hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-20 14:36:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
223 Commits 1,711 Branches 163 Tags
29cef4fd7358cf329d111cd616cff2611b59097c
Commit Graph

223 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alvaro Muñoz
29cef4fd73 Bump qlpack versions 2024-04-11 16:24:51 +02:00
Alvaro Muñoz
841499eeb0 Improve privleged workflow detection 2024-04-11 16:23:51 +02:00
Alvaro Muñoz
ed70ef0307 Make Artifact poisoning query a path problem 2024-04-11 15:46:49 +02:00
Alvaro Muñoz
b761565dcf Merge branch 'master' of https://github.com/GitHubSecurityLab/codeql-actions 2024-04-11 15:18:19 +02:00
Alvaro Muñoz
1b2e02df64 Add support for multiline assigments 2024-04-11 15:18:09 +02:00
Alvaro Muñoz
4f0ec73307 Merge pull request #46 from GitHubSecurityLab/ca-rw-sinks 
Add models for composite actions and reusable workflows sinks
 2024-04-11 12:02:01 +02:00
jorgectf
6c245605a7 Discard already-modeled sinks 2024-04-11 11:26:45 +02:00
jorgectf
83f9527cc4 Add models for reusable workflows sinks 2024-04-11 11:25:54 +02:00
jorgectf
ae84303fac Add models for composite actions sinks 2024-04-11 11:25:23 +02:00
jorgectf
5a12a2213b Add provenance to existing models 2024-04-11 11:24:42 +02:00
jorgectf
c373238fa6 Add subfolders to dataExtensions 2024-04-11 11:23:53 +02:00
jorgectf
c56f220b13 Add provenance field 2024-04-11 11:23:28 +02:00
jorgectf
a817a22cc7 Remove redundant import 2024-04-11 11:22:36 +02:00
jorgectf
0051914245 Add .cache to gitignore 2024-04-11 11:21:59 +02:00
Alvaro Muñoz
8d2b8be133 Add github.event as a source 2024-04-10 22:32:49 +02:00
Alvaro Muñoz
5968da87bb Bump qlpack versions 2024-04-08 18:53:39 +02:00
Alvaro Muñoz
58b21d4684 Improve assignments to GITHUB ENVARS detection 2024-04-08 18:52:13 +02:00
Alvaro Muñoz
ae5b8bc0ac Bump qlpack versions 2024-04-08 17:12:45 +02:00
Alvaro Muñoz
31a1ea9593 Improve envvar injection 2024-04-08 17:12:00 +02:00
Alvaro Muñoz
45a51a9f74 Bump qlpack versions 2024-04-08 12:55:24 +02:00
Alvaro Muñoz
56d2d8ec10 Update test results 2024-04-08 12:54:30 +02:00
Alvaro Muñoz
5d81c4d69e Merge pull request #45 from GitHubSecurityLab/artifact_posining 
Improve Artifact Poisoning query
 2024-04-08 12:53:35 +02:00
Alvaro Muñoz
2651e5a673 Improve Artifact poisoning related queries 2024-04-08 12:52:10 +02:00
Alvaro Muñoz
3209378f45 Remove TODO 2024-04-05 14:25:25 +02:00
Alvaro Muñoz
28ccf4fa68 Improve Artifact Poisoning query 2024-04-05 09:18:01 +02:00
Alvaro Muñoz
ce5928c6ba Bump qlpack versions 2024-04-03 15:43:43 +02:00
Alvaro Muñoz
73878ed3cd Merge pull request #42 from GitHubSecurityLab/priv_workflows 
priv workflows
 2024-04-03 15:41:04 +02:00
Alvaro Muñoz
f7ddd8b769 Include problem queries in actions-all suite 2024-04-03 15:39:50 +02:00
Alvaro Muñoz
2988bc8885 Centralize isPrivileged decisions 2024-04-03 15:39:00 +02:00
Alvaro Muñoz
119c7b8158 Bump qlpack versions 2024-04-03 11:41:42 +02:00
Alvaro Muñoz
9c90db3f83 Merge pull request #41 from GitHubSecurityLab/env_injection 
New Artifact Poisoning and EnvVar Injection queries
 2024-04-03 11:39:56 +02:00
Alvaro Muñoz
a2bbf704ee fix: triggering events for artifact poisoning 2024-04-03 11:39:35 +02:00
Alvaro Muñoz
2a1226c37a Add workflow_dispatch to the triggers for artifact poisoning 2024-04-02 12:54:42 +02:00
Alvaro Muñoz
152d29da38 Add Artifact poisoning and Env Injection queries 2024-04-01 18:53:37 +02:00
Alvaro Muñoz
c7b3148af6 Merge pull request #39 from GitHubSecurityLab/new_sources 
feat(sources): New sources
 2024-04-01 10:56:45 +02:00
Alvaro Muñoz
cc16318a90 Make new trilom source compliant with new sources 2024-04-01 10:56:03 +02:00
Alvaro Muñoz
ee81a87428 resolve conflicts 2024-04-01 10:54:02 +02:00
Alvaro Muñoz
9807cf87d5 resolve conflicts 2024-04-01 10:52:46 +02:00
Alvaro Muñoz
bdfd46111f Only triggered on non-pull_request events 2024-04-01 10:51:26 +02:00
Alvaro Muñoz
822e9bcaab env var injection query 2024-03-23 21:55:54 +01:00
Alvaro Muñoz
ff3759eca8 Merge pull request #40 from GitHubSecurityLab/refactor_source_checks 
feat(sources): Do not take triggers into consideration
 2024-03-23 21:42:19 +01:00
Alvaro Muñoz
2ed3aceddf feat(sources): Do not take triggers into consideration 2024-03-22 13:32:29 +01:00
Alvaro Muñoz
9d5b026fde Merge branch 'master' of https://github.com/GitHubSecurityLab/codeql-actions 2024-03-21 14:21:30 +01:00
Alvaro Muñoz
06747cd98b Add tests for untrusted checkouts in workflow_run triggered workflows 2024-03-21 14:19:46 +01:00
Alvaro Muñoz
b6a097caa4 Merge pull request #38 from GitHubSecurityLab/improve_untrusted_co 2024-03-18 14:36:42 +01:00
Alvaro Muñoz
874e45e3e5 feat(sources): New sources 
This PR also adds the ability to not limit a source to a trigger event
 2024-03-18 13:22:53 +01:00
Alvaro Muñoz
9683ae35bc Add tests 2024-03-18 13:04:57 +01:00
Alvaro Muñoz
8023a527a4 fix(untrusted_co): Do not report Reusable workflows called from pull_request 2024-03-18 13:02:11 +01:00
Alvaro Muñoz
0a2be55507 Merge branch 'master' of https://github.com/GitHubSecurityLab/codeql-actions 2024-03-18 11:00:30 +01:00
Alvaro Muñoz
8906bd9635 Bump versions 2024-03-18 11:00:22 +01:00