Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable semgrep/opt.semgrep-rules.gitlab.eslint.detect-object-injection #147

Open
scovetta opened this issue May 30, 2023 · 0 comments
Open

Disable semgrep/opt.semgrep-rules.gitlab.eslint.detect-object-injection #147

scovetta opened this issue May 30, 2023 · 0 comments
Labels
GHC_OSD Grace Hopper Conference Open Source Day Issues good first issue Good for newcomers

Comments

@scovetta
Copy link
Contributor

I noticed that the Semgrep "detect-object-injection" rule has very high false positive, to the point of being unusable as an analysis rule. This was confirmed at https://gitlab.com/gitlab-org/gitlab/-/issues/351399 so we just need to disable it within the Omega Analyzer using the --exclude-rule CLI parameter when running semgrep scan in runtools.sh.

Ref: https://semgrep.dev/docs/cli-reference/
@scovetta scovetta added the good first issue Good for newcomers label May 30, 2023
@scovetta scovetta changed the title Disable Disable semgrep/opt.semgrep-rules.gitlab.eslint.detect-object-injection May 30, 2023
@Cyber-JiuJiteria Cyber-JiuJiteria added the GHC_OSD Grace Hopper Conference Open Source Day Issues label Sep 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
GHC_OSD Grace Hopper Conference Open Source Day Issues good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@scovetta @Cyber-JiuJiteria