CodeQL library for GitHub Actions
codeql/actions-all 0.4.27-dev (changelog, source)
Index
Search

Module ExternalFlow

Import path

import codeql.actions.dataflow.ExternalFlow

Predicates

actionsSinkModel

MaD sinks Fields: - action: Fully-qualified action name (NWO) - version: Either ‘*’ or a specific SHA/Tag - input: sink node (prefixed with either env. or input.) - kind: sink kind - provenance: verification of the model

actionsSourceModel

MaD sources Fields: - action: Fully-qualified action name (NWO) - version: Either ‘*’ or a specific SHA/Tag - output arg: To node (prefixed with either env. or output.) - provenance: verification of the model

actionsSummaryModel

MaD summaries Fields: - action: Fully-qualified action name (NWO) - version: Either ‘*’ or a specific SHA/Tag - input arg: From node (prefixed with either env. or input.) - output arg: To node (prefixed with either env. or output.) - kind: Either ‘Taint’ or ‘Value’ - provenance: verification of the model

madSink

Holds if sink is a MaD-defined sink for a given taint kind.

madSource

Holds if source.fieldName is a MaD-defined source of a given taint kind.

madStoreStep

Holds if the data flow from pred to succ is a MaD store step.