Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Flag up functionality that may not exist in default setup workflows #1678

Merged
merged 9 commits into from May 31, 2023
Merged

Flag up functionality that may not exist in default setup workflows #1678

merged 9 commits into from May 31, 2023

Conversation

henrymercer
Copy link
Contributor

@henrymercer henrymercer commented May 12, 2023
edited

This PR adds two internal CodeQL queries to identify environment variables and Actions context variables that may not work with default setup.

While we're here, we switch libraryPathDependencies to dependencies and modify the "Inconsistent Action inputs" query to ignore internal Actions.

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Confirm the readme has been updated if necessary.
  • Confirm the changelog has been updated if necessary.

@henrymercer henrymercer changed the title Add CodeQL queries to safeguard against using functionality that may not exist in default setup workflows Flag up functionality that may not exist in default setup workflows May 30, 2023
@henrymercer henrymercer marked this pull request as ready for review May 30, 2023 21:06
@henrymercer henrymercer requested a review from a team as a code owner May 30, 2023 21:06
aeisenberg
aeisenberg reviewed May 30, 2023
View reviewed changes
Copy link
Contributor

@aeisenberg aeisenberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice. I think I understand the QL.

queries/default-setup-event-context.ql Outdated Show resolved Hide resolved
queries/default-setup-event-context.ql Outdated Show resolved Hide resolved
aeisenberg
aeisenberg approved these changes May 31, 2023
View reviewed changes
Copy link
Contributor

@aeisenberg aeisenberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

NIce.

@henrymercer henrymercer merged commit 89c4c9e into main May 31, 2023
325 checks passed
@henrymercer henrymercer deleted the henrymercer/default-setup-safeguarding branch May 31, 2023 16:33
@github-actions github-actions bot mentioned this pull request Jun 1, 2023
Merged
6 tasks
@aliscco aliscco mentioned this pull request Jun 24, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aeisenberg aeisenberg aeisenberg approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@henrymercer @aeisenberg