Module ConfigExtensions
This module provides extensible predicates for defining MaD models.
Import path
import codeql.actions.config.ConfigExtensions
Predicates
actionsPermissionsDataModel | Holds if |
argumentInjectionSinksDataModel | Holds for arguments to commands that execute the given argument |
contextTriggerDataModel | Holds if a context expression starting with context_prefix is available for a given trigger. |
externallyTriggerableEventsDataModel | Holds if a given trigger event can be fired by an external actor. |
immutableActionsDataModel | Holds for actions that are known to be immutable. |
poisonableActionsDataModel | Holds for actions that can be poisoned through local files. |
poisonableCommandsDataModel | Holds for strings that match poisonable commands. |
poisonableLocalScriptsDataModel | Holds for strings that match poisonable local scripts. |
repositoryDataModel | Holds if repository data model exists for the given parameters. |
trustedActionsOwnerDataModel | Holds for trusted Actions owners. |
untrustedEventPropertiesDataModel | Holds for event properties that can be user-controlled. |
untrustedGhCommandDataModel | Holds for gh commands that may introduce untrusted data |
untrustedGitCommandDataModel | Holds for git commands that may introduce untrusted data when called on an attacker controlled branch. |
vulnerableActionsDataModel | Holds for actions that are known to be vulnerable. |
workflowDataModel | Holds if workflow data model exists for the given parameters. |