hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
86,340 Commits 1,741 Branches 165 Tags
69ed88bccd4e1e52f4e6ffdf6c7f48940ec4c4fc
Commit Graph

187 Commits

Author SHA1 Message Date
Dave Bartolomeo
74619d49b3 Update precision and severity for unpinned-tag 
This ensures that it will be in `security-extended`, but not the default suite.
 2025-02-06 11:33:17 -05:00
Dave Bartolomeo
81ff4dd81c Update severity for excessive-secrets-exposure 
This ensures that it will remain in the default suite.
 2025-02-06 11:32:32 -05:00
Dave Bartolomeo
d7259c17db Add security tag for missing-actions-permissions 
This ensures that it will remain in the default suite.
 2025-02-06 11:31:36 -05:00
Dave Bartolomeo
909de5280c Update severity and precision of a few injection queries 
These will wind up in `security-extended`, when previously they were not in any of the standard suites.
 2025-02-06 11:30:43 -05:00
Dave Bartolomeo
604dbfd0d0 Actions: Move experimental to experimental directory 
This is consistent with how other languages manage experimental queries. I've left the `experimental` tags in place.
 2025-02-06 10:54:25 -05:00
Remco Vermeulen
9894e9ef9f Add CCR suites 2025-02-05 01:58:34 +00:00
github-actions[bot]
f1b05a79a4 Post-release preparation for codeql-cli-2.20.4 2025-02-04 09:25:09 +00:00
github-actions[bot]
573e53e454 Release preparation for version 2.20.4 2025-02-03 15:19:35 +00:00
github-actions[bot]
fbb7f0a0c6 Post-release preparation for codeql-cli-2.20.2 2025-01-20 21:11:14 +00:00
github-actions[bot]
a0512a50f2 Release preparation for version 2.20.2 2025-01-20 21:11:12 +00:00
docs-bot
8b5bed1a46 Add actions-security-experimental.qls 2025-01-17 09:47:44 -05:00
Chad Bentz
f413c4f467 Remove codeql config references from query doc 2025-01-09 19:32:06 -05:00
Chad Bentz
26074bb7fe Make docs less verbose regarding codeql config + enhance changlog to highlight extensibility 2025-01-09 19:30:02 -05:00
Chad Bentz
b144c2f597 Merge branch 'github:main' into felickz/actions-trusted-owner-data-extensions 2025-01-09 15:07:49 -05:00
Chad Bentz
6b3098d26c Add configuration instructions for trusted Action publishers using data extensions 2025-01-07 19:26:18 -05:00
Chad Bentz
3e94a4c2bf Refactor trusted actions owner model 
- use existing data extensions config and yml folder
- rename from trustedActionsOwner to trustedActionsOwnerDataModel
- update related predicates
 2025-01-07 17:22:24 -05:00
github-actions[bot]
fb20f6ca63 Post-release preparation for codeql-cli-2.20.1 2025-01-07 22:07:40 +00:00
Chad Bentz
e4cfd97069 Format 2025-01-07 17:01:33 -05:00
github-actions[bot]
88b6f1e79a Release preparation for version 2.20.1 2025-01-07 20:50:36 +00:00
Chad Bentz
22e7b9a825 Convert trusted actions list to data extension 2025-01-07 15:35:12 -05:00
Dave Bartolomeo
72a53c4b23 Revert "Release preparation for version 2.20.1" 2025-01-07 13:32:23 -05:00
github-actions[bot]
fbf9f2fff8 Release preparation for version 2.20.1 2025-01-07 17:20:13 +00:00
Dave Bartolomeo
22e030584c Revert "Release preparation for version 2.20.1" 2025-01-07 12:14:27 -05:00
github-actions[bot]
a121c5a5d0 Release preparation for version 2.20.1 2025-01-06 18:20:22 +00:00
Dave Bartolomeo
90efbf5172 Update suites for Actions queries 2024-12-20 14:37:46 -05:00
Dave Bartolomeo
e9a04b8839 Mark UnversionedImmutableAction query as internal 2024-12-20 14:37:32 -05:00
Kylie Stradley
690924f72b Update actions/ql/src/Security/CWE-829/UnversionedImmutableAction.md 
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
 2024-12-20 12:04:42 -05:00
Kylie Stradley
dc705ad623 indicate immutable actions are only available for internal use at this time 2024-12-20 11:19:15 -05:00
Kylie Stradley
2dd3adac51 clarify immutable actions help text 2024-12-20 09:51:51 -05:00
Dave Bartolomeo
e4bce701a0 Add change notes 2024-12-19 10:53:23 -05:00
Dave Bartolomeo
7891134a87 Fix formatting 2024-12-18 15:43:53 -05:00
Dave Bartolomeo
47e364a13b Remove placeholder code 2024-12-18 14:51:24 -05:00
Dave Bartolomeo
c7efe5d0f5 Update lock files 2024-12-18 14:42:13 -05:00
Dave Bartolomeo
dbc1fa6450 Merge Actions queries from github/codeql-actions 2024-12-18 14:39:43 -05:00
Dave Bartolomeo
ee7680df84 Move into actions subdirectory to prepare for migration to github/codeql 2024-12-18 14:35:15 -05:00
Dave Bartolomeo
4a567344f5 Fix style alerts 2024-10-25 17:59:49 -04:00
Dave Bartolomeo
dffc9e2e31 Create placeholder Actions QL packs 2024-10-25 17:45:05 -04:00