7e0abe3c7e
* add semgrep yml * add semgrep ci job * remove replication semgrep rule in oss * fix makefile * add semgrep to ci * upwind triple if in ui.go semgrep refactoring
30 lines
855 B
YAML
30 lines
855 B
YAML
rules:
|
|
- id: logger-used-with-sprintf
|
|
patterns:
|
|
- pattern-either:
|
|
- pattern: |
|
|
logger.Trace(fmt.Sprintf(...))
|
|
- pattern: |
|
|
logger.Debug(fmt.Sprintf(...))
|
|
- pattern: |
|
|
logger.Info(fmt.Sprintf(...))
|
|
- pattern: |
|
|
logger.Warn(fmt.Sprintf(...))
|
|
- pattern: |
|
|
logger.Error(fmt.Sprintf(...))
|
|
- pattern: |
|
|
$PARENT.logger.Trace(fmt.Sprintf(...))
|
|
- pattern: |
|
|
$PARENT.logger.Debug(fmt.Sprintf(...))
|
|
- pattern: |
|
|
$PARENT.logger.Info(fmt.Sprintf(...))
|
|
- pattern: |
|
|
$PARENT.logger.Warn(fmt.Sprintf(...))
|
|
- pattern: |
|
|
$PARENT.logger.Error(fmt.Sprintf(...))
|
|
message: "Logger message generated by Sprintf"
|
|
languages: [go]
|
|
severity: WARNING
|
|
|
|
|