semgrep-rules
semgrep-rules copied to clipboard
semgrep
Semgrep rules registry
https://semgrep.live/7KvR?registry=python.lang.maintainability.useless-innerfunction&sourceurl=https%3A%2F%2Fraw.githubusercontent.com%2Fdropbox%2Fdropbox-api-v2-repl%2Fa057a71995e12fb4cd2fff6fa4d917969e665fda%2Frepl.py
**Rule Description** https://github.com/jesusprubio/strong-node CC @inkz *What does this rule intend to find?* **Examples or references** *Put an example or references here* **Additional information** *More information that would help someone write...
**Describe the bug** The rule [`generic.dockerfile.correctness.copy-from-own-alias.copy-from-own-alias`](https://semgrep.dev/r?q=generic.dockerfile.correctness.copy-from-own-alias.copy-from-own-alias) matches the following code: ```Dockerfile FROM gradle:jdk11 as cache RUN stuff FROM other:1.0 as builder COPY --from=cache /cache /home/gradle/.gradle FROM image:3 as deploy RUN...
see https://github.com/returntocorp/semgrep-rules/pull/1698
**Rule Description** use `req.ips` instead `req.ip` for logging *What does this rule intend to find?* **Examples or references** ```javascript const express = require('express') const app = express() const port =...
**Rule Description** app listen without host: > If host is omitted, the server will accept connections on the unspecified IPv6 address (::) when IPv6 is available, or the unspecified IPv4...
**Check Description** An experimental package, `syscall/js`, looks like it has the capability to do serialize and unserialize WASM. https://www.godoc.org/syscall/js#CopyBytesToGo Based on this issue here: `https://github.com/golang/go/issues/39129` - [ ] This ticket...
**Check Description** cf. https://github.com/OWASP/Go-SCP/blob/master/dist/go-webapp-scp.pdf, pg. 12 cf. https://ilyaglotov.com/blog/servemux-and-path-traversal - [ ] This ticket has links, references, or examples. - [ ] Your check has true positive and true negative test...
**Check Description** cf. https://find-sec-bugs.github.io/bugs.htm#ENTITY_MASS_ASSIGNMENT - [x] This ticket has links, references, or examples. - [ ] Your check has true positive and true negative test cases. - [ ] Your...
**Description** Running a scan with the cli using a rule that has a fix definition and passing in the --autofix flag to implement the fix rewrites CRLF line separators to...
