hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-08 20:20:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
206 Commits 1,679 Branches 157 Tags
0051914245f5f4e210e6bf06edff609d032ccb46
Commit Graph

126 Commits

Author SHA1 Message Date
Alvaro Muñoz
31a1ea9593 Improve envvar injection 2024-04-08 17:12:00 +02:00
Alvaro Muñoz
45a51a9f74 Bump qlpack versions 2024-04-08 12:55:24 +02:00
Alvaro Muñoz
56d2d8ec10 Update test results 2024-04-08 12:54:30 +02:00
Alvaro Muñoz
2651e5a673 Improve Artifact poisoning related queries 2024-04-08 12:52:10 +02:00
Alvaro Muñoz
3209378f45 Remove TODO 2024-04-05 14:25:25 +02:00
Alvaro Muñoz
28ccf4fa68 Improve Artifact Poisoning query 2024-04-05 09:18:01 +02:00
Alvaro Muñoz
ce5928c6ba Bump qlpack versions 2024-04-03 15:43:43 +02:00
Alvaro Muñoz
f7ddd8b769 Include problem queries in actions-all suite 2024-04-03 15:39:50 +02:00
Alvaro Muñoz
2988bc8885 Centralize isPrivileged decisions 2024-04-03 15:39:00 +02:00
Alvaro Muñoz
119c7b8158 Bump qlpack versions 2024-04-03 11:41:42 +02:00
Alvaro Muñoz
9c90db3f83 Merge pull request #41 from GitHubSecurityLab/env_injection 
New Artifact Poisoning and EnvVar Injection queries
 2024-04-03 11:39:56 +02:00
Alvaro Muñoz
a2bbf704ee fix: triggering events for artifact poisoning 2024-04-03 11:39:35 +02:00
Alvaro Muñoz
2a1226c37a Add workflow_dispatch to the triggers for artifact poisoning 2024-04-02 12:54:42 +02:00
Alvaro Muñoz
152d29da38 Add Artifact poisoning and Env Injection queries 2024-04-01 18:53:37 +02:00
Alvaro Muñoz
cc16318a90 Make new trilom source compliant with new sources 2024-04-01 10:56:03 +02:00
Alvaro Muñoz
9807cf87d5 resolve conflicts 2024-04-01 10:52:46 +02:00
Alvaro Muñoz
bdfd46111f Only triggered on non-pull_request events 2024-04-01 10:51:26 +02:00
Alvaro Muñoz
822e9bcaab env var injection query 2024-03-23 21:55:54 +01:00
Alvaro Muñoz
2ed3aceddf feat(sources): Do not take triggers into consideration 2024-03-22 13:32:29 +01:00
Alvaro Muñoz
9d5b026fde Merge branch 'master' of https://github.com/GitHubSecurityLab/codeql-actions 2024-03-21 14:21:30 +01:00
Alvaro Muñoz
06747cd98b Add tests for untrusted checkouts in workflow_run triggered workflows 2024-03-21 14:19:46 +01:00
Alvaro Muñoz
9683ae35bc Add tests 2024-03-18 13:04:57 +01:00
Alvaro Muñoz
8023a527a4 fix(untrusted_co): Do not report Reusable workflows called from pull_request 2024-03-18 13:02:11 +01:00
Alvaro Muñoz
8906bd9635 Bump versions 2024-03-18 11:00:22 +01:00
Jorge
e0bbb66be4 Try to fix actions-all suite 2024-03-15 15:11:21 +01:00
Alvaro Muñoz
d9e589c6e7 Remove unnecessary boundary anchors 2024-03-15 13:58:46 +01:00
Alvaro Muñoz
6cb15f06bc fix(fn): Apply json wrappers to source regexps 2024-03-15 13:54:21 +01:00
Alvaro Muñoz
01d8d79e6d Bump versions 2024-03-15 13:34:12 +01:00
Alvaro Muñoz
169e57e874 Refactor queries 2024-03-15 11:10:41 +01:00
Alvaro Muñoz
92dbceb507 boost pack versions 2024-03-15 10:19:08 +01:00
Alvaro Muñoz
46afa9c1f3 Add new tests 2024-03-14 22:41:01 +01:00
Alvaro Muñoz
f251783c26 Apply suggestions from code review 
Co-authored-by: Jorge <46056498+jorgectf@users.noreply.github.com>
 2024-03-14 21:52:22 +01:00
Alvaro Muñoz
d21d453d1c Split queries 2024-03-14 21:52:22 +01:00
jorgectf
d26ead7c3b Add security sinks 2024-03-14 21:52:22 +01:00
Jorge
1e64b18212 Add suite that runs all queries 2024-03-14 19:09:22 +01:00
Alvaro Muñoz
5130135df0 fix(stepsExpression): allow steps from a composite action to communicate 2024-03-14 16:14:55 +01:00
Alvaro Muñoz
778d8978b0 DF support for untrusted checkout query 2024-03-14 13:55:10 +01:00
Alvaro Muñoz
22d0600da8 Support more PR head checkouts 2024-03-14 13:28:39 +01:00
Alvaro Muñoz
d12b24886f Merge branch 'untrusted_co' of https://github.com/GitHubSecurityLab/codeql-actions into untrusted_co 2024-03-14 12:58:56 +01:00
Alvaro Muñoz
35df9519e1 Support more untrusted checkout cases 2024-03-14 12:58:47 +01:00
Alvaro Muñoz
9ca1ac5bb9 Fix expression regexp 2024-03-14 12:58:02 +01:00
Alvaro Muñoz
3150f24d3f Update tests and fix regexp 2024-03-14 12:21:16 +01:00
Alvaro Muñoz
7160f08222 Update ql/test/query-tests/Security/CWE-829/.github/workflows/auto_ci.yml 
Co-authored-by: Jaroslav Lobačevski <jarlob@github.com>
 2024-03-14 12:03:40 +01:00
Alvaro Muñoz
03277cc24b Add test for self-referencing jobs 2024-03-14 11:58:44 +01:00
Alvaro Muñoz
8e2c1a4f4e Expose predicates to check local flow 2024-03-14 11:58:07 +01:00
Alvaro Muñoz
3e2dffce8b Rename ContextExpression to SimpleReferenceExpression 2024-03-14 11:57:43 +01:00
Alvaro Muñoz
e726f9fff1 Apply suggestions from code review 
Co-authored-by: Jaroslav Lobačevski <jarlob@github.com>
 2024-03-14 09:24:32 +01:00
Alvaro Muñoz
aa37339deb Apply suggestions from code review 2024-03-14 09:22:40 +01:00
Alvaro Muñoz
fe1bf58ae5 Apply suggestions from code review 
Co-authored-by: Jaroslav Lobačevski <jarlob@github.com>
 2024-03-14 09:22:05 +01:00
Alvaro Muñoz
872b1f88f0 More regexp improvements 2024-03-13 22:47:19 +01:00