hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-20 22:46:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
221 Commits 1,712 Branches 163 Tags
ed70ef03078077d943baebd2e4480db9b6830b17
Commit Graph

141 Commits

Author SHA1 Message Date
Alvaro Muñoz
ed70ef0307 Make Artifact poisoning query a path problem 2024-04-11 15:46:49 +02:00
Alvaro Muñoz
b761565dcf Merge branch 'master' of https://github.com/GitHubSecurityLab/codeql-actions 2024-04-11 15:18:19 +02:00
Alvaro Muñoz
1b2e02df64 Add support for multiline assigments 2024-04-11 15:18:09 +02:00
Alvaro Muñoz
4f0ec73307 Merge pull request #46 from GitHubSecurityLab/ca-rw-sinks 
Add models for composite actions and reusable workflows sinks
 2024-04-11 12:02:01 +02:00
jorgectf
6c245605a7 Discard already-modeled sinks 2024-04-11 11:26:45 +02:00
jorgectf
83f9527cc4 Add models for reusable workflows sinks 2024-04-11 11:25:54 +02:00
jorgectf
ae84303fac Add models for composite actions sinks 2024-04-11 11:25:23 +02:00
jorgectf
5a12a2213b Add provenance to existing models 2024-04-11 11:24:42 +02:00
jorgectf
c373238fa6 Add subfolders to dataExtensions 2024-04-11 11:23:53 +02:00
jorgectf
c56f220b13 Add provenance field 2024-04-11 11:23:28 +02:00
jorgectf
a817a22cc7 Remove redundant import 2024-04-11 11:22:36 +02:00
Alvaro Muñoz
8d2b8be133 Add github.event as a source 2024-04-10 22:32:49 +02:00
Alvaro Muñoz
5968da87bb Bump qlpack versions 2024-04-08 18:53:39 +02:00
Alvaro Muñoz
58b21d4684 Improve assignments to GITHUB ENVARS detection 2024-04-08 18:52:13 +02:00
Alvaro Muñoz
ae5b8bc0ac Bump qlpack versions 2024-04-08 17:12:45 +02:00
Alvaro Muñoz
31a1ea9593 Improve envvar injection 2024-04-08 17:12:00 +02:00
Alvaro Muñoz
45a51a9f74 Bump qlpack versions 2024-04-08 12:55:24 +02:00
Alvaro Muñoz
56d2d8ec10 Update test results 2024-04-08 12:54:30 +02:00
Alvaro Muñoz
2651e5a673 Improve Artifact poisoning related queries 2024-04-08 12:52:10 +02:00
Alvaro Muñoz
3209378f45 Remove TODO 2024-04-05 14:25:25 +02:00
Alvaro Muñoz
28ccf4fa68 Improve Artifact Poisoning query 2024-04-05 09:18:01 +02:00
Alvaro Muñoz
ce5928c6ba Bump qlpack versions 2024-04-03 15:43:43 +02:00
Alvaro Muñoz
f7ddd8b769 Include problem queries in actions-all suite 2024-04-03 15:39:50 +02:00
Alvaro Muñoz
2988bc8885 Centralize isPrivileged decisions 2024-04-03 15:39:00 +02:00
Alvaro Muñoz
119c7b8158 Bump qlpack versions 2024-04-03 11:41:42 +02:00
Alvaro Muñoz
9c90db3f83 Merge pull request #41 from GitHubSecurityLab/env_injection 
New Artifact Poisoning and EnvVar Injection queries
 2024-04-03 11:39:56 +02:00
Alvaro Muñoz
a2bbf704ee fix: triggering events for artifact poisoning 2024-04-03 11:39:35 +02:00
Alvaro Muñoz
2a1226c37a Add workflow_dispatch to the triggers for artifact poisoning 2024-04-02 12:54:42 +02:00
Alvaro Muñoz
152d29da38 Add Artifact poisoning and Env Injection queries 2024-04-01 18:53:37 +02:00
Alvaro Muñoz
cc16318a90 Make new trilom source compliant with new sources 2024-04-01 10:56:03 +02:00
Alvaro Muñoz
9807cf87d5 resolve conflicts 2024-04-01 10:52:46 +02:00
Alvaro Muñoz
bdfd46111f Only triggered on non-pull_request events 2024-04-01 10:51:26 +02:00
Alvaro Muñoz
822e9bcaab env var injection query 2024-03-23 21:55:54 +01:00
Alvaro Muñoz
2ed3aceddf feat(sources): Do not take triggers into consideration 2024-03-22 13:32:29 +01:00
Alvaro Muñoz
9d5b026fde Merge branch 'master' of https://github.com/GitHubSecurityLab/codeql-actions 2024-03-21 14:21:30 +01:00
Alvaro Muñoz
06747cd98b Add tests for untrusted checkouts in workflow_run triggered workflows 2024-03-21 14:19:46 +01:00
Alvaro Muñoz
9683ae35bc Add tests 2024-03-18 13:04:57 +01:00
Alvaro Muñoz
8023a527a4 fix(untrusted_co): Do not report Reusable workflows called from pull_request 2024-03-18 13:02:11 +01:00
Alvaro Muñoz
8906bd9635 Bump versions 2024-03-18 11:00:22 +01:00
Jorge
e0bbb66be4 Try to fix actions-all suite 2024-03-15 15:11:21 +01:00
Alvaro Muñoz
d9e589c6e7 Remove unnecessary boundary anchors 2024-03-15 13:58:46 +01:00
Alvaro Muñoz
6cb15f06bc fix(fn): Apply json wrappers to source regexps 2024-03-15 13:54:21 +01:00
Alvaro Muñoz
01d8d79e6d Bump versions 2024-03-15 13:34:12 +01:00
Alvaro Muñoz
169e57e874 Refactor queries 2024-03-15 11:10:41 +01:00
Alvaro Muñoz
92dbceb507 boost pack versions 2024-03-15 10:19:08 +01:00
Alvaro Muñoz
46afa9c1f3 Add new tests 2024-03-14 22:41:01 +01:00
Alvaro Muñoz
f251783c26 Apply suggestions from code review 
Co-authored-by: Jorge <46056498+jorgectf@users.noreply.github.com>
 2024-03-14 21:52:22 +01:00
Alvaro Muñoz
d21d453d1c Split queries 2024-03-14 21:52:22 +01:00
jorgectf
d26ead7c3b Add security sinks 2024-03-14 21:52:22 +01:00
Jorge
1e64b18212 Add suite that runs all queries 2024-03-14 19:09:22 +01:00