github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-23 15:50:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
8,341 Commits 297 Branches 500 Tags
311b632b9daa1d10f144864298c4fadb51a47c97
Commit Graph

33 Commits

Author SHA1 Message Date
Henry Mercer
b58f4471c8 Use @actions/io to locate binaries 2024-12-19 14:21:06 +00:00
Henry Mercer
a2619f68c8 Internal queries: Replace deprecated predicates 2024-01-24 12:14:58 +00:00
Paolo Tranquilli
765807bee7 Add RUNNER_ENVIRONMENT to the list of known default setup variables 2023-09-20 14:08:00 +02:00
Henry Mercer
97ce1b094a Ignore test files in env vars query 2023-08-07 17:31:09 +01:00
Henry Mercer
ba5812e64f Add ImageVersion to safe env vars for default setup 2023-08-07 17:29:12 +01:00
Henry Mercer
9632771630 Address review comments 2023-05-31 14:23:43 +01:00
Henry Mercer
d427c89ed7 Ignore internal Actions 2023-05-30 20:31:56 +01:00
Henry Mercer
125ff5530c Fix deprecation warnings 2023-05-30 20:31:40 +01:00
Henry Mercer
86ead5e019 Only flag up the deepest properties 2023-05-30 19:50:56 +01:00
Henry Mercer
eac5e24aee Downgrade query severity to warning 2023-05-16 11:06:13 +01:00
Henry Mercer
8065746a2a Add query to find context variables that may not work with default setup 2023-05-12 19:35:08 +01:00
Henry Mercer
abb267d186 Add query to identify env vars that may not work with default setup 2023-05-12 18:46:31 +01:00
Henry Mercer
9953504776 Use new packaging mechanism for internal queries 2023-05-11 18:43:36 +01:00
Henry Mercer
182342cdd7 Remove unguarded Actions library query 
It is enough to pass the checks now that we only use the runner for PR
checks.
 2022-08-24 11:50:07 +01:00
Chuan-kai Lin
70b730eb7d Add RAM and threads options to init action 2021-10-28 15:09:59 -07:00
Robert
61b561867b Update unguarded-action-lib.ql 2021-06-02 16:51:30 +01:00
Andrew Eisenberg
4164096c0d Use the version from package.json in the runner 
Update the ql queries to account for change in how we look for runner

Previously, we guarded blocks of code to be run by the runner or the
action using if statements like this:

```js
if (mode === "actions") ...
```

We are no longer doing this. And now, the `unguarded-action-lib.ql`
query is out of date. This query checks that runner code does not
unintentionally access actions-only methods in the libraries.

With these changes, we now ensure that code scanning is happy.
 2021-05-31 09:34:41 -07:00
Robert
8207018b75 make query more robust 2021-04-23 10:01:28 +01:00
Robert
8c91ba83e2 Introduce our own toolcache implementation for use by the runnner 2021-04-22 15:31:15 +01:00
Robert
378f30f95d call setupActionsVars in the tests too 2021-03-16 13:43:28 +00:00
Robert
d698cb3d2b Make unguarded-action-lib better at ignoring uses of toolcache 2021-03-16 13:14:17 +00:00
Chris Gavin
b03b9fe641 Add a query to detect binary planting vulnerabilities. 2020-11-20 11:34:33 +00:00
0xflotus
1870040fac fix: small typo in import-action-entrypoint.ql 2020-11-10 00:38:46 +01:00
Robert Brignull
090a7013dd add explanation to query 2020-09-16 11:03:19 +01:00
Robert Brignull
d88fa5cef6 Add queries 2020-09-15 18:33:37 +01:00
Robert Brignull
b4d142e980 whitelist @actions/exec/lib/toolrunner 2020-09-01 14:44:38 +01:00
Robert Brignull
217483dfd6 Convert rest of the actions 2020-08-26 16:20:36 +01:00
Robert Brignull
09677dada5 rename CLI to runner 2020-08-25 17:44:30 +01:00
Robert Brignull
f92a68048c add query to detect use of actions libs 2020-08-17 12:32:22 +01:00
Robert Brignull
c7c1aa8045 fix undeclared action inputs 2020-07-16 14:54:15 +01:00
Robert Brignull
dcd81b5847 Make use of getContainer 2020-05-04 15:16:23 +01:00
Robert
d90fca396a Create undeclared-action-input.ql 2020-05-04 14:16:59 +01:00
anaarmas
28ccc3db2d Initial commit (from f5274cbdce4ae7c9e4b937dcdf95ac70ae436d5f) 2020-04-28 17:23:37 +02:00