semgrep-rules
semgrep-rules copied to clipboard
semgrep
Semgrep rules registry
Bumps [aiohttp](https://github.com/aio-libs/aiohttp) from 3.9.2 to 3.9.4. Release notes Sourced from aiohttp's releases. 3.9.4 Bug fixes The asynchronous internals now set the underlying causes when assigning exceptions to the future objects...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Wahoo! New published rules with `dobigs43_personal_org.sans540_semgrep` from @dobigs43. See [semgrep.dev/s/BYDp2](https://semgrep.dev/s/BYDp2) for more details. Thanks for your contribution! ❤️
![semgrep-dev-pr-bot[bot] avatar](https://avatars.githubusercontent.com/in/60337?v=4 "semgrep-dev-pr-bot[bot] avatar"){kind=avatar}
This PR adds rules around cryptography mistakes in the Node.js crypto module.
- Added `pattern-not` conditions to exclude safe usage patterns and minimize false positives. - Added new test cases to cover a wider range of scenarios, including both vulnerable and safe...
javascript express vm2 vulnerability scanner: [here][1] misses real vulnerable code. The vulnerable file is [here][2], and it is a part of *completely reproducible* docker image vulnerable to [CVE-2023-37466][3]. It seems...
Removes account id check: While account IDs, like any identifying information, should be used and shared carefully, they are not considered secret, sensitive, or confidential information. [HockeyApp is being retired...
There are two rules that warn about the same thing: - [generic.secrets.gitleaks.slack-webhook-url](https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/slack-webhook-url.yaml) - [generic.secrets.security.detected-slack-webhook](https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/security/detected-slack-webhook.yaml)
Hi folks, It's me deleting another rule. This time it's a rule that basically flags specific parameter names as a high severity finding. I get what it's going for but...
We don't use this, and its causing friction with people using vscode locally who may clone this repo and try to load rules.
**Describe the bug** express_xss is detected in a code that has sanitization **To Reproduce** https://semgrep.dev/playground/r/x8UKwxb/767vnb.express_xss **Expected behavior** No detection **What is the priority of the bug to you?** - [...
