codeql icon indicating copy to clipboard operation
codeql copied to clipboard

Published 20 hours ago verified publisher icon github

JS: Remove legacy actions queries

Open asgerf opened this issue 4 months ago • 1 comments
trafficstars

Removes three queries from the JS qlpack, which have been superseded by newer queries that are part of the Actions qlpack:

  • js/actions/pull-request-target has been superseded by actions/untrusted-checkout/{medium,high,critical}
  • js/actions/actions-artifact-leak has been supersded by actions/secrets-in-artifacts
  • js/actions/command-injection has been superseded by actions/command-injection/{medium,critical}

asgerf avatar Jun 23 '25 12:06 asgerf

QHelp previews:

github-actions[bot] avatar Jun 23 '25 12:06 github-actions[bot]