Ben Cambourne

I tested semgrep v1.17.1, and the issue is still there, but I see #7472 is fixed post this release. I'll test again when the next version comes out.

> Instead of --test simply ignoring paths constraints (which sounds reasonable and probably works well), there's the option to leverage the fact that everything matching rule-name* is initially assessed as...

> Btw, if you do need multiple files for the same rule (that do not require a file tree) you can have multiple `rule-name.WHATEVER.extension` files and all will be picked...

Whilst the exact suggestion in the original post of ignoring the `paths.include` and scanning the matched test file, still doesn't work (v1.6.0). The enhancement in #6883 to allow scanning directories...

I think have a docker file will be beneficial.

https://github.com/outflanknl/RedELK/pull/298

I think all patterns even the anti-patterns (bad practices) should be covered so that a rule trying to find something (e.g. XSS) will work no matter how the module was...

Choosing to use black will mean a big patch at first to get the code in the black style formatting, but going forward will make PRs more straight forward as...