Commits
History for codeql-action/queries
Commits on Jun 2, 2021
-
Update unguarded-action-lib.ql
Robert authored and GitHub committedJun 2, 2021 Unverified
No user is associated with the committer email.Copy the full SHA 61b5618View commit details
Commits on May 31, 2021
-
Use the version from package.json in the runner
Update the ql queries to account for change in how we look for runner Previously, we guarded blocks of code to be run by the runner or the action using if statements like this: ```js if (mode === "actions") ... ``` We are no longer doing this. And now, the `unguarded-action-lib.ql` query is out of date. This query checks that runner code does not unintentionally access actions-only methods in the libraries. With these changes, we now ensure that code scanning is happy.
Andrew Eisenberg committedMay 31, 2021 Copy the full SHA 4164096View commit details
Commits on Apr 23, 2021
-
Robert committed
Apr 23, 2021 Unverified
No user is associated with the committer email.Copy the full SHA 8207018View commit details
Commits on Apr 22, 2021
-
Introduce our own toolcache implementation for use by the runnner
Robert committedApr 22, 2021 Copy the full SHA 8c91ba8View commit details
Commits on Mar 16, 2021
-
call setupActionsVars in the tests too
Robert committedMar 16, 2021 Copy the full SHA 378f30fView commit details -
Make unguarded-action-lib better at ignoring uses of toolcache
Robert committedMar 16, 2021 Copy the full SHA d698cb3View commit details
Commits on Nov 20, 2020
-
Add a query to detect binary planting vulnerabilities.
Chris Gavin committedNov 20, 2020 Unverified
No user is associated with the committer email.Copy the full SHA b03b9feView commit details
Commits on Nov 9, 2020
-
fix: small typo in import-action-entrypoint.ql
0xflotus authored and GitHub committedNov 9, 2020 Unverified
No user is associated with the committer email.Copy the full SHA 1870040View commit details
Commits on Sep 16, 2020
-
Robert Brignull committed
Sep 16, 2020 Unverified
No user is associated with the committer email.Copy the full SHA 090a701View commit details
Commits on Sep 15, 2020
-
Robert Brignull committed
Sep 15, 2020 Copy the full SHA d88fa5cView commit details
Commits on Sep 1, 2020
-
whitelist @actions/exec/lib/toolrunner
Robert Brignull committedSep 1, 2020 Copy the full SHA b4d142eView commit details
Commits on Aug 26, 2020
-
Robert Brignull committed
Aug 26, 2020 Copy the full SHA 217483dView commit details
Commits on Aug 25, 2020
-
Robert Brignull committed
Aug 25, 2020 Copy the full SHA 09677daView commit details
Commits on Aug 17, 2020
-
add query to detect use of actions libs
Robert Brignull committedAug 17, 2020 Copy the full SHA f92a680View commit details
Commits on Jul 16, 2020
-
Robert Brignull committed
Jul 16, 2020 Unverified
No user is associated with the committer email.Copy the full SHA c7c1aa8View commit details
Commits on May 4, 2020
-
Robert Brignull committed
May 4, 2020 Copy the full SHA dcd81b5View commit details -
Create undeclared-action-input.ql
Robert authored and Robert Brignull committedMay 4, 2020 Copy the full SHA d90fca3View commit details
Commits on Apr 28, 2020
-
Initial commit (from f5274cbdce4ae7c9e4b937dcdf95ac70ae436d5f)
anaarmas committedApr 28, 2020 Unverified
No user is associated with the committer email.Copy the full SHA 28ccc3dView commit details
End of commit history for this file