Rename StepsExpression to StepOutputExpression

Author: owen-mc

actions/ql/lib/codeql/actions/Ast.qll

@@ -383,7 +383,12 @@ class GitHubExpression extends SimpleReferenceExpression instanceof GitHubExpres
 
 class SecretsExpression extends SimpleReferenceExpression instanceof SecretsExpressionImpl { }
 
-class StepsExpression extends SimpleReferenceExpression instanceof StepsExpressionImpl {
+/**
+ * DEPRECATED: Use `StepOutputExpression` instead.
+ */
+deprecated class StepsExpression = StepOutputExpression;
+
+class StepOutputExpression extends SimpleReferenceExpression instanceof StepsExpressionImpl {
   string getStepId() { result = super.getStepId() }
 }
 

actions/ql/lib/codeql/actions/dataflow/TaintSteps.qll

@@ -37,7 +37,7 @@ predicate fileDownloadToRunStep(DataFlow::Node pred, DataFlow::Node succ) {
  * A read of the _files field of the dorny/paths-filter action.
  */
 predicate dornyPathsFilterTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
-  exists(StepsExpression o |
+  exists(StepOutputExpression o |
     pred instanceof DornyPathsFilterSource and
     o.getStepId() = pred.asExpr().(UsesStep).getId() and
     o.getFieldName().matches("%_files") and
@@ -49,7 +49,7 @@ predicate dornyPathsFilterTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
  * A read of user-controlled field of the tj-actions/changed-files action.
  */
 predicate tjActionsChangedFilesTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
-  exists(StepsExpression o |
+  exists(StepOutputExpression o |
     pred instanceof TJActionsChangedFilesSource and
     o.getTarget() = pred.asExpr() and
     o.getStepId() = pred.asExpr().(UsesStep).getId() and
@@ -69,7 +69,7 @@ predicate tjActionsChangedFilesTaintStep(DataFlow::Node pred, DataFlow::Node suc
  * A read of user-controlled field of the tj-actions/verify-changed-files action.
  */
 predicate tjActionsVerifyChangedFilesTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
-  exists(StepsExpression o |
+  exists(StepOutputExpression o |
     pred instanceof TJActionsVerifyChangedFilesSource and
     o.getTarget() = pred.asExpr() and
     o.getStepId() = pred.asExpr().(UsesStep).getId() and
@@ -82,7 +82,7 @@ predicate tjActionsVerifyChangedFilesTaintStep(DataFlow::Node pred, DataFlow::No
  * A read of user-controlled field of the xt0rted/slash-command-action action.
  */
 predicate xt0rtedSlashCommandActionTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
-  exists(StepsExpression o |
+  exists(StepOutputExpression o |
     pred instanceof Xt0rtedSlashCommandSource and
     o.getTarget() = pred.asExpr() and
     o.getStepId() = pred.asExpr().(UsesStep).getId() and
@@ -95,7 +95,7 @@ predicate xt0rtedSlashCommandActionTaintStep(DataFlow::Node pred, DataFlow::Node
  * A read of user-controlled field of the zentered/issue-forms-body-parser action.
  */
 predicate zenteredIssueFormBodyParserSource(DataFlow::Node pred, DataFlow::Node succ) {
-  exists(StepsExpression o |
+  exists(StepOutputExpression o |
     pred instanceof ZenteredIssueFormBodyParserSource and
     o.getTarget() = pred.asExpr() and
     o.getStepId() = pred.asExpr().(UsesStep).getId() and
@@ -114,7 +114,7 @@ predicate zenteredIssueFormBodyParserSource(DataFlow::Node pred, DataFlow::Node
  * A read of user-controlled field of the octokit/request-action action.
  */
 predicate octokitRequestActionTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
-  exists(StepsExpression o |
+  exists(StepOutputExpression o |
     pred instanceof OctokitRequestActionSource and
     o.getTarget() = pred.asExpr() and
     o.getStepId() = pred.asExpr().(UsesStep).getId() and

actions/ql/lib/codeql/actions/dataflow/internal/DataFlowPrivate.qll

@@ -150,7 +150,7 @@ newtype TContent =
   TFieldContent(string name) {
     // We only use field flow for env, steps and jobs outputs
     // not for accessing other context fields such as matrix or inputs
-    name = any(StepsExpression a).getFieldName() or
+    name = any(StepOutputExpression a).getFieldName() or
     name = any(NeedsExpression a).getFieldName() or
     name = any(JobsExpression a).getFieldName() or
     name = any(EnvExpression a).getFieldName()
@@ -205,7 +205,7 @@ predicate parameterMatch(ParameterPosition ppos, ArgumentPosition apos) { ppos =
  * field name.
  */
 predicate stepsCtxLocalStep(Node nodeFrom, Node nodeTo) {
-  exists(Uses astFrom, StepsExpression astTo |
+  exists(Uses astFrom, StepOutputExpression astTo |
     madSource(nodeFrom, _, "output." + ["*", astTo.getFieldName()]) and
     astFrom = nodeFrom.asExpr() and
     astTo = nodeTo.asExpr() and
@@ -310,7 +310,7 @@ predicate ctxFieldReadStep(Node node1, Node node2, ContentSet c) {
   exists(SimpleReferenceExpression access |
     (
       access instanceof NeedsExpression or
-      access instanceof StepsExpression or
+      access instanceof StepOutputExpression or
       access instanceof JobsExpression or
       access instanceof EnvExpression
     ) and

actions/ql/lib/codeql/actions/security/UntrustedCheckoutQuery.qll

@@ -33,7 +33,7 @@ private module ActionsMutableRefCheckoutConfig implements DataFlow::ConfigSig {
       )
       or
       // 3rd party actions returning the PR head ref
-      exists(StepsExpression e, UsesStep step |
+      exists(StepOutputExpression e, UsesStep step |
         source.asExpr() = e and
         e.getStepId() = step.getId() and
         (
@@ -86,7 +86,7 @@ private module ActionsSHACheckoutConfig implements DataFlow::ConfigSig {
       )
       or
       // 3rd party actions returning the PR head sha
-      exists(StepsExpression e, UsesStep step |
+      exists(StepOutputExpression e, UsesStep step |
         source.asExpr() = e and
         e.getStepId() = step.getId() and
         (
@@ -243,7 +243,7 @@ class ActionsMutableRefCheckout extends MutableRefCheckoutStep instanceof UsesSt
       exists(string value, Expression expr |
         value.regexpMatch(".*(head|branch|ref).*") and expr = this.getArgumentExpr("ref")
       |
-        expr.(StepsExpression).getStepId() = value
+        expr.(StepOutputExpression).getStepId() = value
         or
         expr.(SimpleReferenceExpression).getFieldName() = value and
         not expr instanceof GitHubExpression
@@ -278,7 +278,7 @@ class ActionsSHACheckout extends SHACheckoutStep instanceof UsesStep {
       exists(string value, Expression expr |
         value.regexpMatch(".*(head|sha|commit).*") and expr = this.getArgumentExpr("ref")
       |
-        expr.(StepsExpression).getStepId() = value
+        expr.(StepOutputExpression).getStepId() = value
         or
         expr.(SimpleReferenceExpression).getFieldName() = value and
         not expr instanceof GitHubExpression