hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-06 19:20:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
371 Commits 1,675 Branches 157 Tags
0456dcdc8f34392fefe84592006b559751bf3b23
Commit Graph

371 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alvaro Muñoz
0456dcdc8f Merge pull request #38 from github/expr_trigger_mapping 
Ensure event sources are available for triggering events
 2024-05-17 11:25:14 +02:00
Alvaro Muñoz
47a66e1075 Add TODO 2024-05-16 21:43:00 +02:00
Alvaro Muñoz
f325d40a22 Ensure event sources are available for triggering events 2024-05-16 15:55:12 +02:00
Alvaro Muñoz
1b4246e7f1 Update tests for cache poisoning 2024-05-16 11:32:21 +02:00
Alvaro Muñoz
446765bcbb Update Cache Poisoning rule 2024-05-15 22:08:03 +02:00
Alvaro Muñoz
731889bf88 Bump qlpack versions 2024-05-15 21:29:51 +02:00
Alvaro Muñoz
d15dc68e43 Merge pull request #35 from github/default_branch_name 2024-05-15 17:57:25 +02:00
Alvaro Muñoz
d5e679a340 Merge pull request #36 from github/JarLob-patch-1 2024-05-15 17:52:00 +02:00
Jaroslav Lobačevski
6f87b75504 Update test.yml 2024-05-15 17:44:16 +02:00
Jaroslav Lobačevski
00052d1ea1 exists 2024-05-15 15:37:57 +00:00
Jaroslav Lobačevski
17a6d28e18 Fix OR 2024-05-15 15:37:17 +00:00
Jaroslav Lobačevski
11edff936b Fix tests 2024-05-15 15:27:59 +00:00
Jaroslav Lobačevski
1a4939a13b Apply suggestions from code review 
Co-authored-by: Alvaro Muñoz <pwntester@github.com>
 2024-05-15 16:19:58 +02:00
Alvaro Muñoz
f09e79a79b Merge pull request #33 from github/fix_32 
Add context paths containing tainted fields
 2024-05-15 16:00:22 +02:00
Jaroslav Lobačevski
a2503dd14b fix default_branch_name visibility 2024-05-15 10:22:40 +00:00
Jaroslav Lobačevski
cae29e0abe temporary fix 2024-05-15 10:03:17 +00:00
Jaroslav Lobačevski
f38af29f80 Fix array 2024-05-15 09:36:18 +00:00
Jaroslav Lobačevski
6e8fc89034 Add default branch name check 2024-05-15 09:29:24 +00:00
Alvaro Muñoz
7a66b12437 add tests 2024-05-14 22:33:50 +02:00
Alvaro Muñoz
30d0b9d133 Add context paths containing tainted fields 2024-05-14 22:07:49 +02:00
Alvaro Muñoz
3120d4b328 Merge branch 'master' of https://github.com/github/codeql-actions 2024-05-14 15:38:48 +02:00
Alvaro Muñoz
33b3fc67c7 Merge pull request #30 from github/peter_murray_issue-body-parser-action_model 
Add missing source for peter-murray/issue-body-parser-action
 2024-05-14 15:38:18 +02:00
Alvaro Muñoz
67c964808b Merge pull request #29 from github/toctou_queries 
TOCTOU queries
 2024-05-14 15:36:18 +02:00
Alvaro Muñoz
f96b9cc535 Update tests 2024-05-14 15:35:13 +02:00
Alvaro Muñoz
ca59423c8a Bump qlpack versions 2024-05-14 15:32:40 +02:00
Alvaro Muñoz
ff2cfa568d Merge pull request #31 from github/branch_deploy_head_source 
Treat branch-deploy action as a source of HEAD ref for untrusted checkouts
 2024-05-14 15:30:11 +02:00
Alvaro Muñoz
a0939bb0a3 Bump qlpack versions 2024-05-14 15:29:45 +02:00
Alvaro Muñoz
0473c3824f Treat branch-deploy action as a source of HEAD ref for untrusted checkouts 2024-05-14 11:38:39 +02:00
Alvaro Muñoz
00f77ca9ec Add missing source for peter-murray/issue-body-parser-action 2024-05-14 11:36:43 +02:00
Alvaro Muñoz
73fbd2311b Improper access check queries and tests 2024-05-14 10:20:04 +02:00
Alvaro Muñoz
7c295e011a TOCTOU queries and tests 2024-05-14 10:19:27 +02:00
Alvaro Muñoz
b4096e0201 Refactor control checks 2024-05-14 09:56:23 +02:00
Alvaro Muñoz
60769f1671 Bump qlpack versions 2024-05-13 16:26:53 +02:00
Alvaro Muñoz
54d103ffe4 Merge pull request #28 from github/feat/matrix_expressions 
Resolve Matrix expression to their possible values
 2024-05-13 16:25:52 +02:00
Alvaro Muñoz
cee0389d6e Update SelfHostedQuery.qll 
Co-authored-by: Jaroslav Lobačevski <jarlob@github.com>
 2024-05-13 15:33:28 +02:00
Alvaro Muñoz
a1efc78ac7 Refactor regexps 2024-05-13 13:47:01 +02:00
Alvaro Muñoz
9ee9314cb9 Resolve conflicts after rebasing 2024-05-13 10:37:42 +02:00
Alvaro Muñoz
9310150fb0 Resolve conflict 2024-05-13 09:20:45 +02:00
Alvaro Muñoz
b2d7c823b3 Merge pull request #25 from github/support_trigger_events 
New `On` and `Event` classes
 2024-05-13 09:18:53 +02:00
Alvaro Muñoz
510cefecbe Remove debug left-overs 2024-05-10 14:59:12 +02:00
Alvaro Muñoz
e0d147f39a Add On and Event AST nodes 
Capture information about trigger events on the new On and Event classes
 2024-05-10 14:13:44 +02:00
Alvaro Muñoz
8590a0ba8f Refactor runOnDefaultBranch 2024-05-10 14:12:54 +02:00
Alvaro Muñoz
4d61204404 New tests 2024-05-10 14:12:25 +02:00
Alvaro Muñoz
a30c2aa5de Update PoisonableSteps 2024-05-09 23:32:21 +02:00
Alvaro Muñoz
3b684d8c94 Merge pull request #19 from github/cache_poisoning_actions 
Fix error in select
 2024-05-08 22:44:57 +02:00
Alvaro Muñoz
eb4eb4e931 Merge branch 'master' into cache_poisoning_actions 2024-05-08 22:43:22 +02:00
Alvaro Muñoz
d6fb0ae84e Update tests 2024-05-08 22:41:05 +02:00
Alvaro Muñoz
ad45d319c5 Resolve conflict 2024-05-08 22:37:22 +02:00
Alvaro Muñoz
1ea0312f36 Bump qlpack versions 2024-05-08 22:35:25 +02:00
Alvaro Muñoz
d2e9411e12 Update and new tests 2024-05-08 22:35:17 +02:00