hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-04 18:20:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
777 Commits 1,673 Branches 157 Tags
ebd45ace50d3daef7b0457dfdfe868b2d5d64d60
Commit Graph

92 Commits

Author SHA1 Message Date
Alvaro Muñoz
ebd45ace50 feat: add source model for peter-murra/issue-forms-body-parser 2024-10-31 10:59:05 +01:00
Alvaro Muñoz
792e8555af fix: remove context 2 events mappings 
client_paylaod (dispatch), commits (push), head_commit (push) and
merge_group are not under external attacker control so remove them
 2024-10-28 11:56:59 +01:00
Alvaro Muñoz
b6a26e76d4 New azure models 2024-10-23 22:03:11 +02:00
Alvaro Muñoz
fef37b6025 Remove pull_request from context event map so that accesss to github.event.pull_request are not considered a source for pull_request triggers 2024-10-23 12:15:26 +02:00
Alvaro Muñoz
a057b9dd44 Add poisonable step for azure/powershell 2024-10-23 09:39:34 +02:00
Alvaro Muñoz
02c5f74f20 New gh CLI sources 2024-10-22 14:57:59 +02:00
Alvaro Muñoz
da10ee74d3 Add workflow_dispatch and scheduled to the list of privileged and external (user interaction) events 2024-10-22 11:18:42 +02:00
Alvaro Muñoz
229d42b515 Add sonar-scanner-action as a poisonable step 2024-10-21 11:05:06 +02:00
Alvaro Muñoz
b49cd3b916 Better handling of EnvVar Injection and Argument Injection 2024-10-16 08:48:32 +02:00
Alvaro Muñoz
1e749ae6d5 Add new poisonable step 2024-10-11 12:20:39 +02:00
Alvaro Muñoz
d558ff80c3 New Command sources for git and GITHUB_EVENT_PATH 2024-10-11 12:20:03 +02:00
Alvaro Muñoz
8052696836 Add new Poisonable step for bun 2024-10-02 12:34:10 +02:00
Alvaro Muñoz
c58246363e Add new Argument Injection sinks 2024-10-02 12:34:01 +02:00
Alvaro Muñoz
4b74adec4b Account for branches filter as a way to prevent workflow_run to trigger on PRs from forks 2024-10-02 12:31:59 +02:00
Alvaro Muñoz
010ad359d7 Add new sources and summary steps 2024-09-27 10:28:44 +02:00
Alvaro Muñoz
16f1a53584 Add new sources for github.event.changes 2024-09-25 18:21:54 +02:00
Alvaro Muñoz
4f075f3f36 feat: Improve sanitizer checks 2024-09-19 13:38:08 +02:00
Alvaro Muñoz
b199fdc3e2 Add new models for file listing actions 2024-09-11 10:25:10 +02:00
Alvaro Muñoz
0990774302 feat(poisonable_steps): Add python -m pip install 2024-08-05 18:53:53 +02:00
Alvaro Muñoz
6cfec0d245 feat(queries): Improve Use Of Vulnerable Actions query 
Move all info to a MaD config file so its easier to mantain
Add other vulnerable actions
 2024-08-01 11:37:00 +02:00
Alvaro Muñoz
eaf034e8cb feat(config): Add pipx as poisonable step 2024-07-25 11:09:02 +02:00
Alvaro Muñoz
da28f7dc0a feat(config): add asv to poisonable steps list 2024-07-24 15:56:47 +02:00
Alvaro Muñoz
f623f73f16 feat(models): Add dotenv models 
Envvar-injection sinks
 2024-07-12 12:43:25 +02:00
Alvaro Muñoz
8289bf97b9 feat(models): Add support for artifact to step output 2024-07-12 11:10:01 +02:00
Alvaro Muñoz
29d2b287c9 tests: Organize tests 2024-07-12 10:14:39 +02:00
Alvaro Muñoz
89024ad604 fix(models): Reuse command delimiter regexps 2024-07-11 22:58:20 +02:00
Alvaro Muñoz
eb66114d8b feat(models): New ArgInj sink 2024-07-11 11:35:44 +02:00
Alvaro Muñoz
adbb236465 fix(query): Better identification of argument injection commands 2024-07-11 10:45:49 +02:00
Alvaro Muñoz
732f0dc29f feat(queries): Argument Injection 
Make argument injection sinks congigurable with MaD
 2024-07-11 10:04:43 +02:00
Alvaro Muñoz
73c77bc93b Initial implementation 
Pending work: complete the regular expression
 2024-07-11 10:04:43 +02:00
Alvaro Muñoz
f4dd771d1c feat(models): Add models for ssh-action 2024-07-10 11:49:18 +02:00
Alvaro Muñoz
8231261ccf New poisonable steps 2024-07-09 17:28:04 +02:00
Alvaro Muñoz
ee265c4879 fix(models): Slash-command-action 
Do not consider slash-command-action command-arguments as a remote flow source if it requires write or admin permissions
 2024-07-08 22:38:53 +02:00
Alvaro Muñoz
a2af3c654b Account for all npm and pnpm subcommands 
Exclude args such as `npm -v`
 2024-07-08 20:46:29 +02:00
Alvaro Muñoz
1657af60df Model get-workflow-origin action 2024-07-08 12:59:36 +02:00
Alvaro Muñoz
e5064f8090 Improve poisonable steps 2024-07-05 18:16:50 +02:00
Alvaro Muñoz
45d51a4d00 Add more poisonable steps 2024-07-02 23:29:53 +02:00
Alvaro Muñoz
a485528ebe Refactor bash script parsing to improve coverage of env var injection 2024-06-28 12:31:43 +02:00
Alvaro Muñoz
c57e4929cb New code injection sink 2024-06-27 17:32:21 +02:00
Alvaro Muñoz
31fe5952dc New poisonable steps 2024-06-27 17:32:03 +02:00
Alvaro Muñoz
04c4cedb41 New code injection sink 2024-06-27 17:26:04 +02:00
Alvaro Muñoz
682236e432 New poisonable steps 2024-06-27 17:25:55 +02:00
Alvaro Muñoz
d998373162 Move event sources to config files 2024-06-27 17:08:40 +02:00
Alvaro Muñoz
61797e9180 Add pull_request-comment-branch head_ref as a source 2024-06-25 13:27:08 +02:00
Alvaro Muñoz
fc8173239e Move configuration to MaD files 2024-06-25 09:47:43 +02:00
Alvaro Muñoz
4619128c11 Move from githubsecuritylab packages to github 2024-06-20 09:50:36 +02:00
Alvaro Muñoz
ad1f35c86a Move from yaml to js extractor 2024-06-11 21:24:22 +02:00
Alvaro Muñoz
313acfcac2 Add externally triggereable data model and predicates 2024-05-21 23:00:40 +02:00
Alvaro Muñoz
f325d40a22 Ensure event sources are available for triggering events 2024-05-16 15:55:12 +02:00
Jaroslav Lobačevski
1a4939a13b Apply suggestions from code review 
Co-authored-by: Alvaro Muñoz <pwntester@github.com>
 2024-05-15 16:19:58 +02:00