Add Custom rules to SAST scan - Githubissues

jfrog / jfrog-vscode-extension

JFrog VS-Code Extension

https://jfrog.github.io/jfrog-vscode-extension

Apache License 2.0

189 stars 32 forks source link

Add Custom rules to SAST scan #474

Closed attiasas closed 2 months ago

attiasas commented 2 months ago

[x] All tests passed. If this feature is not already covered by the tests, I added new tests.
[x] I used npm run format for formatting the code before submitting the pull request.

Add Custom rules to the SAST scan in your workspace

Prepare a custom json rules file with your rules:

[
{
"name": "custom-rule",
"message": "User-controlled data used as argument to math.sqrt",
"finder": {
  "type": "FlowFinder",
  "sources": {
    "type": "calls",
    "names": [
      "input"
    ]
  },
  "sinks": {
    "type": "calls",
    "names": [
      "math.sqrt"
    ]
  }
},
"cwe": null,
"description": "User-controlled square root",
"severity": "high",
"tags": []
}
]

Provide the Absolute path to the user custom rule file at the extension's new configuration.
Rescan your workspace.