Consultas do GitHub Actions para análise CodeQL

CodeQL includes many queries for analyzing workflows used by GitHub Actions. All queries in the default query suite are run by default. If you choose to use the security-extended query suite, additional queries are run. For more information, see CodeQL query suites.

Built-in queries for workflow analysis

This table lists the queries available with the latest release of the CodeQL action and CodeQL CLI. For more information, see CodeQL change logs in the CodeQL documentation site.

Observação

The initial release of GitHub Enterprise Server 3.18 included CodeQL action and CodeQL CLI 2.21.4, which may not include all of these queries. Your site administrator can update your CodeQL version to a newer release. For more information, see Configuring code scanning for your appliance.

Query name	Related CWEs	Default	Extended	Copilot Autofix
Artifact poisoning	829
Cache Poisoning via caching of untrusted files	349
Cache Poisoning via execution of untrusted code	349
Cache Poisoning via low-privileged code injection	349, 094
Checkout of untrusted code in a privileged context	829
Checkout of untrusted code in trusted context	829
Code injection	094, 095, 116
Environment variable built from user-controlled sources	077, 020
Excessive Secrets Exposure	312
Improper Access Control	285
PATH environment variable built from user-controlled sources	077, 020
Storage of sensitive information in GitHub Actions artifact	312
Unmasked Secret Exposure	312
Untrusted Checkout TOCTOU	367
Untrusted Checkout TOCTOU	367
Use of a known vulnerable action	1395
Workflow does not contain permissions	275
Artifact poisoning	829
Checkout of untrusted code in trusted context	829
Code injection	094, 095, 116
Environment variable built from user-controlled sources	077, 020
PATH environment variable built from user-controlled sources	077, 020
Unpinned tag for a non-immutable Action in workflow	829

Quem pode usar esse recurso?

Built-in queries for workflow analysis