Move data extensions to use codeql org

Author: Dave Bartolomeo

ql/lib/codeql-pack.lock.yml

@@ -2,15 +2,25 @@
 lockVersion: 1.0.0
 dependencies:
   codeql/controlflow:
-    version: 1.0.1
+    version: 1.0.10
   codeql/dataflow:
-    version: 1.0.1
+    version: 1.1.4
+  codeql/javascript-all:
+    version: 2.0.2
+  codeql/mad:
+    version: 1.0.10
+  codeql/regex:
+    version: 1.0.10
   codeql/ssa:
-    version: 1.0.1
+    version: 1.0.10
+  codeql/tutorial:
+    version: 1.0.10
   codeql/typetracking:
-    version: 1.0.1
+    version: 1.0.10
   codeql/util:
-    version: 1.0.1
+    version: 1.0.10
+  codeql/xml:
+    version: 1.0.10
   codeql/yaml:
-    version: 1.0.1
+    version: 1.0.10
 compiled: false

ql/lib/ext/config/argument_injection_sinks.yml

@@ -1,6 +1,6 @@
 extensions:
   - addsTo:
-      pack: github/actions-all
+      pack: codeql/actions-all
       extensible: argumentInjectionSinksDataModel
     # https://gtfobins.github.io/
     # https://0xn3va.gitbook.io/cheat-sheets/web-application/command-injection/argument-injection

ql/lib/ext/config/context_event_map.yml

@@ -1,6 +1,6 @@
 extensions:
   - addsTo:
-      pack: github/actions-all
+      pack: codeql/actions-all
       extensible: contextTriggerDataModel 
     data:
       - ["commit_comment", "github.event.comment"] 

ql/lib/ext/config/externally_triggereable_events.yml

@@ -1,6 +1,6 @@
 extensions:
   - addsTo:
-      pack: github/actions-all
+      pack: codeql/actions-all
       extensible: externallyTriggerableEventsDataModel
     data:
       - ["discussion"]

ql/lib/ext/config/poisonable_steps.yml

@@ -1,6 +1,6 @@
 extensions:
   - addsTo:
-      pack: github/actions-all
+      pack: codeql/actions-all
       extensible: poisonableActionsDataModel
     # source: https://boostsecurityio.github.io/lotp/
     data:
@@ -13,7 +13,7 @@ extensions:
       - ["qcastel/github-actions-maven/actions/maven"]
       - ["sonarsource/sonarcloud-github-action"]
   - addsTo:
-      pack: github/actions-all
+      pack: codeql/actions-all
       extensible: poisonableCommandsDataModel
     # source: https://boostsecurityio.github.io/lotp/
     data:
@@ -61,7 +61,7 @@ extensions:
       - ["yarn"]
       - ["webpack"]
   - addsTo:
-      pack: github/actions-all
+      pack: codeql/actions-all
       extensible: poisonableLocalScriptsDataModel
     data:
       # TODO: It could also be in the form of `dir/cmd`

ql/lib/ext/config/untrusted_event_properties.yml

@@ -1,6 +1,6 @@
 extensions:
   - addsTo:
-      pack: github/actions-all
+      pack: codeql/actions-all
       extensible: untrustedEventPropertiesDataModel 
     data:
       # TITLE

ql/lib/ext/config/untrusted_gh_command.yml

@@ -1,6 +1,6 @@
 extensions:
   - addsTo:
-      pack: github/actions-all
+      pack: codeql/actions-all
       extensible: untrustedGhCommandDataModel 
     data:
       #

ql/lib/ext/config/untrusted_git_command.yml

@@ -1,6 +1,6 @@
 extensions:
   - addsTo:
-      pack: github/actions-all
+      pack: codeql/actions-all
       extensible: untrustedGitCommandDataModel 
     data:
       # FILES=$(git diff-tree --no-commit-id --name-only HEAD -r)

ql/lib/ext/config/vulnerable_actions.yml

@@ -1,6 +1,6 @@
 extensions:
   - addsTo:
-      pack: github/actions-all
+      pack: codeql/actions-all
       extensible: vulnerableActionsDataModel
     data:
 

ql/lib/ext/config/workflow_runtime_data.yml

@@ -1,9 +1,9 @@
 extensions:
   - addsTo:
-      pack: github/actions-all
+      pack: codeql/actions-all
       extensible: repositoryDataModel
     data: []
   - addsTo:
-      pack: github/actions-all
+      pack: codeql/actions-all
       extensible: workflowDataModel
     data: []