From bf015f2cb891c949ea9f426fcb18c2deab852d59 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Fri, 25 Aug 2023 14:13:06 -0700 Subject: [PATCH 1/4] MaD: 1.0.0, queries: 1.0.1 --- .github/codeql/extensions/qlpack.yml | 4 ++-- src/qlpack.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/codeql/extensions/qlpack.yml b/.github/codeql/extensions/qlpack.yml index b3e5c6c77..2109a9744 100644 --- a/.github/codeql/extensions/qlpack.yml +++ b/.github/codeql/extensions/qlpack.yml @@ -1,9 +1,9 @@ --- library: true name: advanced-security/javascript-sap-ui5-extensions -version: 0.0.1 +version: 1.0.0 extensionTargets: codeql/javascript-all: "*" codeql/javascript-queries: "*" dataExtensions: - - ui5-data-extensions.yml \ No newline at end of file + - ui5-data-extensions.yml diff --git a/src/qlpack.yml b/src/qlpack.yml index d67bd714c..bcdd4a9a7 100644 --- a/src/qlpack.yml +++ b/src/qlpack.yml @@ -1,7 +1,7 @@ --- library: true name: advanced-security/javascript-sap-ui5-queries -version: 0.0.1 +version: 1.0.1 extractor: javascript dependencies: codeql/javascript-all: "^0.6.3" From a513710544684140d46779971ee8ed0474e71195 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Tue, 29 Aug 2023 16:29:05 -0700 Subject: [PATCH 2/4] Fix semvers and set up suite --- .github/codeql/extensions/qlpack.yml | 6 +++--- src/codeql-suites/javascript-sap-ui5.qls | 6 ++++++ src/qlpack.yml | 5 ++++- 3 files changed, 13 insertions(+), 4 deletions(-) create mode 100644 src/codeql-suites/javascript-sap-ui5.qls diff --git a/.github/codeql/extensions/qlpack.yml b/.github/codeql/extensions/qlpack.yml index 2109a9744..4c967b2fa 100644 --- a/.github/codeql/extensions/qlpack.yml +++ b/.github/codeql/extensions/qlpack.yml @@ -1,9 +1,9 @@ --- library: true name: advanced-security/javascript-sap-ui5-extensions -version: 1.0.0 +version: 0.1.0 extensionTargets: - codeql/javascript-all: "*" - codeql/javascript-queries: "*" + codeql/javascript-all: "^0.6.3" + codeql/javascript-queries: "^0.6.3" dataExtensions: - ui5-data-extensions.yml diff --git a/src/codeql-suites/javascript-sap-ui5.qls b/src/codeql-suites/javascript-sap-ui5.qls new file mode 100644 index 000000000..71acf944a --- /dev/null +++ b/src/codeql-suites/javascript-sap-ui5.qls @@ -0,0 +1,6 @@ +- qlpack: advanced-security/javascript-sap-ui5-queries +- exclude: + id: + - js/log-injection + - js/missing-x-frame-options + - js/xss diff --git a/src/qlpack.yml b/src/qlpack.yml index bcdd4a9a7..9174d9eba 100644 --- a/src/qlpack.yml +++ b/src/qlpack.yml @@ -1,7 +1,10 @@ --- library: true name: advanced-security/javascript-sap-ui5-queries -version: 1.0.1 +version: 0.1.0 +suites: codeql-suites extractor: javascript +defaultSuiteFile: codeql-suites/javascript-sap-ui5.qls dependencies: codeql/javascript-all: "^0.6.3" + advanced-security/javascript-sap-ui5-extensions: "^0.0.1" From 8fee346e6349b00efe1a54f9b0fcce7d8666ece6 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 30 Aug 2023 10:41:12 -0700 Subject: [PATCH 3/4] Fix dependencies version --- src/qlpack.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/qlpack.yml b/src/qlpack.yml index 9174d9eba..5b59b84cc 100644 --- a/src/qlpack.yml +++ b/src/qlpack.yml @@ -7,4 +7,4 @@ extractor: javascript defaultSuiteFile: codeql-suites/javascript-sap-ui5.qls dependencies: codeql/javascript-all: "^0.6.3" - advanced-security/javascript-sap-ui5-extensions: "^0.0.1" + advanced-security/javascript-sap-ui5-extensions: "^0.1.0" From a7029c0a321afd58169201b40cac34c45a125820 Mon Sep 17 00:00:00 2001 From: Jeongsoo Lee Date: Wed, 30 Aug 2023 11:09:04 -0700 Subject: [PATCH 4/4] Don't exclude these As they are not included in the first place --- src/codeql-suites/javascript-sap-ui5.qls | 5 ----- 1 file changed, 5 deletions(-) diff --git a/src/codeql-suites/javascript-sap-ui5.qls b/src/codeql-suites/javascript-sap-ui5.qls index 71acf944a..c63820839 100644 --- a/src/codeql-suites/javascript-sap-ui5.qls +++ b/src/codeql-suites/javascript-sap-ui5.qls @@ -1,6 +1 @@ - qlpack: advanced-security/javascript-sap-ui5-queries -- exclude: - id: - - js/log-injection - - js/missing-x-frame-options - - js/xss