CI: add security rules from `semgrep`

rndquu commented 4 months ago

Check this repository which introduces a workflow for scanning security issues from https://semgrep.dev/p/smart-contracts.

What should be done:

add a new workflow to scan for security issues via semgrep

molecula451 commented 4 months ago

do we want this to be run each time a PR is opened no?

molecula451 commented 4 months ago

/start

ubiquibot[bot] commented 4 months ago




Deadline Fri, Jul 26, 6:53 PM UTC

Registered Wallet
0x4D0704f400D57Ba93eEa88765C3FcDBD826dCFc4

Tips:

Use /wallet 0x0000...0000 if you want to update your registered payment wallet address.
Be sure to open a draft pull request as soon as possible to communicate updates on your progress.
Be sure to provide timely updates to us when requested, or you will be automatically unassigned from the task.

rndquu commented 4 months ago

do we want this to be run each time a PR is opened no?

Yes

molecula451 commented 4 months ago

Screenshot from 2024-07-29 17-22-00

obeys commented 2 months ago

/start

ubiquity-os[bot] commented 2 months ago

Warning! This task was created over 50 days ago. Please confirm that this issue specification is accurate before starting. Deadline Sat, Sep 14, 10:29 PM UTC Beneficiary 0x31BcF24D34F018B3Aee4c6E97307221aFe47bc96

Tips:

<ul>
<li>Use <code>/wallet 0x0000...0000</code> if you want to update your registered payment wallet address.</li>
<li>Be sure to open a draft pull request as soon as possible to communicate updates on your progress.</li>
<li>Be sure to provide timely updates to us when requested, or you will be automatically unassigned from the task.</li>
<ul>

ubiquity-os[bot] commented 2 months ago

@cohow, this task has been idle for a while. Please provide an update.

obeys commented 2 months ago

waiting on code review.

rndquu commented 1 month ago

@gentlementlegen Why was the permitGeneration setting commented out in the bot's config? Typo?

gentlementlegen commented 1 month ago

@rndquu I was testing a fix earlier and commented it out to avoid generating permits, forgot to revert it, my bad.

ubiquity-os[bot] commented 1 month ago

[ 75.032 WXDAI ]
@cohow

Contributions Overview

View	Contribution	Count	Reward
Issue	Task	1	75
Issue	Comment	1	0.032
Review	Comment	5	0

Conversation Incentives

Comment	Formatting	Relevance	Reward
waiting on code review.	0.32 content: content: p: score: 0 elementCount: 1 result: 0 regex: wordCount: 4 wordValue: 0.1 result: 0.32	0.1	0.032
Resolves #949QA: https://github.com/cohow/ubiquity-dollar/pull…	0 content: content: p: score: 0 elementCount: 3 result: 0 regex: wordCount: 26 wordValue: 0 result: 0	0.6	-
I've pushed a fix that should fix that and scan only files in th…	8.99 content: content: p: score: 0 elementCount: 3 result: 0 regex: wordCount: 88 wordValue: 0.2 result: 8.99	0.8	-
Ok i'm not sure how I missed that but I managed to make it run w…	8.2 content: content: p: score: 0 elementCount: 4 result: 0 regex: wordCount: 79 wordValue: 0.2 result: 8.2	0.9	-
@rndquu 🙂	0.2 content: content: p: score: 0 elementCount: 1 result: 0 regex: wordCount: 1 wordValue: 0.2 result: 0.2	0.1	-
Merged.	0.2 content: content: p: score: 0 elementCount: 1 result: 0 regex: wordCount: 1 wordValue: 0.2 result: 0.2	0.5	-

[ 5.752 WXDAI ]
@molecula451

Contributions Overview

View	Contribution	Count	Reward
Issue	Comment	2	5.752

Conversation Incentives

Comment	Formatting	Relevance	Reward
do we want this to be run each time a PR is opened no?	0.94 content: content: p: score: 0 elementCount: 1 result: 0 regex: wordCount: 14 wordValue: 0.1 result: 0.94	0.8	0.752
![Screenshot from 2024-07-29 17-22-00](https://github.com/user-a…	5 content: content: p: score: 0 elementCount: 1 img: score: 5 elementCount: 1 result: 5 regex: wordCount: 0 wordValue: 0.1 result: 0	-	5

Comment

Formatting

Relevance

Reward

do we want this to be run each time a PR is opened no?

0.94

content:  content:    p:      score: 0      elementCount: 1  result: 0regex:  wordCount: 14  wordValue: 0.1  result: 0.94

0.8

0.752

![Screenshot from 2024-07-29 17-22-00](https://github.com/user-a…

5

content:  content:    p:      score: 0      elementCount: 1    img:      score: 5      elementCount: 1  result: 5regex:  wordCount: 0  wordValue: 0.1  result: 0

-

5

[ 38.597 WXDAI ]
@rndquu

Contributions Overview

View	Contribution	Count	Reward
Issue	Specification	1	25.2
Issue	Comment	2	5
Review	Comment	2	8.397

Conversation Incentives

Comment	Formatting	Relevance	Reward
Check [this](https://github.com/Decurity/semgrep-smart-contracts…	8.4 content: content: p: score: 0 elementCount: 2 a: score: 5 elementCount: 1 ul: score: 1 elementCount: 1 li: score: 0.5 elementCount: 1 result: 6.5 regex: wordCount: 32 wordValue: 0.1 result: 1.9	1	25.2
Yes	0.2 content: content: p: score: 0 elementCount: 1 result: 0 regex: wordCount: 1 wordValue: 0.2 result: 0.2	-	-
@gentlementlegen Why was the `permitGeneration` setting …	6.77 content: content: p: score: 0 elementCount: 1 a: score: 5 elementCount: 1 result: 5 regex: wordCount: 13 wordValue: 0.2 result: 1.77	-	5
In the provided [QA run](https://github.com/cohow/ubiquity-dolla…	7.54 content: content: p: score: 0 elementCount: 2 a: score: 5 elementCount: 1 pre: score: 0 elementCount: 1 result: 5 regex: wordCount: 45 wordValue: 0.1 result: 2.54	0.8	7.032
To sum up there are 2 semgep security related findings.First (…	1.95 content: content: p: score: 0 elementCount: 4 pre: score: 0 elementCount: 2 result: 0 regex: wordCount: 33 wordValue: 0.1 result: 1.95	0.7	1.365

[ 0 WXDAI ]
@gentlementlegen

Contributions Overview

View	Contribution	Count	Reward
Issue	Comment	1	0

Conversation Incentives

Comment	Formatting	Relevance	Reward
@rndquu I was testing a fix earlier and commented it out to avoi…	1.33 content: content: p: score: 0 elementCount: 1 result: 0 regex: wordCount: 21 wordValue: 0.1 result: 1.33	-	-

ubiquity / ubiquity-dollar