github/codeql-action
0
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2026-04-02 17:52:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

add explanation to query

Browse Source
This commit is contained in:
Robert Brignull
2020-09-16 11:03:19 +01:00
parent 4c4114f2d8
commit 090a7013dd
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
queries/required-action-input.ql
View File

@@ -87,6 +87,10 @@ class CoreGetInputMethodCallExpr extends MethodCallExpr {
from ActionDeclaration action, CoreGetInputMethodCallExpr getInputCall, string inputName, string alternateFunction
where action.getAnInput() = inputName
// We don't want to create an alert for the users core.getInput in the getRequiredInput
// and getOptionalInput functions themselves, and this check here does that in a
// roundabout way by checking the parameter is a string literal. This should be enough
// and hopefully won't discount any real calls to core.getInput, but is worth noting here.
and getInputCall.getInputName() = inputName
and ((action.inputAlwaysHasValue(inputName) and alternateFunction = "getRequiredInput")
or (not action.inputAlwaysHasValue(inputName) and alternateFunction = "geOptionalInput"))