mirror of
https://github.com/openclaw/openclaw.git
synced 2026-05-06 06:50:43 +00:00
58 lines
1.3 KiB
YAML
58 lines
1.3 KiB
YAML
name: openclaw-codeql-javascript-typescript-critical-security
|
|
|
|
disable-default-queries: true
|
|
|
|
queries:
|
|
- uses: security-extended
|
|
|
|
query-filters:
|
|
- include:
|
|
precision:
|
|
- high
|
|
- very-high
|
|
- exclude:
|
|
problem.severity:
|
|
- recommendation
|
|
- warning
|
|
|
|
paths:
|
|
- src/agents/*auth*.ts
|
|
- src/agents/**/*auth*.ts
|
|
- src/agents/auth-health*.ts
|
|
- src/agents/auth-profiles
|
|
- src/agents/bash-tools.exec-host-shared.ts
|
|
- src/agents/sandbox
|
|
- src/agents/sandbox.ts
|
|
- src/agents/sandbox-*.ts
|
|
- src/config/*secret*.ts
|
|
- src/config/**/*secret*.ts
|
|
- src/cron/service/jobs.ts
|
|
- src/cron/stagger.ts
|
|
- src/gateway/*auth*.ts
|
|
- src/gateway/**/*auth*.ts
|
|
- src/gateway/*secret*.ts
|
|
- src/gateway/**/*secret*.ts
|
|
- src/gateway/protocol/**/*secret*.ts
|
|
- src/gateway/resolve-configured-secret-input-string*.ts
|
|
- src/gateway/security-path*.ts
|
|
- src/gateway/server-methods/secrets*.ts
|
|
- src/infra/secret-file*.ts
|
|
- src/secrets
|
|
- src/security
|
|
|
|
paths-ignore:
|
|
- "**/node_modules"
|
|
- "**/coverage"
|
|
- "**/*.generated.ts"
|
|
- "**/*.bundle.js"
|
|
- "**/*-runtime.js"
|
|
- "**/*.test.ts"
|
|
- "**/*.test.tsx"
|
|
- "**/*.e2e.test.ts"
|
|
- "**/*.e2e.test.tsx"
|
|
- "**/*test-support*"
|
|
- "**/*test-helper*"
|
|
- "**/*mock*"
|
|
- "**/*fixture*"
|
|
- "**/*bench*"
|