mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-07 15:17:03 +02:00
Code Issues Projects Releases Wiki Activity

Add ToB Semgrep Rules (#26821)

Browse Source 
* add tob goroutine rule for pr scanning

* add tob racy slice and map rules

---------

Co-authored-by: mickael e <mickael@hashicorp.com>
This commit is contained in:
Chris Capurso 2024-05-13 16:13:50 -04:00 committed by GitHub
parent 33d93652d5
commit d4abdb1485
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
scan.hcl
View File

@ -15,7 +15,13 @@ repository {
plugin "semgrep" { plugin "semgrep" {
use_git_ignore = true use_git_ignore = true
exclude = ["vendor"] exclude = ["vendor"]
config = ["tools/semgrep/ci", "p/r2c-security-audit"] config = [
"tools/semgrep/ci",
"p/r2c-security-audit",
"r/trailofbits.go.hanging-goroutine.hanging-goroutine",
"r/trailofbits.go.racy-append-to-slice.racy-append-to-slice",
"r/trailofbits.go.racy-write-to-map.racy-write-to-map",
]
exclude_rule = ["generic.html-templates.security.unquoted-attribute-var.unquoted-attribute-var"] exclude_rule = ["generic.html-templates.security.unquoted-attribute-var.unquoted-attribute-var"]
} }