-
**Describe the bug**
Both repos semgrep and semgrep-rules should run complete and strict tests that validate and test the rules found in semgrep-rules. See upcoming pull requests in semgrep and sem…
-
**Describe the bug**
`semgrep --test` doesn't fail in case of a parsing error. We want it to fail so that we can detect malformed test cases, unlike in a normal Semgrep scan.
**To Reproduce**
…
-
As pointed out by `plasma_000` in [this thread](https://www.reddit.com/r/rust/comments/x6g0ls/comment/inbs97m/?utm_source=share&utm_medium=web2x&context=3), `anymap` (or maybe the consumer, `generic_s…
-
want to print if statement body but semgrep match full code.
`id: if_else_java
patterns:
- pattern: |
if($X==$Y) {...}
message: Semgrep found a match
languages: [java]
severity: WARNIN…
-
Hi,
On Linux, Ubuntu Jammy ...
```
[ 70%] Linking CXX shared library libaudpulseaudio.so
[ 70%] Built target audpulseaudio
[ 71%] Building CXX object CMakeFiles/audsdl.dir/plugins/sdl/SDLDevi…
-
**Is your feature request related to a problem? Please describe.**
I want to explore additional rulesets to add to my semgrep scans in CI. Before enabling a new ruleset in CI, however, I want to see …
-
[FATA] [Semgrep] [2022-08-18T10:56:49Z] ▶ tool notification error: SemgrepError Error while matching: Semgrep encountered an internal error. This may be a stack overflow. Current stack limit is 104857…
-
**Describe the bug**
[_Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')_] when using **PreparedStatementSetter**. Due to the use of **PreparedStatement** it's _a f…
-
https://semgrep.dev/playground/s/sjord:taint-in-func?editorMode=advanced
```
id: taint-in-func
message: Semgrep found a match
languages: [python]
severity: WARNING
mode: taint
pattern-sources…
Sjord updated
2 years ago
-
**Describe the bug**
It seems like semgrep matches a try-catch construct in Solidity even if the external call does not match.
**To Reproduce**
I wrote the following rule to reproduce this in…