Skip to content

saleor/semgrep-rules

BranchesTags

Repository files navigation

Saleor Semgrep Rules

This repository contains Semgrep rules developed and made public by @Saleor.

Usage

To be able to use the rules, the git repository needs to be cloned.

Then a single rule can be run from the clone repository, for example:

semgrep -c /path-to-the-clone-semgrep-rules/the-rule.yml .

Alternatively, all rules can be run:

semgrep -c /path-to-the-clone-semgrep-rules .

Rules

Typescript

ID Impact Confidence Description
typescript.lang.security.audit.timing-attack-comparison HIGH LOW Checks comparisons against secrets are time-safe.

YAML

ID Impact Confidence Description
yaml.github-actions.security.audit.shell-script-injection HIGH HIGH Ensures no string interpolations (${{ ... }}) are present inside run blocks of GitHub Actions.

Contributing

Refer to our guidelines:

About

No description, website, or topics provided.

Resources

Readme

License

BSD-3-Clause license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

9 watching

Forks

0 forks
Report repository

Releases 1

v0.1.0 Latest
Jun 6, 2024

Packages

No packages published

Languages