CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.8.13 (changelog, source)
Index
Search

Module Actions

Libraries for modeling GitHub Actions workflow files written in YAML. See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions.

Import path

import semmle.javascript.Actions

Predicates

getASimpleReferenceExpression

Holds if ${{ e }} is a GitHub Actions expression evaluated within this YAML string. See https://docs.github.com/en/free-pro-team@latest/actions/reference/context-and-expression-syntax-for-github-actions. Only finds simple expressions like ${{ github.event.comment.body }}, where the expression contains only alphanumeric characters, underscores, dots, or dashes. Does not identify more complicated expressions like ${{ fromJSON(env.time) }}, or ${{ format(‘{{Hello {0}!}}’, github.event.head_commit.author.name) }}

getEnvName

Extracts the ‘name’ part from env.name

Classes

CompositeAction

A custom composite action. This is a mapping at the top level of an Actions YAML action file. See https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions.

Env

A common class for env in workflow, job or step.

Job

An Actions job within a workflow. See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobs.

JobEnv

A job level env mapping.

JobIf

An if within a job. See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idif.

JobRunson

A runs-on within a job. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idruns-on.

On

An Actions On trigger within a workflow. See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#on.

Ref

A ref: field within an Actions with: specific to actions/checkout action.

Run

A run field within an Actions job step, which runs command-line programs using an operating system shell. See https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsrun.

Runs

An runs mapping in a custom composite action YAML. See https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runs

Step

A step within an Actions job. See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idsteps.

StepEnv

A step level env mapping.

StepIf

An if within a step. See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsif.

StepsContainer

The parent class of the class that can contain steps mappings. (Job or Runs currently.)

Uses

A uses field within an Actions job step, which references an action as a reusable unit of code. See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsuses.

Using

A using mapping in a custom composite action YAML.

With

A with field within an Actions job step, which references an action as a reusable unit of code. See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepswith.

Workflow

An Actions workflow. This is a mapping at the top level of an Actions YAML workflow file. See https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions.

WorkflowEnv

A workflow level env mapping.