hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 04:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
442 Commits 1,741 Branches 166 Tags
76b115deb09da540e370ebdbf557d19a84dc41fb
Commit Graph

297 Commits

Author SHA1 Message Date
Alvaro Muñoz
76b115deb0 Dedup Cache poisoning and Untrusted checkout 2024-06-26 19:44:44 +02:00
Alvaro Muñoz
878317ab6b Bump qlpack versions 2024-06-26 19:18:10 +02:00
Alvaro Muñoz
5cd292e23e Make Untrusted Checkout and CachePoisoning rules path-problems 2024-06-26 19:17:37 +02:00
Alvaro Muñoz
e6311966c8 Take explicit permission into account for privilege calculation 2024-06-26 16:17:07 +02:00
Alvaro Muñoz
1fd7c148a5 Bump qlpack versions 2024-06-25 13:58:25 +02:00
Alvaro Muñoz
61797e9180 Add pull_request-comment-branch head_ref as a source 2024-06-25 13:27:08 +02:00
Alvaro Muñoz
fc8173239e Move configuration to MaD files 2024-06-25 09:47:43 +02:00
Alvaro Muñoz
24d69f2ee8 Bump qlpack versions 2024-06-24 12:45:35 +02:00
Alvaro Muñoz
b5dfda27fd Add cargo as poisonable step 2024-06-24 12:45:24 +02:00
Alvaro Muñoz
6df70d1a45 Do not consider priv events if runtime data is available 2024-06-23 21:34:30 +02:00
Alvaro Muñoz
4619128c11 Move from githubsecuritylab packages to github 2024-06-20 09:50:36 +02:00
Alvaro Muñoz
c764b39c18 Bump qlpack versions 2024-06-17 17:11:10 +02:00
Alvaro Muñoz
1fdf76ac41 Improve download artifact and untrusted checkout queries 2024-06-17 15:17:46 +02:00
Alvaro Muñoz
4b4901f99f Bump qlpack versions 2024-06-13 11:51:46 +02:00
Alvaro Muñoz
a84c1c4706 Minor improvemnts 2024-06-13 11:51:15 +02:00
Alvaro Muñoz
fbaf329428 Remove dependencies with javascript-all 2024-06-13 11:50:28 +02:00
Alvaro Muñoz
f068504c4f Bump qlpack versions 2024-06-12 10:07:36 +02:00
Alvaro Muñoz
df3d6131a8 Update lock files 2024-06-12 08:50:49 +02:00
Alvaro Muñoz
ad1f35c86a Move from yaml to js extractor 2024-06-11 21:24:22 +02:00
Alvaro Muñoz
92cd50393b Bump qlpack versions 2024-06-07 10:06:46 +02:00
Alvaro Muñoz
3f0f75a7c5 Make CachePoisoning queries high severity 2024-06-07 10:05:39 +02:00
Alvaro Muñoz
c45d4d37aa Bump qlpack versions 2024-06-06 17:34:42 +02:00
Alvaro Muñoz
49a2fd82b1 Bump qlpack versions 2024-06-06 17:32:11 +02:00
Alvaro Muñoz
d13a937a5d Update Cache Poisoning 2024-06-06 17:30:43 +02:00
Alvaro Muñoz
ba4dd2b0ed Update to latest dataflow shared library 2024-06-06 17:23:40 +02:00
Alvaro Muñoz
2c96127425 Improve event context sources + test 2024-06-05 16:34:52 +02:00
Alvaro Muñoz
284c52f972 Bump qlpack versions 2024-06-05 10:54:37 +02:00
Alvaro Muñoz
28af21c556 Update ql suites 2024-06-05 08:57:43 +02:00
Alvaro Muñoz
fa05b684d7 Dont consider pull_request with write permissions as priv 2024-06-03 22:17:42 +02:00
Alvaro Muñoz
65b51996a6 new tests 2024-06-03 18:59:51 +02:00
Alvaro Muñoz
88465bd0e3 Improve privleged detection 2024-06-03 11:26:51 +02:00
Alvaro Muñoz
844b6e014b Bump qlpack versions 2024-05-31 19:04:32 +02:00
Alvaro Muñoz
842b741611 Bump qlpack versions 2024-05-31 16:02:51 +02:00
Alvaro Muñoz
3e9c19044e Improve bash and source regexpps 2024-05-31 16:01:27 +02:00
Alvaro Muñoz
c6e3bafe00 Bump qlpack versions 2024-05-24 09:35:06 +02:00
Alvaro Muñoz
1fc45eb296 Improve ControlCheck for untrusted checkouts 2024-05-24 09:33:35 +02:00
Alvaro Muñoz
16a7522807 Improve Untrusted checkout queries 2024-05-22 23:24:17 +02:00
Alvaro Muñoz
33ae3b1625 minor updates 2024-05-22 18:53:39 +02:00
Alvaro Muñoz
367531a659 Bump qlpack versions 2024-05-22 11:08:22 +02:00
Alvaro Muñoz
4d28d6aa7c Improve toctou queries 2024-05-22 11:07:52 +02:00
Alvaro Muñoz
e86fa9744a Bump qlpack versions 2024-05-21 23:05:30 +02:00
Alvaro Muñoz
5d32071adc resolve conflicts 2024-05-21 23:02:34 +02:00
Alvaro Muñoz
313acfcac2 Add externally triggereable data model and predicates 2024-05-21 23:00:40 +02:00
Alvaro Muñoz
d3bff87f9a Add github to json contexts 2024-05-17 23:10:29 +02:00
Alvaro Muñoz
5f8bab0608 Bump qlpack versions 2024-05-17 22:36:26 +02:00
Alvaro Muñoz
66138df61d Merge pull request #37 from github/toctou_refinements 
Reduce FP for actor/association checks that cannot be bypassed this way
 2024-05-17 11:25:39 +02:00
Alvaro Muñoz
0456dcdc8f Merge pull request #38 from github/expr_trigger_mapping 
Ensure event sources are available for triggering events
 2024-05-17 11:25:14 +02:00
Alvaro Muñoz
47a66e1075 Add TODO 2024-05-16 21:43:00 +02:00
Alvaro Muñoz
dfeefe0caa Consider actor and association checks as bypassable checks ONLY for issueOps 2024-05-16 16:17:26 +02:00
Alvaro Muñoz
84d4c573f9 Merge branch 'toctou_refinements' of https://github.com/github/codeql-actions into toctou_refinements 2024-05-16 16:14:48 +02:00