hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-28 06:36:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
530 Commits 1,673 Branches 157 Tags
80d2bbdc9be6269fe9fd37164cb79aeeaa974217
Commit Graph

382 Commits

Author SHA1 Message Date
Alvaro Muñoz
ab8dd599b7 fix(queries): Fix Missing Permissions query 
If a job is only triggered by `workflow_call`, we dont report any issues
since they should be reported on the calling workflows
 2024-07-31 11:45:30 +02:00
Alvaro Muñoz
8ffac2935e Bump qlpack versions 2024-07-30 18:22:20 +02:00
Alvaro Muñoz
65ad387543 fix: Add printf as an equivalent to echo 2024-07-30 18:18:22 +02:00
Alvaro Muñoz
bf10603b5f Bump qlpack versions 2024-07-30 10:28:15 +02:00
Alvaro Muñoz
f5261237a4 feat(suites): Add a bughalla-specific query suite 2024-07-30 10:27:28 +02:00
Alvaro Muñoz
da36924bb1 feat(queries): Add Output Clobbering query 2024-07-30 10:26:41 +02:00
Alvaro Muñoz
06ec94e731 Bump qlpack versions 2024-07-29 22:38:42 +02:00
Alvaro Muñoz
e3df12d77b Update Query suite 2024-07-29 22:37:47 +02:00
Alvaro Muñoz
eaf034e8cb feat(config): Add pipx as poisonable step 2024-07-25 11:09:02 +02:00
Alvaro Muñoz
28cc06e136 Bump qlpack versions 2024-07-24 18:28:09 +02:00
Alvaro Muñoz
ba6ab04dfc feat(suite): Remove severity:warning queries from CodeScanning suite 2024-07-24 18:27:39 +02:00
Alvaro Muñoz
bb78bb6f57 refactor(queries): update severity level for workflow permissions 2024-07-24 18:27:00 +02:00
Alvaro Muñoz
da28f7dc0a feat(config): add asv to poisonable steps list 2024-07-24 15:56:47 +02:00
Alvaro Muñoz
12e78ac4fe fix(regex): update pattern to match both gh and hub commands 2024-07-23 23:37:04 +02:00
Alvaro Muñoz
2dffb865d0 Bump qlpack versions 2024-07-22 12:45:34 +02:00
Alvaro Muñoz
15649afd5c feat(queries): Improve envvar injection queries 
Consider those cases where the contents of a file are written to a var
and that var assigned to GITHUB_ENV
 2024-07-22 12:44:27 +02:00
Alvaro Muñoz
270ca2ad7d feat(queries): Experimental Output clobbering query 2024-07-15 21:00:54 +02:00
Alvaro Muñoz
fc39249f92 feat(queries): Consider untrusted checkout as a source for code injections 2024-07-15 21:00:28 +02:00
Alvaro Muñoz
76ded33280 Bump qlpack versions 2024-07-13 23:29:36 +02:00
Alvaro Muñoz
cc64c95dbc feat(dataflow): Update edges predicate to only link to next step 
Previously each step was linking to all possible following steps. This change makes a better flow path explanation flowing from the checkout to the poisonable step, step by step
 2024-07-13 23:28:47 +02:00
Alvaro Muñoz
c1d8ca0976 Bump qlpack versions 2024-07-13 00:01:49 +02:00
Alvaro Muñoz
44911382af feat(tests): Update tests results 2024-07-12 23:49:05 +02:00
Alvaro Muñoz
9917c46f6f feat(core): Add StepsContainer class 
A StepsContainer is an abstract class that includes all nodes with steps: Runs and LocalJobs
 2024-07-12 23:48:52 +02:00
Alvaro Muñoz
69d173f13c fix(refactor): Remove unnecessary variables 2024-07-12 23:47:52 +02:00
Alvaro Muñoz
7f77e89bbf feat(tests): Add test for checkout in composite action 2024-07-12 23:31:12 +02:00
Alvaro Muñoz
417d5a403e Bump qlpack versions 2024-07-12 12:46:03 +02:00
Alvaro Muñoz
a1787596d2 feat(tests): Update tests 2024-07-12 12:45:19 +02:00
Alvaro Muñoz
e0a075da57 feat(dataflow): Flow through bash assigments on artifact to GH env/output 2024-07-12 12:45:06 +02:00
Alvaro Muñoz
5785a21d56 feat(queries): Env-var injection 
Enable Uses sinks for envvar injection
 2024-07-12 12:44:25 +02:00
Alvaro Muñoz
f623f73f16 feat(models): Add dotenv models 
Envvar-injection sinks
 2024-07-12 12:43:25 +02:00
Alvaro Muñoz
8289bf97b9 feat(models): Add support for artifact to step output 2024-07-12 11:10:01 +02:00
Alvaro Muñoz
29d2b287c9 tests: Organize tests 2024-07-12 10:14:39 +02:00
Alvaro Muñoz
c5d31ce08c fix(refactor): Add comments and rename predicates 2024-07-12 10:13:49 +02:00
Alvaro Muñoz
3f8a791b2e fix(queries): Improve Argument Injection query 
Add GITHUB_HEAD_REF as a source
 2024-07-11 22:59:20 +02:00
Alvaro Muñoz
89024ad604 fix(models): Reuse command delimiter regexps 2024-07-11 22:58:20 +02:00
Alvaro Muñoz
7a54170b31 feat(ext): Move regexp delimiters to Config.qll 2024-07-11 12:59:34 +02:00
Alvaro Muñoz
f4581d0aa5 Bump qlpack versions 2024-07-11 11:36:18 +02:00
Alvaro Muñoz
eb66114d8b feat(models): New ArgInj sink 2024-07-11 11:35:44 +02:00
Alvaro Muñoz
56af52a729 feat(tests): New tests for Command Injection 
Injections on a workflow_run triggered protected by a allow branches list should not be reported as critical
 2024-07-11 10:46:37 +02:00
Alvaro Muñoz
adbb236465 fix(query): Better identification of argument injection commands 2024-07-11 10:45:49 +02:00
Alvaro Muñoz
8d75250da7 Bump qlpack versions 2024-07-11 10:05:29 +02:00
Alvaro Muñoz
732f0dc29f feat(queries): Argument Injection 
Make argument injection sinks congigurable with MaD
 2024-07-11 10:04:43 +02:00
Alvaro Muñoz
73c77bc93b Initial implementation 
Pending work: complete the regular expression
 2024-07-11 10:04:43 +02:00
Alvaro Muñoz
621ead2266 Fix branches logic 2024-07-10 13:09:23 +02:00
Alvaro Muñoz
090b3d41d1 Fix branches logic 2024-07-10 13:08:54 +02:00
Alvaro Muñoz
53b88627e5 feat(core): Exclude worflow_run#branches#default branch from externally triggerable events 2024-07-10 12:15:49 +02:00
Alvaro Muñoz
f1d1c1e55a Bump QL versions 2024-07-10 11:49:37 +02:00
Alvaro Muñoz
f4dd771d1c feat(models): Add models for ssh-action 2024-07-10 11:49:18 +02:00
Alvaro Muñoz
e23054292b feat(tests): Add new tests 
Add new tests to verify that even if a job is privileged, if the vulnerability takes place in a different one, it should be considered as non-priveleged and reported as Cache Poisoning instead of Untrusted Checkout
 2024-07-10 11:49:02 +02:00
Alvaro Muñoz
8231261ccf New poisonable steps 2024-07-09 17:28:04 +02:00