext/ros-tooling_setup-ros.model.yml +++ b/ql/lib/ext/ros-tooling_setup-ros.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ros-tooling/setup-ros", "*", "input.required-ros-distributions", "command-injection", "manual"] diff --git a/ql/lib/ext/ruby_setup-ruby.model.yml b/ql/lib/ext/ruby_setup-ruby.model.yml index 079dfc1fc02..3329a255e6f 100644 --- a/ql/lib/ext/ruby_setup-ruby.model.yml +++ b/ql/lib/ext/ruby_setup-ruby.model.yml @@ -1,11 +1,11 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["ruby/setup-ruby", "*", "input.ruby-version", "output.ruby-prefix", "taint", "manual"] - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["ruby/setup-ruby", "*", "input.ruby-version", "command-injection", "manual"] diff --git a/ql/lib/ext/salsify_action-detect-and-tag-new-version.model.yml b/ql/lib/ext/salsify_action-detect-and-tag-new-version.model.yml index 19edd617c67..14a1cdeed86 100644 --- a/ql/lib/ext/salsify_action-detect-and-tag-new-version.model.yml +++ b/ql/lib/ext/salsify_action-detect-and-tag-new-version.model.yml @@ -1,11 +1,11 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["salsify/action-detect-and-tag-new-version", "*", "input.tag-template", "output.tag", "taint", "manual"] - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["salsify/action-detect-and-tag-new-version", "*", "input.version-command", "command-injection", "manual"] diff --git a/ql/lib/ext/sergeysova_jq-action.model.yml b/ql/lib/ext/sergeysova_jq-action.model.yml index 8ab1d090b1c..49931d93f88 100644 --- a/ql/lib/ext/sergeysova_jq-action.model.yml +++ b/ql/lib/ext/sergeysova_jq-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["sergeysova/jq-action", "*", "input.cmd", "code-injection", "manual"] diff --git a/ql/lib/ext/shallwefootball_upload-s3-action.model.yml b/ql/lib/ext/shallwefootball_upload-s3-action.model.yml index 9f8d987c0af..37d0014bcbb 100644 --- a/ql/lib/ext/shallwefootball_upload-s3-action.model.yml +++ b/ql/lib/ext/shallwefootball_upload-s3-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["shallwefootball/upload-s3-action", "*", "input.destination_dir", "output.object_key", "taint", "manual"] diff --git a/ql/lib/ext/shogo82148_actions-setup-perl.model.yml b/ql/lib/ext/shogo82148_actions-setup-perl.model.yml index 90a18103868..9058c9fb984 100644 --- a/ql/lib/ext/shogo82148_actions-setup-perl.model.yml +++ b/ql/lib/ext/shogo82148_actions-setup-perl.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["shogo82148/actions-setup-perl", "*", "input.working-directory", "env.PERL5LIB", "taint", "manual"] diff --git a/ql/lib/ext/skitionek_notify-microsoft-teams.model.yml b/ql/lib/ext/skitionek_notify-microsoft-teams.model.yml index fd484074f5c..713c5c61cea 100644 --- a/ql/lib/ext/skitionek_notify-microsoft-teams.model.yml +++ b/ql/lib/ext/skitionek_notify-microsoft-teams.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["skitionek/notify-microsoft-teams", "*", "input.overwrite", "code-injection", "manual"] \ No newline at end of file diff --git a/ql/lib/ext/snow-actions_eclint.model.yml b/ql/lib/ext/snow-actions_eclint.model.yml index 5caaea9562e..40b02283152 100644 --- a/ql/lib/ext/snow-actions_eclint.model.yml +++ b/ql/lib/ext/snow-actions_eclint.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["snow-actions/eclint", "*", "input.args", "command-injection", "manual"] diff --git a/ql/lib/ext/stackhawk_hawkscan-action.model.yml b/ql/lib/ext/stackhawk_hawkscan-action.model.yml index 9462b8d5bbd..c08505f9747 100644 --- a/ql/lib/ext/stackhawk_hawkscan-action.model.yml +++ b/ql/lib/ext/stackhawk_hawkscan-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["stackhawk/hawkscan-action", "*", "input.workspace", "command-injection", "manual"] - ["stackhawk/hawkscan-action", "*", "input.apiKey", "command-injection", "manual"] diff --git a/ql/lib/ext/step-security_harden-runner.model.yml b/ql/lib/ext/step-security_harden-runner.model.yml index 9b01987e1f2..6305fd33960 100644 --- a/ql/lib/ext/step-security_harden-runner.model.yml +++ b/ql/lib/ext/step-security_harden-runner.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["step-security/harden-runner", "*", "input.allowed-endpoints", "command-injection", "manual"] diff --git a/ql/lib/ext/suisei-cn_actions-download-file.model.yml b/ql/lib/ext/suisei-cn_actions-download-file.model.yml index 10a3630ea0b..73988096818 100644 --- a/ql/lib/ext/suisei-cn_actions-download-file.model.yml +++ b/ql/lib/ext/suisei-cn_actions-download-file.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["suisei-cn/actions-download-file", "*", "input.filename", "output.filename", "taint", "manual"] diff --git a/ql/lib/ext/tibdex_backport.model.yml b/ql/lib/ext/tibdex_backport.model.yml index aac20afddf5..ee9a0dbb32a 100644 --- a/ql/lib/ext/tibdex_backport.model.yml +++ b/ql/lib/ext/tibdex_backport.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["tibdex/backport", "*", "input.body_template", "code-injection", "manual"] - ["tibdex/backport", "*", "input.head_template", "code-injection", "manual"] diff --git a/ql/lib/ext/timheuer_base64-to-file.model.yml b/ql/lib/ext/timheuer_base64-to-file.model.yml index 8dcabd1650a..f056cf5d864 100644 --- a/ql/lib/ext/timheuer_base64-to-file.model.yml +++ b/ql/lib/ext/timheuer_base64-to-file.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: summaryModel + extensible: actionsSummaryModel data: - ["timheuer/base64-to-file", "*", "input.fileName", "output.filePath", "taint", "manual"] - ["timheuer/base64-to-file", "*", "input.fileDir", "output.filePath", "taint", "manual"] diff --git a/ql/lib/ext/tj-actions_branch-names.model.yml b/ql/lib/ext/tj-actions_branch-names.model.yml index d98eda4e69f..838f0b30848 100644 --- a/ql/lib/ext/tj-actions_branch-names.model.yml +++ b/ql/lib/ext/tj-actions_branch-names.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: # https://github.com/tj-actions/branch-names - ["tj-actions/branch-names", "*", "output.current_branch", "branch", "manual"] diff --git a/ql/lib/ext/trilom_file-changes-action.model.yml b/ql/lib/ext/trilom_file-changes-action.model.yml index b8fb2514253..c215755f61d 100644 --- a/ql/lib/ext/trilom_file-changes-action.model.yml +++ b/ql/lib/ext/trilom_file-changes-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["trilom/file-changes-action", "*", "output.files", "filename", "manual"] - ["trilom/file-changes-action", "*", "output.files_added", "filename", "manual"] diff --git a/ql/lib/ext/tripss_conventional-changelog-action.model.yml b/ql/lib/ext/tripss_conventional-changelog-action.model.yml index ae166b1f515..014e779b29a 100644 --- a/ql/lib/ext/tripss_conventional-changelog-action.model.yml +++ b/ql/lib/ext/tripss_conventional-changelog-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["tripss/conventional-changelog-action", "*", "input.pre-release-identifier", "command-injection", "manual"] - ["tripss/conventional-changelog-action", "*", "input.git-user-name", "command-injection", "manual"] diff --git a/ql/lib/ext/tryghost_action-deploy-theme.model.yml b/ql/lib/ext/tryghost_action-deploy-theme.model.yml index a6cc6884389..806c055529d 100644 --- a/ql/lib/ext/tryghost_action-deploy-theme.model.yml +++ b/ql/lib/ext/tryghost_action-deploy-theme.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["tryghost/action-deploy-theme", "*", "input.theme-name", "command-injection", "manual"] - ["tryghost/action-deploy-theme", "*", "input.exclude", "command-injection", "manual"] diff --git a/ql/lib/ext/tzkhan_pr-update-action.model.yml b/ql/lib/ext/tzkhan_pr-update-action.model.yml index 499161aafcb..d6e554a8709 100644 --- a/ql/lib/ext/tzkhan_pr-update-action.model.yml +++ b/ql/lib/ext/tzkhan_pr-update-action.model.yml @@ -1,6 +1,6 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["tzkhan/pr-update-action", "*", "output.headMatch", "branch", "manual"] diff --git a/ql/lib/ext/veracode_veracode-sca.model.yml b/ql/lib/ext/veracode_veracode-sca.model.yml index a352d6c9ff6..55d1531a770 100644 --- a/ql/lib/ext/veracode_veracode-sca.model.yml +++ b/ql/lib/ext/veracode_veracode-sca.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["veracode/veracode-sca", "*", "input.url", "command-injection", "manual"] - ["veracode/veracode-sca", "*", "input.path", "command-injection", "manual"] diff --git a/ql/lib/ext/wearerequired_lint-action.model.yml b/ql/lib/ext/wearerequired_lint-action.model.yml index 6ed71f18215..c52d62e204a 100644 --- a/ql/lib/ext/wearerequired_lint-action.model.yml +++ b/ql/lib/ext/wearerequired_lint-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["wearerequired/lint-action", "*", "input.git_name", "command-injection", "manual"] - ["wearerequired/lint-action", "*", "input.git_email", "command-injection", "manual"] diff --git a/ql/lib/ext/webfactory_ssh-agent.model.yml b/ql/lib/ext/webfactory_ssh-agent.model.yml index 5864c0d0ede..1e915194d96 100644 --- a/ql/lib/ext/webfactory_ssh-agent.model.yml +++ b/ql/lib/ext/webfactory_ssh-agent.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["webfactory/ssh-agent", "*", "input.ssh-agent-cmd", "command-injection", "manual"] - ["webfactory/ssh-agent", "*", "input.ssh-add-cmd", "command-injection", "manual"] diff --git a/ql/lib/ext/xt0rted_slash-command-action.model.yml b/ql/lib/ext/xt0rted_slash-command-action.model.yml index 173ecfc4222..1cc360c472d 100644 --- a/ql/lib/ext/xt0rted_slash-command-action.model.yml +++ b/ql/lib/ext/xt0rted_slash-command-action.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sourceModel + extensible: actionsSourceModel data: - ["xt0rted/slash-command-action", "*", "output.command-arguments", "text", "manual"] - ["xt0rted/slash-command-action", "*", "output.command-arguments", "text", "manual"] diff --git a/ql/lib/ext/zaproxy_action-baseline.model.yml b/ql/lib/ext/zaproxy_action-baseline.model.yml index 880b0d606da..cb7e0936cca 100644 --- a/ql/lib/ext/zaproxy_action-baseline.model.yml +++ b/ql/lib/ext/zaproxy_action-baseline.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["zaproxy/action-baseline", "*", "input.docker_name", "command-injection", "manual"] - ["zaproxy/action-baseline", "*", "input.target", "command-injection", "manual"] diff --git a/ql/lib/ext/zaproxy_action-full-scan.model.yml b/ql/lib/ext/zaproxy_action-full-scan.model.yml index fd8172c6ca8..210c3365eda 100644 --- a/ql/lib/ext/zaproxy_action-full-scan.model.yml +++ b/ql/lib/ext/zaproxy_action-full-scan.model.yml @@ -1,7 +1,7 @@ extensions: - addsTo: pack: githubsecuritylab/actions-all - extensible: sinkModel + extensible: actionsSinkModel data: - ["zaproxy/action-full-scan", "*", "input.docker_name", "command-injection", "manual"] - ["zaproxy/action-full-scan", "*", "input.target", "command-injection", "manual"] diff --git a/ql/lib/qlpack.gbo b/ql/lib/qlpack.gbo deleted file mode 100644 index c77f7924c12..00000000000 --- a/ql/lib/qlpack.gbo +++ /dev/null @@ -1,13 +0,0 @@ ---- -warnOnImplicitThis: false -name: seclab/actions-all -version: 0.0.1-dev -groups: actions -extractor: actions -library: true -tests: test -dependencies: - codeql/javascript-all: ^0.8.7 - "codeql/controlflow": "*" - "codeql/dataflow": "*" - "codeql/ssa": "*" diff --git a/ql/lib/qlpack.yml b/ql/lib/qlpack.yml index 9acfb3035a4..f898f18a295 100644 --- a/ql/lib/qlpack.yml +++ b/ql/lib/qlpack.yml @@ -4,14 +4,13 @@ warnOnImplicitThis: true name: githubsecuritylab/actions-all version: 0.0.32 dependencies: - codeql/util: ^0.2.0 - codeql/yaml: ^0.1.2 - codeql/controlflow: ^0.1.0 - codeql/dataflow: ^0.1.0 -dbscheme: yaml.dbscheme -extractor: yaml -groups: - - yaml + codeql/javascript-all: '*' + codeql/util: '*' + codeql/yaml: '*' + codeql/controlflow: '*' + codeql/dataflow: '*' +extractor: javascript +groups: javascript dataExtensions: - ext/*.model.yml - ext/**/*.model.yml diff --git a/ql/lib/yaml.dbscheme b/ql/lib/yaml.dbscheme deleted file mode 100644 index 20d83c71ee6..00000000000 --- a/ql/lib/yaml.dbscheme +++ /dev/null @@ -1,80 +0,0 @@ -/*- YAML -*/ - -#keyset[parent, idx] -yaml (unique int id: @yaml_node, - int kind: int ref, - int parent: @yaml_node_parent ref, - int idx: int ref, - string tag: string ref, - string tostring: string ref); - -case @yaml_node.kind of - 0 = @yaml_scalar_node -| 1 = @yaml_mapping_node -| 2 = @yaml_sequence_node -| 3 = @yaml_alias_node -; - -@yaml_collection_node = @yaml_mapping_node | @yaml_sequence_node; - -@yaml_node_parent = @yaml_collection_node | @file; - -yaml_anchors (unique int node: @yaml_node ref, - string anchor: string ref); - -yaml_aliases (unique int alias: @yaml_alias_node ref, - string target: string ref); - -yaml_scalars (unique int scalar: @yaml_scalar_node ref, - int style: int ref, - string value: string ref); - -yaml_errors (unique int id: @yaml_error, - string message: string ref); - -yaml_locations(unique int locatable: @yaml_locatable ref, - int location: @location_default ref); - -@yaml_locatable = @yaml_node | @yaml_error; - -/*- Files and folders -*/ - -/** - * The location of an element. - * The location spans column `startcolumn` of line `startline` to - * column `endcolumn` of line `endline` in file `file`. - * For more information, see - * [Locations](https://codeql.github.com/docs/writing-codeql-queries/providing-locations-in-codeql-queries/). - */ -locations_default( - unique int id: @location_default, - int file: @file ref, - int beginLine: int ref, - int beginColumn: int ref, - int endLine: int ref, - int endColumn: int ref -); - -files( - unique int id: @file, - string name: string ref -); - -folders( - unique int id: @folder, - string name: string ref -); - -@container = @file | @folder - -containerparent( - int parent: @container ref, - unique int child: @container ref -); - -/*- Source location prefix -*/ - -/** - * The source location of the snapshot. - */ -sourceLocationPrefix(string prefix : string ref); diff --git a/ql/lib/yaml.dbscheme.stats b/ql/lib/yaml.dbscheme.stats deleted file mode 100644 index 1c35ae98402..00000000000 --- a/ql/lib/yaml.dbscheme.stats +++ /dev/null @@ -1,4 +0,0 @@ - - - - \ No newline at end of file diff --git a/ql/src/codeql-pack.lock.yml b/ql/src/codeql-pack.lock.yml index 84a6ccba26d..ce7000fc1b9 100644 --- a/ql/src/codeql-pack.lock.yml +++ b/ql/src/codeql-pack.lock.yml @@ -5,8 +5,14 @@ dependencies: version: 0.1.8 codeql/dataflow: version: 0.1.8 + codeql/javascript-all: + version: 0.5.2 + codeql/regex: + version: 0.0.10 codeql/ssa: version: 0.2.8 + codeql/tutorial: + version: 0.0.7 codeql/typetracking: version: 0.2.8 codeql/util: diff --git a/ql/src/qlpack.yml b/ql/src/qlpack.yml index 5637bef68a0..4192be6a4ca 100644 --- a/ql/src/qlpack.yml +++ b/ql/src/qlpack.yml @@ -2,12 +2,11 @@ library: false name: githubsecuritylab/actions-queries version: 0.0.32 -groups: - - actions - - queries +groups: [actions, queries] suites: codeql-suites -extractor: yaml +extractor: javascript defaultSuiteFile: codeql-suites/actions-code-scanning.qls dependencies: + codeql/javascript-all: '*' githubsecuritylab/actions-all: ${workspace} warnOnImplicitThis: true diff --git a/ql/test/codeql-pack.lock.yml b/ql/test/codeql-pack.lock.yml index 84a6ccba26d..ce7000fc1b9 100644 --- a/ql/test/codeql-pack.lock.yml +++ b/ql/test/codeql-pack.lock.yml @@ -5,8 +5,14 @@ dependencies: version: 0.1.8 codeql/dataflow: version: 0.1.8 + codeql/javascript-all: + version: 0.5.2 + codeql/regex: + version: 0.0.10 codeql/ssa: version: 0.2.8 + codeql/tutorial: + version: 0.0.7 codeql/typetracking: version: 0.2.8 codeql/util: diff --git a/ql/test/library-tests/test.ql b/ql/test/library-tests/test.ql index e3304b4fe72..80ebd80b4c2 100644 --- a/ql/test/library-tests/test.ql +++ b/ql/test/library-tests/test.ql @@ -50,13 +50,13 @@ query predicate nodeLocations(DataFlow::Node n, Location l) { n.getLocation() = query predicate scopes(Cfg::CfgScope c) { any() } query predicate sources(string action, string version, string output, string kind, string provenance) { - sourceModel(action, version, output, kind, provenance) + actionsSourceModel(action, version, output, kind, provenance) } query predicate summaries( string action, string version, string input, string output, string kind, string provenance ) { - summaryModel(action, version, input, output, kind, provenance) + actionsSummaryModel(action, version, input, output, kind, provenance) } query predicate calls(DataFlow::CallNode call, string callee) { callee = call.getCallee() } diff --git a/ql/test/qlpack.yml b/ql/test/qlpack.yml index d85fc698394..1676d742d37 100644 --- a/ql/test/qlpack.yml +++ b/ql/test/qlpack.yml @@ -1,12 +1,10 @@ --- name: githubsecuritylab/actions-tests -groups: - - actions - - test +groups: [javascript, test] dependencies: githubsecuritylab/actions-all: ${workspace} githubsecuritylab/actions-queries: ${workspace} -extractor: yaml +extractor: javascript tests: . warnOnImplicitThis: true