`nosemgrep` comments not honored by extension in python

semgrep / semgrep-vscode

Semgrep extension for Visual Studio Code

https://marketplace.visualstudio.com/items?itemName=semgrep.semgrep

GNU Lesser General Public License v2.1

53 stars 24 forks source link

`nosemgrep` comments not honored by extension in python #159

Open forana opened 1 month ago

forana commented 1 month ago

Anonymized python:

class MyClass (
    ABadClass,  # nosemgrep: myrule
    AnotherClass,
    ADifferentClass,
): ...

Anonymized rule:

  - id: myrule
    languages:
      - python
    severity: ERROR
    message: Do not use ABadClass
    pattern-regex: .*ABadClass.*

Via CLI, the nosemgrep line correctly ignores the error. Via the plugin, the error is not ignored.

forana commented 1 month ago

~Interestingly, when the useJS setting is enabled - the nosemgrep comments are honored.~ nevermind, the extension took abnormally long to update.

ajbt200128 commented 1 month ago

thanks for the report, we'll look into this! Can you try running the cli with the --experimental flag as the first flag, and see if semgrep still ignores it?

forana commented 1 month ago

@ajbt200128 via semgrep scan --experimental -f path/to/my/config --include=path/to/example/file, I see that all of my rules are scanned and no findings are found - so, looks like semgrep still honors it there.

ajbt200128 commented 1 month ago

thanks, that's super useful, looks like it's definitely a bug on the extension side then

forana commented 1 month ago

Suppose I should add: semgrep version = 1.81.0