CodeQL library for GitHub Actions
codeql/actions-all 0.4.27-dev (changelog, source)
Index
Search

Module ArtifactPoisoningQuery

Import path

import codeql.actions.security.ArtifactPoisoningQuery

Imports

ControlChecks
DataFlow

Provides classes for performing local (intra-procedural) and global (inter-procedural) data flow analyses.

FlowSources
PoisonableSteps
UntrustedCheckoutQuery
actions

Predicates

getRelevantEventInPrivilegedContext

Gets the event that is relevant for the given node in the context of artifact poisoning.

unzipDirArgRegexp
unzipRegexp

Classes

ActionsGitHubScriptDownloadStep
ArtifactPoisoningSink
DirectArtifactDownloadStep
DownloadArtifactActionStep
GHRunArtifactDownloadStep
GitHubDownloadArtifactActionStep
LegitLabsDownloadArtifactActionStep
UntrustedArtifactDownloadStep

Aliases

ArtifactPoisoningFlow

Tracks flow of unsafe artifacts that is used in an insecure way.