-
How can I run all the java rules while excluding `java.spring.security.unrestricted-request-mapping.unrestricted-request-mapping`?
I'm currently using `semgrep --config r/java` to do the job. But I…
-
**Describe the bug**
In Scala, taint mode does not flow taint to sinks inside for comprehension
**To Reproduce**
https://semgrep.dev/s/Q2vD
-
**[ERROR] Pattern parse error in new rule : Invalid pattern for C#**
I am trying to create a rule with a pattern that looks out for literal bracket characters '[' and ']' in code, but I am getting …
-
**Is your feature request related to a problem? Please describe.**
The page for selecting GitLab groups displays only the first 100 results.
**Describe the solution you'd like**
It would be nice…
-
**Describe the bug**
For Python code, rules that match `with foo` will match any `with` statement, instead of specifically the expression in the `foo`.
For example, this rule:
```yaml
id: with…
-
**Describe the bug**
A clear and concise description of what the bug is.
![Kapture 2022-08-03 at 16 09 29](https://user-images.githubusercontent.com/38389586/182557865-34b6fb01-fbac-456f-8659-1ae4ad…
-
**Describe the bug**
`pattern-not-inside` is excluding a match that it shouldn't.
```
function getChannel() {
const c = new BroadcastChannel("someToken");
return c;
}
function bro…
-
**Describe the bug**
Semgrep is failing to run scans against a test repo (juice shop)
Relevant scan: https://github.com/jesse-r2c-test/juice-shop/runs/6611340414?check_suite_focus=true
**To Rep…
-
**Is your feature request related to a problem? Please describe.**
In scala, if you are using a class inside other classes located in the same package, you do not need to specify any import. As a re…
-
**Describe the bug**
Individual items referenced by an iterator of a tainted collection should propagate taint. Currently, the following valid Java enumerator pattern does not propagate taint correc…