search

brave / security-action

Composite GitHub CI Action containing the minimal viable security lint for brave repositories
Mozilla Public License 2.0
17 stars 6 forks source link

semgrep rules: September 2024 Update #672

Closed thypon closed 2 months ago

thypon commented 2 months ago 
@ nonfree.audit (+1, -1)
+ generic.secrets.security.detected-onfido-live-api-token.detected-onfido-live-api-token
- terraform.aws.security.aws-lambda-x-ray-tracing-not-active.aws-lambda-x-ray-tracing-not-active
@ nonfree.others (+0, -0)
@ nonfree.security_noaudit_novuln (+0, -5)
- go.lang.security.audit.crypto.missing-ssl-minversion.missing-ssl-minversion
- javascript.intercom.security.audit.intercom-settings-user-identifier-without-user-hash.intercom-settings-user-identifier-without-user-hash
- python.django.security.django-no-csrf-token.django-no-csrf-token
- python.django.security.django-using-request-post-after-is-valid.django-using-request-post-after-is-valid
- terraform.aws.security.aws-provisioner-exec.aws-provisioner-exec
@ nonfree.vulns (+1, -0)
+ php.lang.security.injection.tainted-callable.tainted-callable
@ oss.audit (+0, -0)
@ oss.others (+0, -0)
@ oss.security_noaudit_novuln (+0, -0)
@ oss.vulns (+0, -0)