mschwager
mschwager
This bug was discovered here: https://github.com/simplesamlphp/simplesamlphp/issues/611 Basically, I believe our code is making relative links relative to the hostname instead of the hostname + directory of the current URL.
``` $ semgrep --version 0.10.1 ``` Consider the following Python code: ``` $ cat test.py import os.path.join ``` When using a pattern looking for imports we get the following results:...
We currently allow one or more rules per YAML configuration file. This is nice for grouping multiple, similar rules together, but can make it difficult for other systems to analyze...
Hi there, Thanks so much for creating `ipdb`, I use it every day. I'd like to create a Python script that has data piped to it then drops into an...
Hey all, Often when checking a user's contribution history it's interesting to know the total contribution count. We can sum the years by hand, but it'd be awesome if this...
As discussed here: https://github.com/twisted/ldaptor/pull/74 We've recently added custom string escaping functionality when programatically creating LDAP filter strings. It would be great if we added similar functionality when parsing filters as...
Nginx has a notorious issue with `if` directives: [If Is Evil](https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/). It'd be awesome if `Gixy` could detect these problematic cases.
https://github.com/Bo0oM/PHP_imap_open_exploit :)
Calling `create_function` is effectively an `eval` call and thus should be avoided :) https://secure.php.net/manual/en/function.create-function.php
Similar to preferring strict comparisons (`===` vs. `==`), it'd be great to include a check for non-strict calls to `in_array`. I.e. ensure `in_array($needle, $haystack, true)`.