codeql

mirror of https://github.com/github/codeql.git synced 2026-03-20 22:46:47 +01:00

Author	SHA1	Message	Date
jorgectf	83f9527cc4	Add models for reusable workflows sinks	2024-04-11 11:25:54 +02:00
jorgectf	ae84303fac	Add models for composite actions sinks	2024-04-11 11:25:23 +02:00
jorgectf	5a12a2213b	Add provenance to existing models	2024-04-11 11:24:42 +02:00
Alvaro Muñoz	2651e5a673	Improve Artifact poisoning related queries	2024-04-08 12:52:10 +02:00
Alvaro Muñoz	cc16318a90	Make new trilom source compliant with new sources	2024-04-01 10:56:03 +02:00
Alvaro Muñoz	9807cf87d5	resolve conflicts	2024-04-01 10:52:46 +02:00
Alvaro Muñoz	2ed3aceddf	feat(sources): Do not take triggers into consideration	2024-03-22 13:32:29 +01:00
Alvaro Muñoz	169e57e874	Refactor queries	2024-03-15 11:10:41 +01:00
jorgectf	d26ead7c3b	Add security sinks	2024-03-14 21:52:22 +01:00
Alvaro Muñoz	9b97dbd870	Refactor ast nodes	2024-03-12 10:16:43 +01:00
Alvaro Muñoz	96246f4b74	Add Expression nodes and their corresponding locations	2024-03-07 15:35:47 +01:00
Alvaro Muñoz	d0b904a590	Fix QLpack names	2024-02-21 21:57:45 +01:00
Alvaro Muñoz	7a1369d9d0	Merge pull request #19 from GitHubSecurityLab/steps	2024-02-21 18:38:44 +01:00
Jorge	9e2be7d674	Apply suggestions from code review Co-authored-by: Alvaro Muñoz <pwntester@github.com>	2024-02-21 17:27:39 +01:00
Alvaro Muñoz	a28f8e90f0	Update ql/lib/ext/tj-actions_branch-names.model.yml	2024-02-21 16:50:33 +01:00
Jorge	3ca7adab4f	Merge branch 'master' into steps	2024-02-21 15:31:42 +01:00
jorgectf	e1d6c7dac4	Add some steps	2024-02-21 15:29:27 +01:00
Alvaro Muñoz	ea29a09fd7	feat(triggers): New query for critical issues Adds a new query and the required changes to be able to account for the trigger events so that we dont report issues if they are not likely exploitable.	2024-02-21 10:56:17 +01:00
Alvaro Muñoz	010d7df71d	feat(reusable-workflow-models): Reusable workflow MaD Add support to define sources/sinks/summaries for Reusable Workflows as MaD entries.	2024-02-20 11:58:54 +01:00
Alvaro Muñoz	5d1264d3a4	feat(action): update references to qlpacks	2024-02-16 12:56:06 +01:00
Alvaro Muñoz	ebaac5f5cb	fix: enforce input,output,env prefixes in MaD	2024-02-14 14:03:11 +01:00
jorgectf	29b3d6c9ef	Prefix sources with `output.`	2024-02-13 15:00:53 +01:00
jorgectf	6627a858e3	Suffix with `.model`	2024-02-13 13:24:25 +01:00
jorgectf	fa91837f63	Trim yaml	2024-02-13 13:22:18 +01:00
jorgectf	68901e252c	Add some changed-files sources	2024-02-13 13:18:52 +01:00
Alvaro Muñoz	4f0b66ea03	Refactor MaD semantics	2024-02-12 13:47:44 +01:00
Alvaro Muñoz	2eaca7e826	Add support for external definitions	2024-02-09 22:55:10 +01:00

27 Commits