/
metadata-technology.yaml
48 lines (48 loc) · 1.33 KB
/
metadata-technology.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
rules:
- id: metadata-technology
message: >-
This Semgrep rule is missing a 'technology' field in the 'metadata'.
Consider adding a list of technologies based on the rule's associated
library or framework, or another piece of relevant information.
severity: INFO
pattern-either:
# non join mode
- patterns:
- pattern-not-inside: |
- ...
mode: join
- pattern-inside: "rules: [..., $RULE, ...]"
- pattern: $RULE
- pattern: |
id: ...
...
- pattern-not: |
id: ...
...
metadata:
...
technology:
- ...
# join mode
- patterns:
- pattern-inside: |
id: $OUTER_RULEID
mode: join
join:
rules: [ ..., $INNER_RULE, ...]
...
...
- pattern-not: |
id: $OUTER_RULEID
...
metadata:
...
technology:
- ...
languages: [yaml]
metadata:
category: best-practice
technology:
- semgrep
references:
- https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/#technology