Skip to content

Commit

Permalink
security rules: June 2024 Update
Browse files Browse the repository at this point in the history
```
@ nonfree.audit (+1, -14)
+ go.gorilla.security.audit.session-cookie-samesitenone.session-cookie-samesitenone
- generic.secrets.security.detected-github-token.detected-github-token
- generic.secrets.security.detected-google-gcm-service-account.detected-google-gcm-service-account
- generic.secrets.security.detected-google-oauth-access-token.detected-google-oauth-access-token
- generic.secrets.security.detected-heroku-api-key.detected-heroku-api-key
- generic.secrets.security.detected-hockeyapp.detected-hockeyapp
- generic.secrets.security.detected-jwt-token.detected-jwt-token
- generic.secrets.security.detected-kolide-api-key.detected-kolide-api-key
- generic.secrets.security.detected-mailchimp-api-key.detected-mailchimp-api-key
- generic.secrets.security.detected-mailgun-api-key.detected-mailgun-api-key
- generic.secrets.security.detected-npm-registry-auth-token.detected-npm-registry-auth-token
- generic.secrets.security.detected-outlook-team.detected-outlook-team
- generic.secrets.security.detected-paypal-braintree-access-token.detected-paypal-braintree-access-token
- generic.secrets.security.detected-pgp-private-key-block.detected-pgp-private-key-block
- go.lang.security.audit.net.use-tls.use-tls
@ nonfree.others (+0, -0)
@ nonfree.security_noaudit_novuln (+0, -0)
@ nonfree.vulns (+7, -0)
+ php.lang.security.injection.printed-request.printed-request
+ solidity.security.missing-self-transfer-check-ercx.missing-self-transfer-check-ercx
+ yaml.openapi.security.use-of-basic-authentication.use-of-basic-authentication
+ python.twilio.security.twiml-injection.twiml-injection
+ generic.secrets.gitleaks.cloudflare-global-api-key.cloudflare-global-api-key
+ generic.secrets.gitleaks.cloudflare-api-key.cloudflare-api-key
+ generic.secrets.gitleaks.cloudflare-origin-ca-key.cloudflare-origin-ca-key
@ oss.audit (+0, -0)
@ oss.others (+1, -0)
+ mobsf.mobsfscan.webview.webview_allow_file_from_url.webview_allow_file_from_url
@ oss.security_noaudit_novuln (+0, -0)
@ oss.vulns (+0, -0)
```
  • Loading branch information
thypon committed Jun 1, 2024
1 parent 06e9b54 commit 074c96e
Show file tree
Hide file tree
Showing 8 changed files with 3,372 additions and 571 deletions.
1,680 changes: 1,147 additions & 533 deletions assets/semgrep_rules/generated/nonfree/audit.yaml

Large diffs are not rendered by default.

82 changes: 82 additions & 0 deletions assets/semgrep_rules/generated/nonfree/others.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,8 @@ rules:
shortlink: https://sg.run/R5vK
semgrep.dev:
rule:
r_id: 20149
rv_id: 109335
rule_id: BYUKJE
version_id: K3TvjOd
url: https://semgrep.dev/playground/r/K3TvjOd/generic.dockerfile.missing-zypper-no-confirm-switch.missing-zypper-no-confirm-switch
Expand Down Expand Up @@ -56,6 +58,8 @@ rules:
shortlink: https://sg.run/Y8BW
semgrep.dev:
rule:
r_id: 14114
rv_id: 109969
rule_id: eqUz1k
version_id: LjTqQeA
url: https://semgrep.dev/playground/r/LjTqQeA/javascript.react.correctness.hooks.set-state-no-op.calling-set-state-on-current-state
Expand All @@ -75,6 +79,8 @@ rules:
shortlink: https://sg.run/dKe0
semgrep.dev:
rule:
r_id: 9378
rv_id: 110016
rule_id: 3qUP1E
version_id: w8T9noW
url: https://semgrep.dev/playground/r/w8T9noW/ocaml.lang.compatibility.deprecated.deprecated-pervasives
Expand All @@ -100,6 +106,8 @@ rules:
shortlink: https://sg.run/v2gY
semgrep.dev:
rule:
r_id: 12777
rv_id: 110025
rule_id: DbUKZX
version_id: 7ZTgo3q
url: https://semgrep.dev/playground/r/7ZTgo3q/ocaml.lang.portability.crlf-support.broken-input-line
Expand All @@ -123,6 +131,8 @@ rules:
shortlink: https://sg.run/d0YE
semgrep.dev:
rule:
r_id: 12778
rv_id: 110026
rule_id: WAUPAJ
version_id: LjTqQgo
url: https://semgrep.dev/playground/r/LjTqQgo/ocaml.lang.portability.crlf-support.prefer-read-in-binary-mode
Expand All @@ -146,6 +156,8 @@ rules:
shortlink: https://sg.run/ZkGw
semgrep.dev:
rule:
r_id: 12779
rv_id: 110027
rule_id: 0oUJY9
version_id: 8KTQ9rJ
url: https://semgrep.dev/playground/r/8KTQ9rJ/ocaml.lang.portability.crlf-support.prefer-write-in-binary-mode
Expand All @@ -167,6 +179,8 @@ rules:
shortlink: https://sg.run/Q4ZZ
semgrep.dev:
rule:
r_id: 12786
rv_id: 110028
rule_id: zdU100
version_id: gET3x7z
url: https://semgrep.dev/playground/r/gET3x7z/ocaml.lang.portability.slash-tmp.not-portable-tmp-string
Expand Down Expand Up @@ -220,6 +234,8 @@ rules:
shortlink: https://sg.run/jROJ
semgrep.dev:
rule:
r_id: 9521
rv_id: 110244
rule_id: kxUko3
version_id: K3Tvjl9
url: https://semgrep.dev/playground/r/K3Tvjl9/python.flask.caching.query-string.flask-cache-query-string
Expand All @@ -239,6 +255,8 @@ rules:
shortlink: https://sg.run/weBP
semgrep.dev:
rule:
r_id: 9573
rv_id: 110307
rule_id: nJUz7A
version_id: zyTK8RP
url: https://semgrep.dev/playground/r/zyTK8RP/python.lang.compatibility.python36.python36-compatibility-Popen1
Expand All @@ -258,6 +276,8 @@ rules:
shortlink: https://sg.run/x1Dg
semgrep.dev:
rule:
r_id: 9574
rv_id: 110308
rule_id: EwU2n3
version_id: pZT1y9P
url: https://semgrep.dev/playground/r/pZT1y9P/python.lang.compatibility.python36.python36-compatibility-Popen2
Expand All @@ -277,6 +297,8 @@ rules:
shortlink: https://sg.run/kXn2
semgrep.dev:
rule:
r_id: 9572
rv_id: 110306
rule_id: ZqU5wR
version_id: o5Tglxx
url: https://semgrep.dev/playground/r/o5Tglxx/python.lang.compatibility.python36.python36-compatibility-ssl
Expand All @@ -298,6 +320,8 @@ rules:
shortlink: https://sg.run/vzAb
semgrep.dev:
rule:
r_id: 9577
rv_id: 110311
rule_id: 8GUjbX
version_id: jQTgYO6
url: https://semgrep.dev/playground/r/jQTgYO6/python.lang.compatibility.python37.python37-compatibility-httpconn
Expand All @@ -319,6 +343,8 @@ rules:
shortlink: https://sg.run/dKwd
semgrep.dev:
rule:
r_id: 9578
rv_id: 110312
rule_id: gxU1qd
version_id: 1QTOYgK
url: https://semgrep.dev/playground/r/1QTOYgK/python.lang.compatibility.python37.python37-compatibility-httpsconn
Expand All @@ -340,6 +366,8 @@ rules:
shortlink: https://sg.run/OPDn
semgrep.dev:
rule:
r_id: 9575
rv_id: 110309
rule_id: 7KUQOl
version_id: 2KTzrWz
url: https://semgrep.dev/playground/r/2KTzrWz/python.lang.compatibility.python37.python37-compatibility-importlib
Expand All @@ -361,6 +389,8 @@ rules:
shortlink: https://sg.run/eL3y
semgrep.dev:
rule:
r_id: 9576
rv_id: 110310
rule_id: L1Uy0n
version_id: X0TQxBO
url: https://semgrep.dev/playground/r/X0TQxBO/python.lang.compatibility.python37.python37-compatibility-importlib2
Expand All @@ -382,6 +412,8 @@ rules:
shortlink: https://sg.run/Zv2o
semgrep.dev:
rule:
r_id: 9579
rv_id: 110313
rule_id: QrUzJ9
version_id: 9lTdWDO
url: https://semgrep.dev/playground/r/9lTdWDO/python.lang.compatibility.python37.python37-compatibility-importlib3
Expand All @@ -402,6 +434,8 @@ rules:
shortlink: https://sg.run/LwRo
semgrep.dev:
rule:
r_id: 9583
rv_id: 110317
rule_id: JDUyqR
version_id: NdT3dnB
url: https://semgrep.dev/playground/r/NdT3dnB/python.lang.compatibility.python37.python37-compatibility-ipv4network1
Expand All @@ -422,6 +456,8 @@ rules:
shortlink: https://sg.run/8y3E
semgrep.dev:
rule:
r_id: 9584
rv_id: 110318
rule_id: 5rUO61
version_id: kbTdx4O
url: https://semgrep.dev/playground/r/kbTdx4O/python.lang.compatibility.python37.python37-compatibility-ipv4network2
Expand All @@ -442,6 +478,8 @@ rules:
shortlink: https://sg.run/EkLe
semgrep.dev:
rule:
r_id: 9581
rv_id: 110315
rule_id: 4bUko0
version_id: rxTyLPw
url: https://semgrep.dev/playground/r/rxTyLPw/python.lang.compatibility.python37.python37-compatibility-ipv6network1
Expand All @@ -462,6 +500,8 @@ rules:
shortlink: https://sg.run/7orW
semgrep.dev:
rule:
r_id: 9582
rv_id: 110316
rule_id: PeUZYr
version_id: bZTb10z
url: https://semgrep.dev/playground/r/bZTb10z/python.lang.compatibility.python37.python37-compatibility-ipv6network2
Expand All @@ -483,6 +523,8 @@ rules:
shortlink: https://sg.run/gLeZ
semgrep.dev:
rule:
r_id: 9585
rv_id: 110319
rule_id: GdU72R
version_id: w8T9nQK
url: https://semgrep.dev/playground/r/w8T9nQK/python.lang.compatibility.python37.python37-compatibility-locale1
Expand All @@ -503,6 +545,8 @@ rules:
shortlink: https://sg.run/Q50Q
semgrep.dev:
rule:
r_id: 9586
rv_id: 110320
rule_id: ReUgbz
version_id: xyTKZJZ
url: https://semgrep.dev/playground/r/xyTKZJZ/python.lang.compatibility.python37.python37-compatibility-math1
Expand All @@ -523,6 +567,8 @@ rules:
shortlink: https://sg.run/3xjp
semgrep.dev:
rule:
r_id: 9587
rv_id: 110321
rule_id: AbUzRA
version_id: O9TNOod
url: https://semgrep.dev/playground/r/O9TNOod/python.lang.compatibility.python37.python37-compatibility-multiprocess1
Expand All @@ -543,6 +589,8 @@ rules:
shortlink: https://sg.run/4x1z
semgrep.dev:
rule:
r_id: 9588
rv_id: 110322
rule_id: BYUNE9
version_id: e1T017y
url: https://semgrep.dev/playground/r/e1T017y/python.lang.compatibility.python37.python37-compatibility-multiprocess2
Expand All @@ -563,6 +611,8 @@ rules:
shortlink: https://sg.run/PJWW
semgrep.dev:
rule:
r_id: 9589
rv_id: 110323
rule_id: DbUpQQ
version_id: vdTYNWX
url: https://semgrep.dev/playground/r/vdTYNWX/python.lang.compatibility.python37.python37-compatibility-os1
Expand All @@ -587,6 +637,8 @@ rules:
shortlink: https://sg.run/5Q9X
semgrep.dev:
rule:
r_id: 9591
rv_id: 110324
rule_id: 0oU5vW
version_id: d6TrA98
url: https://semgrep.dev/playground/r/d6TrA98/python.lang.compatibility.python37.python37-compatibility-os2-ok2
Expand All @@ -608,6 +660,8 @@ rules:
shortlink: https://sg.run/GeA2
semgrep.dev:
rule:
r_id: 9592
rv_id: 110325
rule_id: KxUby2
version_id: ZRTQNjx
url: https://semgrep.dev/playground/r/ZRTQNjx/python.lang.compatibility.python37.python37-compatibility-pdb
Expand All @@ -629,6 +683,8 @@ rules:
shortlink: https://sg.run/ndL2
semgrep.dev:
rule:
r_id: 9580
rv_id: 110314
rule_id: 3qUPdy
version_id: yeTR2wy
url: https://semgrep.dev/playground/r/yeTR2wy/python.lang.compatibility.python37.python37-compatibility-textiowrapper
Expand All @@ -651,6 +707,8 @@ rules:
shortlink: https://sg.run/PprN
semgrep.dev:
rule:
r_id: 9701
rv_id: 110496
rule_id: AbUWjy
version_id: GxTv8x6
url: https://semgrep.dev/playground/r/GxTv8x6/python.sqlalchemy.performance.performance-improvements.batch-import
Expand All @@ -671,6 +729,8 @@ rules:
shortlink: https://sg.run/4y8g
semgrep.dev:
rule:
r_id: 9700
rv_id: 110495
rule_id: ReUPOw
version_id: 5PTdeP9
url: https://semgrep.dev/playground/r/5PTdeP9/python.sqlalchemy.performance.performance-improvements.len-all-count
Expand Down Expand Up @@ -702,6 +762,8 @@ rules:
shortlink: https://sg.run/eoAb
semgrep.dev:
rule:
r_id: 15132
rv_id: 110928
rule_id: 8GUzld
version_id: e1T0338
url: https://semgrep.dev/playground/r/e1T0338/terraform.azure.security.keyvault.keyvault-content-type-for-secret.keyvault-content-type-for-secret
Expand Down Expand Up @@ -746,6 +808,8 @@ rules:
shortlink: https://sg.run/okq7
semgrep.dev:
rule:
r_id: 9760
rv_id: 111080
rule_id: j2Uqg5
version_id: LjTqARd
url: https://semgrep.dev/playground/r/LjTqARd/typescript.react.best-practice.define-styled-components-on-module-level.define-styled-components-on-module-level
Expand Down Expand Up @@ -775,6 +839,8 @@ rules:
shortlink: https://sg.run/zkdz
semgrep.dev:
rule:
r_id: 9761
rv_id: 111081
rule_id: 10UZOv
version_id: 8KTQy3O
url: https://semgrep.dev/playground/r/8KTQy3O/typescript.react.best-practice.react-find-dom.react-find-dom
Expand Down Expand Up @@ -806,6 +872,8 @@ rules:
shortlink: https://sg.run/plK3
semgrep.dev:
rule:
r_id: 9762
rv_id: 111082
rule_id: 9AUOdB
version_id: gET3Oro
url: https://semgrep.dev/playground/r/gET3Oro/typescript.react.best-practice.react-legacy-component.react-legacy-component
Expand Down Expand Up @@ -869,6 +937,8 @@ rules:
shortlink: https://sg.run/2bZz
semgrep.dev:
rule:
r_id: 9763
rv_id: 111083
rule_id: yyUvRJ
version_id: QkTWwEY
url: https://semgrep.dev/playground/r/QkTWwEY/typescript.react.best-practice.react-props-in-state.react-props-in-state
Expand Down Expand Up @@ -901,6 +971,8 @@ rules:
shortlink: https://sg.run/XL5l
semgrep.dev:
rule:
r_id: 9764
rv_id: 111084
rule_id: r6Uky5
version_id: 3ZTkr2Z
url: https://semgrep.dev/playground/r/3ZTkr2Z/typescript.react.best-practice.react-props-spreading.react-props-spreading
Expand Down Expand Up @@ -966,6 +1038,8 @@ rules:
shortlink: https://sg.run/Y4oX
semgrep.dev:
rule:
r_id: 20158
rv_id: 111085
rule_id: oqUKJr
version_id: 44TR6bp
url: https://semgrep.dev/playground/r/44TR6bp/typescript.react.portability.i18next.i18next-key-format.i18next-key-format
Expand Down Expand Up @@ -1000,6 +1074,8 @@ rules:
shortlink: https://sg.run/6kv6
semgrep.dev:
rule:
r_id: 20159
rv_id: 111086
rule_id: zdUGrY
version_id: PkTJde4
url: https://semgrep.dev/playground/r/PkTJde4/typescript.react.portability.i18next.jsx-label-not-i18n.jsx-label-not-i18n
Expand Down Expand Up @@ -1033,6 +1109,8 @@ rules:
shortlink: https://sg.run/DeKW
semgrep.dev:
rule:
r_id: 20052
rv_id: 111087
rule_id: KxUwo1
version_id: JdTNvnX
url: https://semgrep.dev/playground/r/JdTNvnX/typescript.react.portability.i18next.jsx-not-internationalized.jsx-not-internationalized
Expand Down Expand Up @@ -1061,6 +1139,8 @@ rules:
shortlink: https://sg.run/WDvz
semgrep.dev:
rule:
r_id: 20053
rv_id: 111088
rule_id: qNUpO8
version_id: 5PTde7b
url: https://semgrep.dev/playground/r/5PTde7b/typescript.react.portability.i18next.mui-snackbar-message.mui-snackbar-message
Expand Down Expand Up @@ -1093,6 +1173,8 @@ rules:
shortlink: https://sg.run/oR37
semgrep.dev:
rule:
r_id: 24016
rv_id: 111089
rule_id: nJUPJL
version_id: GxTv8ld
url: https://semgrep.dev/playground/r/GxTv8ld/typescript.react.portability.i18next.useselect-label-not-i18n.useselect-label-not-i18n
Expand Down
Loading

0 comments on commit 074c96e

Please sign in to comment.