Merge pull request #18356 from github/dbartol/actions-suites

Update suites for Actions queries

actions/ql/src/Security/CWE-829/UnversionedImmutableAction.ql

@@ -7,6 +7,7 @@
  * @id actions/unversioned-immutable-action
  * @tags security
  *       actions
+ *       internal
  *       external/cwe/cwe-829
  */
 

actions/ql/src/codeql-suites/actions-all.qls

@@ -1,4 +1,4 @@
-- description: Standard Code Scanning queries for Actions
+- description: Standard Code Scanning queries for GitHub Actions
 - queries: .
 - include:
     kind:

actions/ql/src/codeql-suites/actions-bughalla.qls

@@ -1,4 +1,4 @@
-- description: Bughalla queries for Actions
+- description: Bughalla queries for GitHub Actions
 - queries: '.'
 - exclude:
     tags contain:

actions/ql/src/codeql-suites/actions-code-scanning.qls

@@ -1,4 +1,4 @@
-- description: Standard Code Scanning queries for Actions
+- description: Standard Code Scanning queries for GitHub Actions
 - queries: '.'
 - include:
     problem.severity: 
@@ -8,4 +8,4 @@
     tags contain:
       - experimental
       - debug
-
+      - internal

actions/ql/src/codeql-suites/actions-security-and-quality.qls

@@ -1,11 +1,2 @@
-- description: Security-and-quality queries for Actions
-- queries: '.'
-- include:
-    problem.severity: 
-      - error
-      - recommendation
-- exclude:
-    tags contain:
-      - experimental
-      - debug
-
+- description: Security-and-quality queries for GitHub Actions
+- import: codeql-suites/actions-security-extended.qls

actions/ql/src/codeql-suites/actions-security-extended.qls

@@ -0,0 +1,2 @@
+- description: Security-extended queries for GitHub Actions
+- import: codeql-suites/actions-code-scanning.qls