Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / returntocorp/semgrep-rules issues and pull requests
#3038 - Merge Develop into Release
Pull Request -
State: open - Opened by r2c-argo[bot] about 1 year ago
#3037 - Update reactjs.org reference links to react.dev
Pull Request -
State: open - Opened by philipturnbull about 1 year ago
#3036 - False positive in javascript.lang.correctness.useless-assign.useless-assignment
Issue -
State: open - Opened by Sjord about 1 year ago
Labels: bug
#3035 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] about 1 year ago
#3034 - Add Swift rules
Pull Request -
State: closed - Opened by LewisArdern about 1 year ago
#3033 - License confusion with Rules
Issue -
State: open - Opened by InternGoUser about 1 year ago
Labels: bug
#3032 - [Rule] Dependency confusion
Issue -
State: open - Opened by Sjord about 1 year ago
- 2 comments
Labels: enhancement, priority:low, lang:dockerfile
#3031 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] about 1 year ago
#3030 - Rename some terraform AWS rules from "unencrypted" to "encrypted-with-cmk"
Pull Request -
State: open - Opened by frozenSolid about 1 year ago
- 1 comment
#3029 - Dockerfile rule: Avoid using sudo
Pull Request -
State: closed - Opened by theinfosecguy about 1 year ago
#3028 - Update Regex to detect secrets in Dockerfile
Pull Request -
State: closed - Opened by theinfosecguy about 1 year ago
- 2 comments
#3027 - A false negative (miss) in asyncpg-sqli ruleset
Issue -
State: open - Opened by kholia about 1 year ago
- 3 comments
Labels: lang:python, false-negative, priority:low
#3026 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] about 1 year ago
#3025 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] about 1 year ago
#3024 - Flag more code patterns in asyncpg-sqli ruleset
Pull Request -
State: closed - Opened by kholia about 1 year ago
#3023 - Update AIOHttp
Pull Request -
State: closed - Opened by kurt-r2c about 1 year ago
#3022 - Add another pattern in asyncpg-sqli ruleset
Pull Request -
State: closed - Opened by kholia about 1 year ago
- 1 comment
#3021 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] about 1 year ago
#3020 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] about 1 year ago
#3019 - pattern-source - fix parameter order = Update ldap-injection.yaml
Pull Request -
State: open - Opened by 1lyasam about 1 year ago
- 2 comments
#3018 - Update historical test to go back 10 versions
Pull Request -
State: closed - Opened by p4p3r about 1 year ago
#3017 - Bump certifi from 2022.9.24 to 2023.7.22 in /.github/rulerascal
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies
#3016 - Bump aiohttp from 3.8.3 to 3.8.5 in /.github/rulerascal
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 4 comments
Labels: dependencies
#3015 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] about 1 year ago
#3014 - Bump certifi from 2023.5.7 to 2023.7.22
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies
#3013 - enable case-insensitive php tests
Pull Request -
State: open - Opened by akuhlens about 1 year ago
- 4 comments
#3012 - Add Solidity Smart Contract Rules
Pull Request -
State: open - Opened by Raz0r about 1 year ago
- 3 comments
#3011 - Add curl on subshell to curl-pipe-bash rule
Pull Request -
State: closed - Opened by JacobBrackett about 1 year ago
- 2 comments
#3010 - Lower correctness to INFO
Pull Request -
State: closed - Opened by LewisArdern about 1 year ago
#3009 - Improve Gitleaks Generic API Rule
Pull Request -
State: closed - Opened by LewisArdern about 1 year ago
#3008 - New Published Rules - curl-pipe-bash
Pull Request -
State: closed - Opened by semgrep-dev-pr-bot[bot] about 1 year ago
#3007 - New Published Rules - curl-pipe-bash
Pull Request -
State: closed - Opened by semgrep-dev-pr-bot[bot] about 1 year ago
#3006 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] about 1 year ago
#3005 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] about 1 year ago
#3004 - add missing $ in pattern for csharp-sqli
Pull Request -
State: closed - Opened by nashcontrol about 1 year ago
- 2 comments
#3003 - deprecate dompurify rule
Pull Request -
State: closed - Opened by LewisArdern about 1 year ago
- 1 comment
#3002 - Fix secret FPs reported
Pull Request -
State: closed - Opened by LewisArdern about 1 year ago
#3001 - update yaml/github-actions/security/run-shell-injection to remove commit_hash from being reported as injectable.
Pull Request -
State: closed - Opened by DocEmmetBrown about 1 year ago
- 3 comments
#3000 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] about 1 year ago
#2999 - Enhance Python eval() detection rule
Issue -
State: closed - Opened by bluemarco about 1 year ago
Labels: bug
#2998 - feat: add new 'third-party-action-not-pinned-to-commit-sha' rule
Pull Request -
State: closed - Opened by gabriellesc about 1 year ago
- 2 comments
#2997 - Enhance Python eval() detection
Pull Request -
State: closed - Opened by bluemarco about 1 year ago
- 2 comments
#2996 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] about 1 year ago
#2995 - c/lang/security/double-free.yaml false positive
Issue -
State: open - Opened by kostya253 about 1 year ago
Labels: bug
#2994 - Deprecate Ruby YAML and MySQL rules
Pull Request -
State: closed - Opened by philipturnbull about 1 year ago
#2993 - Add missing syntactic elements reported by new parsers
Pull Request -
State: closed - Opened by mjambon over 1 year ago
#2992 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2991 - Added a 2nd pattern to owasp.java.ssrf.java.net.url for wider coverage
Pull Request -
State: open - Opened by SaeedHashem over 1 year ago
- 2 comments
#2990 - [owasp.java.ssrf.java.net.url] False Negative When Detecting SSRF in the java.net.URL Sink
Issue -
State: open - Opened by SaeedHashem over 1 year ago
Labels: bug
#2989 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2988 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2987 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2986 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2985 - chore: use deepok to mark lines as ok when run with the pro engine
Pull Request -
State: closed - Opened by emjin over 1 year ago
- 6 comments
#2984 - fix: update regex capture groups
Pull Request -
State: closed - Opened by brandonspark over 1 year ago
#2983 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2982 - Fix looppointer rule
Pull Request -
State: closed - Opened by p4p3r over 1 year ago
#2981 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2980 - Fixed message links
Pull Request -
State: closed - Opened by enncoded over 1 year ago
#2979 - Fixed message links
Pull Request -
State: closed - Opened by enncoded over 1 year ago
#2978 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2977 - change conf of rule
Pull Request -
State: closed - Opened by colleend over 1 year ago
#2976 - fix: rule after matching fields with stmts
Pull Request -
State: closed - Opened by brandonspark over 1 year ago
- 2 comments
#2975 - Update r2c/Return to Corp to Semgrep
Pull Request -
State: closed - Opened by armchairlinguist over 1 year ago
#2974 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2973 - feat: metacheck for poorly indented rules
Pull Request -
State: closed - Opened by brandonspark over 1 year ago
#2972 - False positive pattern in loop pointer rule
Issue -
State: open - Opened by romdr over 1 year ago
- 1 comment
#2971 - Deprecate some more brakeman gem rules
Pull Request -
State: closed - Opened by philipturnbull over 1 year ago
#2970 - Fix multiline BEGIN-END pattern
Pull Request -
State: closed - Opened by mjambon over 1 year ago
#2969 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2968 - adding more pattern-not-insides
Pull Request -
State: closed - Opened by colleend over 1 year ago
- 1 comment
#2967 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2966 - Deprecate CVE-2021-44228 rule
Pull Request -
State: closed - Opened by philipturnbull over 1 year ago
- 3 comments
#2965 - Deprecate some Ruby rules
Pull Request -
State: closed - Opened by philipturnbull over 1 year ago
#2964 - RULES-4053
Pull Request -
State: closed - Opened by kurt-r2c over 1 year ago
- 1 comment
#2963 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2962 - adding type inf for sql rules
Pull Request -
State: closed - Opened by colleend over 1 year ago
- 1 comment
#2961 - fix FP from #2959
Pull Request -
State: closed - Opened by kurt-r2c over 1 year ago
- 2 comments
#2960 - fix artifactory password regex regression
Pull Request -
State: closed - Opened by ChristianAlexander over 1 year ago
- 1 comment
#2959 - Artifactory password falsely triggering on yarn lock file
Issue -
State: closed - Opened by ChristianAlexander over 1 year ago
- 1 comment
Labels: bug
#2958 - fix(c#): fix c-sharp rules
Pull Request -
State: closed - Opened by brandonspark over 1 year ago
#2957 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2956 - update detected-artifactory-password
Pull Request -
State: closed - Opened by kurt-r2c over 1 year ago
- 1 comment
#2955 - Match app-specific class/module when configuring Rails session-store
Pull Request -
State: closed - Opened by philipturnbull over 1 year ago
#2954 - Confirming licensing for rules.
Issue -
State: closed - Opened by ajohnston9 over 1 year ago
- 2 comments
#2953 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2952 - Add pattern for a popular log4j package import
Pull Request -
State: closed - Opened by ilyaglow over 1 year ago
- 2 comments
#2951 - Update function-use-after-free.yaml
Pull Request -
State: closed - Opened by simonevallifuoco over 1 year ago
- 1 comment
#2950 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2949 - false positive for - detected artifactory password rule
Issue -
State: closed - Opened by shsingh over 1 year ago
- 1 comment
Labels: bug
#2948 - update references for PHP rules
Pull Request -
State: closed - Opened by inkz over 1 year ago
#2947 - New Published Rules - exported_activity
Pull Request -
State: closed - Opened by semgrep-dev-pr-bot[bot] over 1 year ago
#2946 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2945 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2925 - Fix false positive in ruby rails tainted-sql-string
Pull Request -
State: closed - Opened by 0xDC0DE over 1 year ago
- 1 comment
#2922 - XInclude processing should be disabled?
Pull Request -
State: closed - Opened by infractal over 1 year ago
- 4 comments
Labels: stale
#2919 - Update Go test
Pull Request -
State: closed - Opened by p4p3r over 1 year ago
#2918 - Merge Develop into Release
Pull Request -
State: closed - Opened by r2c-argo[bot] over 1 year ago
#2917 - Only match databases for audit rule
Pull Request -
State: closed - Opened by LewisArdern over 1 year ago
#2916 - Pattern parse error in rule clojure.lang.security.use-of-md5.use-of-md5
Pull Request -
State: closed - Opened by jonny64 over 1 year ago
- 3 comments