codeql

mirror of https://github.com/github/codeql.git synced 2025-12-28 14:46:33 +01:00

Author	SHA1	Message	Date
Alvaro Muñoz	cf4ab41df2	feat(action): rename qlpacks to use githubsecuritylab prefix	2024-02-16 12:32:48 +01:00
Alvaro Muñoz	0105d63a44	Add Action to scan repos	2024-02-16 12:25:23 +01:00
Alvaro Muñoz	f5c6905a50	Merge pull request #13 from GitHubSecurityLab/github_ctx Improve regexs	2024-02-15 12:03:33 +01:00
Alvaro Muñoz	499c3e7ac3	Improve regexs	2024-02-15 12:03:06 +01:00
Alvaro Muñoz	65b226d36e	Merge pull request #12 from GitHubSecurityLab/ctx_expressions feat(bash-step): Improve bash step accuracy	2024-02-15 11:52:18 +01:00
Alvaro Muñoz	1cd32195a7	feat(bash-step): Improve bash step accuracy Only pass the taint when the env var is directlty set as the step output	2024-02-15 11:51:28 +01:00
Alvaro Muñoz	0f73080a7b	Merge pull request #11 from GitHubSecurityLab/fix_composite_actions feat(composite-actions): Fix summary and source queries for composite actions analysis	2024-02-14 18:11:12 +01:00
Alvaro Muñoz	3c12e43d3f	feat(composite-actions): Fix summary and source queries for composite actions analysis	2024-02-14 18:09:12 +01:00
Alvaro Muñoz	700882730c	Merge pull request #10 from GitHubSecurityLab/job_outputs feat(field-flow): Refactor flow through job outputs	2024-02-14 17:14:09 +01:00
Alvaro Muñoz	f65587e5cf	feat(fieldflow): Refactor flow through Job outputs Job output should flow to the “key” (YamlString) and be read from there from the JobOutputAccessExpr. - NeedsCtxAccessExpr.getRefExpr should point to the UsesExpr(RW calling Job) or to the OutputsStmt(Regular Job). - JobsCtxAccessExpr.getRefExpr should point to the OutputsStmt(Regular Job). - Create storeStep from OutputExpr to OutputStmt using output var name as the field name. - Create a readStep for CtxAccessExpr to read the referenced fields from the job outputs.	2024-02-14 17:08:13 +01:00
Alvaro Muñoz	90d1ae4a05	fix: simplify Ast	2024-02-14 14:06:28 +01:00
Alvaro Muñoz	494fb2470e	fix: refactor local, read and store steps	2024-02-14 14:05:13 +01:00
Alvaro Muñoz	ebaac5f5cb	fix: enforce input,output,env prefixes in MaD	2024-02-14 14:03:11 +01:00
Alvaro Muñoz	7139d3b6d2	Merge pull request #8 from GitHubSecurityLab/changed-files-sources Add some changed-files sources	2024-02-14 10:56:20 +01:00
Alvaro Muñoz	2b3b3732b9	resolve conflicts	2024-02-14 10:55:31 +01:00
Alvaro Muñoz	6b83afebaa	Merge pull request #9 from GitHubSecurityLab/content_set feat(field-flow): enhance dataflow tracking	2024-02-14 10:49:11 +01:00
Alvaro Muñoz	e6b4676f90	feat(field-flow): enhance dataflow tracking implement field flow to reduce false positives	2024-02-14 10:47:00 +01:00
jorgectf	29b3d6c9ef	Prefix sources with `output.`	2024-02-13 15:00:53 +01:00
jorgectf	6627a858e3	Suffix with `.model`	2024-02-13 13:24:25 +01:00
jorgectf	fa91837f63	Trim yaml	2024-02-13 13:22:18 +01:00
jorgectf	68901e252c	Add some changed-files sources	2024-02-13 13:18:52 +01:00
Alvaro Muñoz	32b1d77b4a	Merge pull request #7 from GitHubSecurityLab/input_output_nodes Better handling of input and output expressions	2024-02-13 11:52:10 +01:00
Alvaro Muñoz	271c512f4d	better identification of Composite Actions input and output nodes	2024-02-13 11:40:22 +01:00
Alvaro Muñoz	cc3f2eed68	add characteristic predicates to InputExpr and OutputExpr	2024-02-13 11:24:16 +01:00
Alvaro Muñoz	3c5358c381	Merge pull request #6 from GitHubSecurityLab/composite_actions feat: support for composite action's analysis	2024-02-12 22:57:31 +01:00
Alvaro Muñoz	e9707af38d	feat: support for composite action's analysis	2024-02-12 22:55:58 +01:00
Alvaro Muñoz	9030cb3df4	Merge pull request #5 from GitHubSecurityLab/env_context Implement support for env context	2024-02-12 15:48:37 +01:00
Alvaro Muñoz	99358c62e2	Extend CFG to reach env expressions	2024-02-12 15:47:27 +01:00
Alvaro Muñoz	70d1741177	Merge pull request #4 from GitHubSecurityLab/improve_mad Refactor MaD semantics	2024-02-12 15:46:50 +01:00
Alvaro Muñoz	4b57cee300	Initial implementaion of env context support	2024-02-12 15:14:47 +01:00
Alvaro Muñoz	4f0b66ea03	Refactor MaD semantics	2024-02-12 13:47:44 +01:00
Alvaro Muñoz	f2fc411d6b	Merge pull request #3 from GitHubSecurityLab/extensible_predicates Add support for external definitions	2024-02-09 22:59:23 +01:00
Alvaro Muñoz	2eaca7e826	Add support for external definitions	2024-02-09 22:55:10 +01:00
Alvaro Muñoz	e9c1114f98	Merge pull request #2 from GitHubSecurityLab/refactor_cfgscope Refactor CfgScopes and Ast predicate names	2024-02-09 13:48:29 +01:00
Alvaro Muñoz	b54316fc9a	Refactor CfgScopes and Ast predicate names	2024-02-09 13:35:47 +01:00
Alvaro Muñoz	9c6fd20e5e	Move reusable tests to src pack	2024-02-09 12:29:48 +01:00
Alvaro Muñoz	96e41bb043	Merge pull request #1 from GitHubSecurityLab/reusable_workflows Add support for Reusable workflows	2024-02-09 12:28:17 +01:00
Alvaro Muñoz	3152ed71ba	dataflow through reusable workflows	2024-02-09 11:57:47 +01:00
Alvaro Muñoz	9659098ab6	Support for Reusable workflows	2024-02-08 15:40:06 +01:00
Alvaro Muñoz	db413361f7	Add Reusable Workflow test	2024-02-08 15:11:39 +01:00
Alvaro Muñoz	5006ffe203	Use the LibYaml default AST hierarchy	2024-02-08 12:01:41 +01:00
Alvaro Muñoz	83ca36bc76	Support RunExpr's env vars	2024-02-08 11:56:55 +01:00
Alvaro Muñoz	1708e0f19d	Move tests files to .github/workflows	2024-02-08 11:55:21 +01:00
Alvaro Muñoz	da2ac2af03	Process only .github/workflows yaml files	2024-02-08 11:52:14 +01:00
Alvaro Muñoz	0398fbd0d7	Refactor AST layer	2024-02-05 18:04:37 +01:00
Alvaro Muñoz	b3eae71f95	fix test	2024-02-05 13:30:46 +01:00
Alvaro Muñoz	3902a55fbb	Update build test db script	2024-02-05 10:52:17 +01:00
Alvaro Muñoz	b57e6b41a3	Add testproj to gitignore	2024-02-05 10:48:53 +01:00
Alvaro Muñoz	093b1a2211	Remove test dbs	2024-02-05 10:45:52 +01:00
Alvaro Muñoz	355ccf42ee	Do not compress local flow steps Use `neverSkipPathGrap` to `any()` so no local flow steps get pruned and thrown away in order to compress the presented dataflow path.	2024-02-05 10:44:37 +01:00

1 2

52 Commits