github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-28 10:10:17 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,216 Commits 297 Branches 500 Tags
codeql-bundle-20220211
Commit Graph

10 Commits

Author SHA1 Message Date
Robert
61b561867b Update unguarded-action-lib.ql 2021-06-02 16:51:30 +01:00
Andrew Eisenberg
4164096c0d Use the version from package.json in the runner 
Update the ql queries to account for change in how we look for runner

Previously, we guarded blocks of code to be run by the runner or the
action using if statements like this:

```js
if (mode === "actions") ...
```

We are no longer doing this. And now, the `unguarded-action-lib.ql`
query is out of date. This query checks that runner code does not
unintentionally access actions-only methods in the libraries.

With these changes, we now ensure that code scanning is happy.
 2021-05-31 09:34:41 -07:00
Robert
8207018b75 make query more robust 2021-04-23 10:01:28 +01:00
Robert
8c91ba83e2 Introduce our own toolcache implementation for use by the runnner 2021-04-22 15:31:15 +01:00
Robert
378f30f95d call setupActionsVars in the tests too 2021-03-16 13:43:28 +00:00
Robert
d698cb3d2b Make unguarded-action-lib better at ignoring uses of toolcache 2021-03-16 13:14:17 +00:00
Robert Brignull
b4d142e980 whitelist @actions/exec/lib/toolrunner 2020-09-01 14:44:38 +01:00
Robert Brignull
217483dfd6 Convert rest of the actions 2020-08-26 16:20:36 +01:00
Robert Brignull
09677dada5 rename CLI to runner 2020-08-25 17:44:30 +01:00
Robert Brignull
f92a68048c add query to detect use of actions libs 2020-08-17 12:32:22 +01:00