hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-10 13:10:26 +01:00
Code Issues Packages Projects Releases Wiki Activity
142 Commits 1,679 Branches 158 Tags
8e5eeb2ea35e8b3c2601192f080f6e112496ae24
Commit Graph

142 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alvaro Muñoz
8e5eeb2ea3 Merge branch 'untrusted_co' 2024-03-14 16:15:53 +01:00
Alvaro Muñoz
5130135df0 fix(stepsExpression): allow steps from a composite action to communicate 2024-03-14 16:14:55 +01:00
Alvaro Muñoz
a3ccc2eba3 Merge pull request #30 from GitHubSecurityLab/untrusted_co 
Improve UntrustedCheckout query
 2024-03-14 14:52:39 +01:00
Alvaro Muñoz
778d8978b0 DF support for untrusted checkout query 2024-03-14 13:55:10 +01:00
Alvaro Muñoz
22d0600da8 Support more PR head checkouts 2024-03-14 13:28:39 +01:00
Alvaro Muñoz
d12b24886f Merge branch 'untrusted_co' of https://github.com/GitHubSecurityLab/codeql-actions into untrusted_co 2024-03-14 12:58:56 +01:00
Alvaro Muñoz
35df9519e1 Support more untrusted checkout cases 2024-03-14 12:58:47 +01:00
Alvaro Muñoz
9ca1ac5bb9 Fix expression regexp 2024-03-14 12:58:02 +01:00
Alvaro Muñoz
3150f24d3f Update tests and fix regexp 2024-03-14 12:21:16 +01:00
Alvaro Muñoz
7160f08222 Update ql/test/query-tests/Security/CWE-829/.github/workflows/auto_ci.yml 
Co-authored-by: Jaroslav Lobačevski <jarlob@github.com>
 2024-03-14 12:03:40 +01:00
Alvaro Muñoz
03277cc24b Add test for self-referencing jobs 2024-03-14 11:58:44 +01:00
Alvaro Muñoz
8e2c1a4f4e Expose predicates to check local flow 2024-03-14 11:58:07 +01:00
Alvaro Muñoz
3e2dffce8b Rename ContextExpression to SimpleReferenceExpression 2024-03-14 11:57:43 +01:00
Alvaro Muñoz
e726f9fff1 Apply suggestions from code review 
Co-authored-by: Jaroslav Lobačevski <jarlob@github.com>
 2024-03-14 09:24:32 +01:00
Alvaro Muñoz
aa37339deb Apply suggestions from code review 2024-03-14 09:22:40 +01:00
Alvaro Muñoz
fe1bf58ae5 Apply suggestions from code review 
Co-authored-by: Jaroslav Lobačevski <jarlob@github.com>
 2024-03-14 09:22:05 +01:00
Alvaro Muñoz
872b1f88f0 More regexp improvements 2024-03-13 22:47:19 +01:00
Alvaro Muñoz
0e50204672 More regexp improvements 2024-03-13 22:19:55 +01:00
Alvaro Muñoz
87b284e5e6 update 2024-03-13 19:14:57 +01:00
Alvaro Muñoz
839d16cde5 Treat If's values as expression no matter the delimiters 2024-03-13 18:41:17 +01:00
Alvaro Muñoz
1bf2431c99 Improve UntrustedCheckout query 
Account for more events, more triggers and heuristics to detect git checkouts
 2024-03-13 15:41:57 +01:00
Alvaro Muñoz
aa62603899 Merge pull request #29 from GitHubSecurityLab/clean 
fix: clean debug lefovers
 2024-03-13 13:50:11 +01:00
Alvaro Muñoz
0b71d02407 fix: clean debug lefovers 2024-03-13 13:49:50 +01:00
Alvaro Muñoz
37331c3d43 Merge pull request #28 from GitHubSecurityLab/new_ast_refactor 
Refactor ast nodes
 2024-03-12 10:17:34 +01:00
Alvaro Muñoz
9b97dbd870 Refactor ast nodes 2024-03-12 10:16:43 +01:00
Alvaro Muñoz
86075c95bd Improve ExpressionNode Location handling 2024-03-07 22:28:54 +01:00
Alvaro Muñoz
4f7cce9c11 Merge pull request #27 from GitHubSecurityLab/refactor_astnode 
Add Expression nodes and locations
 2024-03-07 15:36:54 +01:00
Alvaro Muñoz
96246f4b74 Add Expression nodes and their corresponding locations 2024-03-07 15:35:47 +01:00
Alvaro Muñoz
e5527d7a18 Refactor ast nodes 2024-03-05 19:59:43 +01:00
Alvaro Muñoz
b3cecfc7e8 Merge pull request #26 from GitHubSecurityLab/refactor_ast 
Refactor AST layer
 2024-03-04 17:39:56 +01:00
Alvaro Muñoz
c8e89797eb remove test db 2024-03-04 15:43:38 +01:00
Alvaro Muñoz
6875640c64 Refactor getXXXExpr methods 2024-03-04 10:33:26 +01:00
Alvaro Muñoz
1c2f19f4e1 Merge Actions.qll and Ast.qll 2024-03-01 16:06:06 +01:00
Alvaro Muñoz
bcf3081259 Refactor Input/Outpts 2024-03-01 11:17:23 +01:00
Alvaro Muñoz
0eabdd9507 Rename classes 2024-03-01 09:44:33 +01:00
Alvaro Muñoz
e979f51956 Merge pull request #25 from GitHubSecurityLab/add_tests 
test: Add tests
 2024-02-29 13:47:57 +01:00
Alvaro Muñoz
6b11506abb test: Add tests 2024-02-29 13:23:59 +01:00
Alvaro Muñoz
cbe43bf72b Merge pull request #24 from GitHubSecurityLab/matrix_ctx 
matrix ctx
 2024-02-29 12:08:20 +01:00
Alvaro Muñoz
5b40d98849 Update test db build script 2024-02-28 14:36:21 +01:00
Alvaro Muñoz
8a9ec88b36 feat(matrix): Add support for flow through matrix vars 2024-02-28 13:21:29 +01:00
Alvaro Muñoz
447b65e7a9 Add script to build full DBs (testproj ones remove source code origin) 2024-02-28 12:37:41 +01:00
Alvaro Muñoz
8e7e5d03a5 fix(test): Add expected files 2024-02-28 11:15:38 +01:00
Mathew Payne
409d35ba1f Merge pull request #23 from GitHubSecurityLab/IAC_queries 
feat(queries): Migrate queries from AdvancedSecurity repo
 2024-02-27 20:11:12 +00:00
Alvaro Muñoz
fe976faf6a feat(queries): Migrate queries from AdvancedSecurity repo 2024-02-27 15:20:35 +01:00
Alvaro Muñoz
c29f3a7779 Merge pull request #21 from GitHubSecurityLab/refactor_env_access 
refactor env access
 2024-02-26 13:02:33 +01:00
Alvaro Muñoz
98f3a1e7bf fix(env): Improve env access support 2024-02-26 10:43:55 +01:00
Alvaro Muñoz
645177cc80 Account for github.event.label check as a sanitizer for untrusted checkout 2024-02-26 09:39:42 +01:00
Alvaro Muñoz
1458434504 Merge branch 'master' of https://github.com/GitHubSecurityLab/codeql-actions 2024-02-23 11:54:41 +01:00
Alvaro Muñoz
f513a19c24 fix: restrict EnvCtxAccessExpr to Env decarlations on the same file 2024-02-23 11:53:47 +01:00
Alvaro Muñoz
f5355e722d Merge pull request #20 from GitHubSecurityLab/untrusted_checkout 2024-02-22 15:52:08 +01:00