CodeQL library for GitHub Actions
codeql/actions-all 0.4.27-dev (changelog, source)
Index
Search

Module FlowSteps

Provides classes representing various flow steps for taint tracking.

Import path

import codeql.actions.dataflow.FlowSteps

Predicates

commandToEnvStoreStep

A command whose output gets assigned to an environment variable or step output. - run: | echo “foo=$(cmd)” >> “$GITHUB_ENV” - run: | foo=$(<cmd)" echo “bar=${foo}” >> “$GITHUB_ENV”

commandToOutputStoreStep

A command whose output gets assigned to an environment variable or step output. - run: | echo “foo=$(cmd)” >> “$GITHUB_OUTPUT” - run: | foo=$(<cmd)" echo “bar=${foo}” >> “$GITHUB_OUTPUT”

envToEnvStoreStep
envToOutputStoreStep

Holds if a Run step declares an environment variable, uses it in its script and sets an output in its script. e.g. - name: Extract and Clean Initial URL id: extract-url env: BODY: ${{ github.event.comment.body }} run: | echo “::set-output name=foo::$BODY” echo “foo=$(echo $BODY)” >> $GITHUB_OUTPUT echo “foo=$(echo $BODY)” >> “$GITHUB_OUTPUT” echo “::set-output name=step-output::$BODY”