Fix expression always true query

Alvaro Muñoz · Alvaro Muñoz · commit 46d2bb24e52c · 2024-04-20T22:57:22.000+02:00
diff --git a/ql/lib/qlpack.yml b/ql/lib/qlpack.yml
@@ -2,7 +2,7 @@
 library: true
 warnOnImplicitThis: true
 name: githubsecuritylab/actions-all
-version: 0.0.12
+version: 0.0.13
 dependencies:
   codeql/util: ^0.2.0
   codeql/yaml: ^0.1.2
diff --git a/ql/src/Security/CWE-571/ExpressionIsAlwaysTrue.ql b/ql/src/Security/CWE-571/ExpressionIsAlwaysTrue.ql
@@ -15,6 +15,7 @@ import actions
 
 from If i
 where
+  i.getCondition().matches("%${{%") and
   i.getConditionStyle() = ["|", ">"]
   or
   i.getCondition().matches("%${{%") and
diff --git a/ql/src/qlpack.yml b/ql/src/qlpack.yml
@@ -1,7 +1,7 @@
 ---
 library: false
 name: githubsecuritylab/actions-queries
-version: 0.0.12
+version: 0.0.13
 groups:
   - actions
   - queries
