hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-08 12:10:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
470 Commits 1,680 Branches 157 Tags
e5064f80902240969b4269fa031f79cebd32bbf4
Commit Graph

470 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alvaro Muñoz
e5064f8090 Improve poisonable steps 2024-07-05 18:16:50 +02:00
Alvaro Muñoz
966a9b1652 Bump qlpack versions 2024-07-04 13:05:27 +02:00
Alvaro Muñoz
7d58beba67 Better control check support 2024-07-04 13:04:59 +02:00
Alvaro Muñoz
69db192378 Bump qlpack versions 2024-07-03 12:40:48 +02:00
Alvaro Muñoz
c70fb6e911 Consider toJson as a sanitizer for Code Injection in JS 2024-07-03 12:25:24 +02:00
Alvaro Muñoz
7e0146d634 Bump qlpack versions 2024-07-02 23:52:01 +02:00
Alvaro Muñoz
4b01cd5be4 Support flow through fromJson 2024-07-02 23:51:19 +02:00
Alvaro Muñoz
45d51a4d00 Add more poisonable steps 2024-07-02 23:29:53 +02:00
Alvaro Muñoz
1281ca8e81 Bump qlpack versions 2024-07-01 23:01:38 +02:00
Alvaro Muñoz
39bff38d70 Bump qlpack versions 2024-06-28 12:32:18 +02:00
Alvaro Muñoz
a485528ebe Refactor bash script parsing to improve coverage of env var injection 2024-06-28 12:31:43 +02:00
Alvaro Muñoz
40a6f3bbee Make EnvVar and Path injection equivalent 2024-06-27 22:53:55 +02:00
Alvaro Muñoz
a9ea9a1f8a Update expected test files 2024-06-27 22:53:32 +02:00
Alvaro Muñoz
effa1e1356 Move ControlChecks to its own file 2024-06-27 22:53:20 +02:00
Alvaro Muñoz
b64f53e03e Bump qlpack versions 2024-06-27 17:33:08 +02:00
Alvaro Muñoz
c57e4929cb New code injection sink 2024-06-27 17:32:21 +02:00
Alvaro Muñoz
31fe5952dc New poisonable steps 2024-06-27 17:32:03 +02:00
Alvaro Muñoz
04c4cedb41 New code injection sink 2024-06-27 17:26:04 +02:00
Alvaro Muñoz
682236e432 New poisonable steps 2024-06-27 17:25:55 +02:00
Alvaro Muñoz
d998373162 Move event sources to config files 2024-06-27 17:08:40 +02:00
Alvaro Muñoz
a99d293309 Bump to dataflow version 1.0.1 2024-06-27 16:33:45 +02:00
Alvaro Muñoz
fdedca394f Merge branch 'master' of https://github.com/github/codeql-actions 2024-06-27 16:10:08 +02:00
Alvaro Muñoz
4516d3df81 Bump qlpack versions 2024-06-27 16:09:49 +02:00
Alvaro Muñoz
c94b84685c Merge pull request #50 from github/fix_typo 
fix typos
 2024-06-27 11:56:03 +02:00
Alvaro Muñoz
eeba26a647 fix typos 2024-06-27 11:55:21 +02:00
Alvaro Muñoz
d11c15dc28 Bump qlpack versionsi 2024-06-27 11:07:55 +02:00
Alvaro Muñoz
5997038923 Exclude self-hosted query from CodeScanning suite 2024-06-27 11:07:02 +02:00
Alvaro Muñoz
4aba07074c Bump qlpack versionsi 2024-06-26 19:45:13 +02:00
Alvaro Muñoz
76b115deb0 Dedup Cache poisoning and Untrusted checkout 2024-06-26 19:44:44 +02:00
Alvaro Muñoz
878317ab6b Bump qlpack versions 2024-06-26 19:18:10 +02:00
Alvaro Muñoz
5cd292e23e Make Untrusted Checkout and CachePoisoning rules path-problems 2024-06-26 19:17:37 +02:00
Alvaro Muñoz
e6311966c8 Take explicit permission into account for privilege calculation 2024-06-26 16:17:07 +02:00
Alvaro Muñoz
1fd7c148a5 Bump qlpack versions 2024-06-25 13:58:25 +02:00
Alvaro Muñoz
61797e9180 Add pull_request-comment-branch head_ref as a source 2024-06-25 13:27:08 +02:00
GitHub Security Lab
795232e040 Merge pull request #47 from github/poisonable_config 
Move configuration to MaD files
 2024-06-25 09:48:06 +02:00
Alvaro Muñoz
fc8173239e Move configuration to MaD files 2024-06-25 09:47:43 +02:00
Alvaro Muñoz
24d69f2ee8 Bump qlpack versions 2024-06-24 12:45:35 +02:00
Alvaro Muñoz
b5dfda27fd Add cargo as poisonable step 2024-06-24 12:45:24 +02:00
Alvaro Muñoz
6df70d1a45 Do not consider priv events if runtime data is available 2024-06-23 21:34:30 +02:00
Alvaro Muñoz
4e94c4294c Merge pull request #46 from github/remove_scan_action 2024-06-21 15:26:21 +02:00
Alvaro Muñoz
06918b0492 Remove custom scan action 2024-06-21 09:19:37 +02:00
Alvaro Muñoz
1e4df62a39 Merge pull request #45 from github/change_packages 
Move from githubsecuritylab packages to github
 2024-06-20 09:51:17 +02:00
Alvaro Muñoz
4619128c11 Move from githubsecuritylab packages to github 2024-06-20 09:50:36 +02:00
Alvaro Muñoz
c764b39c18 Bump qlpack versions 2024-06-17 17:11:10 +02:00
Alvaro Muñoz
1fdf76ac41 Improve download artifact and untrusted checkout queries 2024-06-17 15:17:46 +02:00
Alvaro Muñoz
bdaab69d0b Do not uses globs for source-root 2024-06-13 15:09:37 +02:00
Alvaro Muñoz
6c73e3770f Merge branch 'master' of https://github.com/github/codeql-actions 2024-06-13 11:51:54 +02:00
Alvaro Muñoz
4b4901f99f Bump qlpack versions 2024-06-13 11:51:46 +02:00
Alvaro Muñoz
a84c1c4706 Minor improvemnts 2024-06-13 11:51:15 +02:00
Alvaro Muñoz
ceac1c6392 Do not scan JS files 2024-06-13 11:50:53 +02:00