Merge Develop into Release (#3452)

* Fix CSharp SQLI rule (#3440) * use https instead of http (#3441) * fix(naming-regressions): fix todos in semgrep-rules related to naming regressions (#3444) * Fix todos * Deep got beef'd up :muscleemoji: * bad now good TODO: actually check if this is not a regression * fix rule * Fix misspelling * trying something --------- Co-authored-by: Yosef Alsuhaibani <[email protected]> Co-authored-by: Pieter De Cremer (Semgrep) <[email protected]> --------- Co-authored-by: Lewis <[email protected]> Co-authored-by: Drew Dennison <[email protected]> Co-authored-by: Yosef Alsuhaibani <[email protected]> Co-authored-by: Yosef Alsuhaibani <[email protected]> Co-authored-by: Pieter De Cremer (Semgrep) <[email protected]>
semgrep · Aug 14, 2024 · 42dea37 · 42dea37
1 parent 931bdae
commit 42dea37
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 7 deletions.
diff --git a/python/django/maintainability/duplicate-path-assignment.py b/python/django/maintainability/duplicate-path-assignment.py
@@ -80,31 +80,29 @@
     path('path/to/view', views.other_view, {'def': 'abc'}),
 ]
 
-# I would prefer duplicate-path-assignment to not match the following test cases
-# to avoid giving two messages for the same issue, but could not find a way yet.
-# todook: duplicate-path-assignment
+# deepok: duplicate-path-assignment
 # ruleid: duplicate-path-assignment-different-names, duplicate-path-assignment
 urlpatterns = [
     path('path/to/view', views.example_view, name="test"),
     path('path/to/view', views.example_view, name="other_name"),
 ]
 
-# todook: duplicate-path-assignment
+# deepok: duplicate-path-assignment
 # ruleid: duplicate-path-assignment-different-names, duplicate-path-assignment
 urlpatterns = [
     path('path/to/view', views.example_view, {'abc': 'def'}, name="test"),
     path('path/to/view', views.example_view, {'abc': 'def'}, name="other_name"),
 ]
 
-# todook: duplicate-path-assignment
+# deepok: duplicate-path-assignment
 # ruleid: duplicate-path-assignment-different-names, duplicate-path-assignment
 urlpatterns = [
     path('path/to/view', views.example_view, {'abc': 'def'}, name="test"),
     path('path/to/other/view', views.other_view, {'abc': 'def'}, name="some_test"),
     path('path/to/view', views.example_view, {'abc': 'def'}, name="other_name"),
 ]
 
-# todook: duplicate-path-assignment
+# deepok: duplicate-path-assignment
 # ruleid: duplicate-path-assignment-different-names, duplicate-path-assignment
 urlpatterns = [
     path('path/to/view', views.example_view, {'abc': 'def'}, name="test123"),

diff --git a/python/requests/security/no-auth-over-http.py b/python/requests/security/no-auth-over-http.py
@@ -2,6 +2,7 @@
 
 # ok:no-auth-over-http
 good_url = "https://www.github.com"
+# deepruleid:no-auth-over-http
 bad_url = "http://www.github.com"
 
 # ruleid:no-auth-over-http

diff --git a/ruby/rails/security/brakeman/check-sql.rb b/ruby/rails/security/brakeman/check-sql.rb
@@ -147,7 +147,7 @@ def test_more_if_statements
       "blah"
     end
 
-    #ruleid: check-sql
+    # ruleid: deepok: check-sql
     Product.last("blah = '#{x}'")
 
     #ok: check-sql