From 0c7f070fd567e10afbfcf4aadaae437e0e11a7fc Mon Sep 17 00:00:00 2001 From: Ankit Kumar <118803988+ankit-privado@users.noreply.github.com> Date: Mon, 1 Jul 2024 15:23:43 +0530 Subject: [PATCH 01/11] Kotlin 3ps (#473) * added kotlin 3ps * gogole crashlytics rule change * kotlin rules refactoring * code refactoring --- rules/sinks/storages/orm/kotlin.yaml | 17 +++++++++++++++++ rules/sinks/third_parties/sdk/google/java.yaml | 10 +++++++++- .../sinks/third_parties/sdk/google/kotlin.yaml | 1 + rules/sinks/third_parties/sdk/pendo/java.yaml | 13 +++++++++++++ 4 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 rules/sinks/storages/orm/kotlin.yaml create mode 100644 rules/sinks/third_parties/sdk/pendo/java.yaml diff --git a/rules/sinks/storages/orm/kotlin.yaml b/rules/sinks/storages/orm/kotlin.yaml new file mode 100644 index 00000000..a93f6135 --- /dev/null +++ b/rules/sinks/storages/orm/kotlin.yaml @@ -0,0 +1,17 @@ +sinks: + + - id: Storages.ORM.ORMLite.Read + name: ORMLite (Read) + domains: + - ormlite.com + patterns: + - "(?i)(com[.]j256[.]ormlite).*(queryForFirst|queryForId|queryForAll|countOf|queryBuilder)" + tags: + + - id: Storages.ORM.ORMLite.Write + name: ORMLite (Write) + domains: + - ormlite.com + patterns: + - "(?i)(com[.]j256[.]ormlite).*(create|update|createOrUpdate|delete|deleteById|deleteBuilder)" + tags: \ No newline at end of file diff --git a/rules/sinks/third_parties/sdk/google/java.yaml b/rules/sinks/third_parties/sdk/google/java.yaml index cdb2baef..c48f47e8 100644 --- a/rules/sinks/third_parties/sdk/google/java.yaml +++ b/rules/sinks/third_parties/sdk/google/java.yaml @@ -1004,4 +1004,12 @@ sinks: - "firebase.google.com/docs/crashlytics" patterns: - "(?i)(com[.]crashlytics|com.firebase.crashlytics|com.google.firebase.crashlytics).*" - tags: + tags: + + - id: ThirdParties.SDK.Google.Firebase.Messaging + name: Google Firebase + domains: + - "firebase.google.com" + patterns: + - "(?i)(com[.]google[.]firebase[.](ktx|messaging)).*" + tags: diff --git a/rules/sinks/third_parties/sdk/google/kotlin.yaml b/rules/sinks/third_parties/sdk/google/kotlin.yaml index 8373c67a..c3640e83 100644 --- a/rules/sinks/third_parties/sdk/google/kotlin.yaml +++ b/rules/sinks/third_parties/sdk/google/kotlin.yaml @@ -7,4 +7,5 @@ sinks: - "(?i)(com[.]google[.]firebase)[.](?!(database)).*" - "(?i)(com[.]firebase)[.](?!(database)).*" - "(?i)(io[.]firebase)[.](?!(database)).*" + - "(?i)(com[.]google[.]firebase[.]remoteconfig).*" tags: diff --git a/rules/sinks/third_parties/sdk/pendo/java.yaml b/rules/sinks/third_parties/sdk/pendo/java.yaml new file mode 100644 index 00000000..577c93cd --- /dev/null +++ b/rules/sinks/third_parties/sdk/pendo/java.yaml @@ -0,0 +1,13 @@ + +# Sink rule for ThirdParty SDK +# The id follows a format : "ThirdParties.SDK.." + +sinks: + + - id: ThirdParties.SDK.Pendo + name: Pendo + domains: + - "pendo.io" + patterns: + - "(?i)(sdk[.]pendo[.]io[.]Pendo).*" + tags: \ No newline at end of file From 7c0d210fbbd783ac0f0dea5a21d9e70477227ea2 Mon Sep 17 00:00:00 2001 From: Ankit Kumar <118803988+ankit-privado@users.noreply.github.com> Date: Mon, 1 Jul 2024 16:46:29 +0530 Subject: [PATCH 02/11] Csharp 3ps (#476) * csharp rules addition * added csharp 3ps * code refactoring * review comments --- rules/sinks/leakages/logs/csharp.yaml | 3 +++ .../EntityFrameworkCore}/csharp.yaml | 0 rules/sinks/storages/opensearch/csharp.yaml | 20 +++++++++++++++++++ rules/sinks/storages/orm/csharp.yaml | 17 ++++++++++++++++ rules/sinks/storages/redis/csharp.yaml | 17 ++++++++++++++++ .../third_parties/sdk/amazon/csharp.yaml | 2 +- .../sdk/componentspace/csharp.yaml | 13 ++++++++++++ .../sdk/launchdarkly/csharp.yaml | 13 ++++++++++++ 8 files changed, 84 insertions(+), 1 deletion(-) rename rules/sinks/storages/{Microsoft.EntityFrameworkCore => microsoft/EntityFrameworkCore}/csharp.yaml (100%) create mode 100644 rules/sinks/storages/opensearch/csharp.yaml create mode 100644 rules/sinks/storages/orm/csharp.yaml create mode 100644 rules/sinks/storages/redis/csharp.yaml create mode 100644 rules/sinks/third_parties/sdk/componentspace/csharp.yaml create mode 100644 rules/sinks/third_parties/sdk/launchdarkly/csharp.yaml diff --git a/rules/sinks/leakages/logs/csharp.yaml b/rules/sinks/leakages/logs/csharp.yaml index 955bd155..21610a74 100644 --- a/rules/sinks/leakages/logs/csharp.yaml +++ b/rules/sinks/leakages/logs/csharp.yaml @@ -9,6 +9,7 @@ sinks: name: Log Info patterns: - "(?i).*(Microsoft[.]Extensions[.]Logging[.]ILogger).*(LogInformation|LogTrace).*" + - "(?i).*(Serilog).*(Information).*" tags: - id: Leakages.Log.Error @@ -21,10 +22,12 @@ sinks: name: Log Warn patterns: - "(?i).*(Microsoft[.]Extensions[.]Logging[.]ILogger).*(LogWarning).*" + - "(?i).*(Serilog).*(Warning).*" tags: - id: Leakages.Log.Debug name: Log Debug patterns: - "(?i).*(Microsoft[.]Extensions[.]Logging[.]ILogger).*(LogDebug).*" + - "(?i).*(Serilog).*(Debug).*" tags: \ No newline at end of file diff --git a/rules/sinks/storages/Microsoft.EntityFrameworkCore/csharp.yaml b/rules/sinks/storages/microsoft/EntityFrameworkCore/csharp.yaml similarity index 100% rename from rules/sinks/storages/Microsoft.EntityFrameworkCore/csharp.yaml rename to rules/sinks/storages/microsoft/EntityFrameworkCore/csharp.yaml diff --git a/rules/sinks/storages/opensearch/csharp.yaml b/rules/sinks/storages/opensearch/csharp.yaml new file mode 100644 index 00000000..dc591571 --- /dev/null +++ b/rules/sinks/storages/opensearch/csharp.yaml @@ -0,0 +1,20 @@ + +# Sink Rules for storage database Elasticsearch - https://www.opensearch.org + +sinks: + + - id: Storages.Opensearch.Read + name: Opensearch(Read) + domains: + - opensearch.org + patterns: + - "(?i).*(OpenSearch[.]Client).*(get|serarch|msearch|scroll|count|explain|termVectors|mget).*" + tags: + + - id: Storages.Opensearch.Write + name: Opensearch(Write) + domains: + - opensearch.org + patterns: + - "(?i).*(Opensearch[.]Client).*(index|update|delete|bulk|reindex).*" + tags: \ No newline at end of file diff --git a/rules/sinks/storages/orm/csharp.yaml b/rules/sinks/storages/orm/csharp.yaml new file mode 100644 index 00000000..92d048b2 --- /dev/null +++ b/rules/sinks/storages/orm/csharp.yaml @@ -0,0 +1,17 @@ +sinks: + + - id: Storages.ORM.Dapper.Write + name: Dapper (Write) + domains: + - learndapper.com + patterns: + - "(?i)(Dapper).*(Execute|Insert|Update|Delete)(Async)?.*" + tags: + + - id: Storage.ORM.Dapper.Read + name: Dapper (Read) + domains: + - learndapper.com + patterns: + - "(?i)(Dapper).*(Query|QuerySingle|QueryFirst|QueryMultiple)(Async)?.*" + tags: \ No newline at end of file diff --git a/rules/sinks/storages/redis/csharp.yaml b/rules/sinks/storages/redis/csharp.yaml new file mode 100644 index 00000000..8660678f --- /dev/null +++ b/rules/sinks/storages/redis/csharp.yaml @@ -0,0 +1,17 @@ +sinks: + + - id: Storages.Redis.Read + name: Redis DB(Read) + domains: + - redis.io + patterns: + - "(?i)(stackExchange[.]redis).*[.](StringGet)" + tags: + + - id: Storages.Redis.Write + name: Redis DB(Write) + domains: + - redis.io + patterns: + - "(?i)(stackExchange[.]redis).*[.](Set|HSet|Del)" + tags: diff --git a/rules/sinks/third_parties/sdk/amazon/csharp.yaml b/rules/sinks/third_parties/sdk/amazon/csharp.yaml index f7209479..e11caaf9 100644 --- a/rules/sinks/third_parties/sdk/amazon/csharp.yaml +++ b/rules/sinks/third_parties/sdk/amazon/csharp.yaml @@ -57,7 +57,7 @@ sinks: domains: - "aws.amazon.com/secrets-manager/" patterns: - - "(?i)(AWSSDK[.]SecretsManager|AWSSDK[.]SecretsManager[.]Caching).*" + - "(?i)((AWSSDK|Amazon)[.]SecretsManager|AWSSDK[.]SecretsManager[.]Caching).*" tags: - id: ThirdParties.SDK.Amazonaws.Lambda diff --git a/rules/sinks/third_parties/sdk/componentspace/csharp.yaml b/rules/sinks/third_parties/sdk/componentspace/csharp.yaml new file mode 100644 index 00000000..9cd07057 --- /dev/null +++ b/rules/sinks/third_parties/sdk/componentspace/csharp.yaml @@ -0,0 +1,13 @@ + +# Sink rule for ThirdParty SDK +# The id follows a format : "ThirdParties.SDK.." + +sinks: + + - id: ThirdParties.SDK.ComponentSpace + name: ComponentSpace + domains: + - "componentspace.com" + patterns: + - "(?i)(Component[.]Saml).*" + tags: \ No newline at end of file diff --git a/rules/sinks/third_parties/sdk/launchdarkly/csharp.yaml b/rules/sinks/third_parties/sdk/launchdarkly/csharp.yaml new file mode 100644 index 00000000..482e1465 --- /dev/null +++ b/rules/sinks/third_parties/sdk/launchdarkly/csharp.yaml @@ -0,0 +1,13 @@ + +# Sink rule for ThirdParty SDK +# The id follows a format : "ThirdParties.SDK.." + +sinks: + + - id: ThirdParties.SDK.Launchdarkly + name: Launchdarkly + domains: + - "launchdarkly.com" + patterns: + - "(?i)(LaunchDarkly[.]Sdk).*" + tags: \ No newline at end of file From 0a4115966a21ab4ce05dcb33c2f9ea3843c3749d Mon Sep 17 00:00:00 2001 From: Ankit Kumar <118803988+ankit-privado@users.noreply.github.com> Date: Wed, 3 Jul 2024 16:03:00 +0530 Subject: [PATCH 03/11] Source rules addition (#480) * added source rules * review comment fix * review comment fix --- rules/sources/financial_data.yaml | 4 ++-- rules/sources/national_identification_numbers.yaml | 10 ++++++++++ rules/sources/personal_identification.yaml | 2 +- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/rules/sources/financial_data.yaml b/rules/sources/financial_data.yaml index c649cc41..00db652e 100644 --- a/rules/sources/financial_data.yaml +++ b/rules/sources/financial_data.yaml @@ -135,7 +135,7 @@ sources: isSensitive: False sensitivity: medium patterns: - - "(?i).*(salary[^\\s/(;)#|,=!>]{0,10}(?:details|detail|slip|pay)|employee[^\\s/(;)#|,=!>]{0,10}salary|basic[^\\s/(;)#|,=!>]{0,10}salary|(?:dearness|houserent)[^\\s/(;)#|,=!>]{0,10}allowance|salary)" + - "(?i).*(salary[^\\s/(;)#|,=!>]{0,10}(?:details|detail|slip|pay)|employee[^\\s/(;)#|,=!>]{0,10}salary|basic[^\\s/(;)#|,=!>]{0,10}salary|(?:dearness|houserent)[^\\s/(;)#|,=!>]{0,10}allowance|salary)|(previous|prev|current|curr)[^\\s/(;)#|,=!>]*(employee|employment)[^\\s/(;)#|,=!>]*(?:pay|salary)" tags: law: GDPR @@ -155,6 +155,6 @@ sources: isSensitive: True sensitivity: high patterns: - - "(?i).*(insurance[^\\s/(;)#|,=!>]*(?:policy|plan|card|claim)|(?:insurance)[^\\s/(;)#|,=!>]*(?:card|policy|claim|plan|company)|card[^\\s/(;)#|,=!>]*insurance|insurance[^\\s/(;)#|,=!>]*policy[^\\s/(;)#|,=!>]*(?:nbr|number|id|no)|insurance[^\\s/(;)#|,=!>]*claim[^\\s/(;)#|,=!>]*(?:nbr|number|id|no))" + - "(?i).*(insurance[^\\s/(;)#|,=!>]*(?:policy|plan|card|claim)|(?:insurance)[^\\s/(;)#|,=!>]*(?:card|policy|claim|plan|company)|card[^\\s/(;)#|,=!>]*insurance|insurance[^\\s/(;)#|,=!>]*policy[^\\s/(;)#|,=!>]*(?:nbr|number|id|no)|insurance[^\\s/(;)#|,=!>]*claim[^\\s/(;)#|,=!>]*(?:nbr|number|id|no)|ni[-_]?(?:nbr|no|number))" tags: law: GDPR diff --git a/rules/sources/national_identification_numbers.yaml b/rules/sources/national_identification_numbers.yaml index 6177f095..bbfee3f3 100644 --- a/rules/sources/national_identification_numbers.yaml +++ b/rules/sources/national_identification_numbers.yaml @@ -48,3 +48,13 @@ sources: - "(?i)(employer[^\\s/(;)#|,=!>]{0,3}(identification|id)[^\\s/(;)#|,=!>]{0,3}(?:number|no)|ein)" tags: law: GDPR + + - id: Data.Sensitive.NationalIdentificationNumbers.PersonalPublicServiceNumber + name: Personal Public Service Number + category: National Identification Numbers + isSensitive: False + sensitivity: high + patterns: + - "(?i)(personal[^\\s/(;)#|,=!>]{0,3}(public)[^\\s/(;)#|,=!>]{0,3}(?:number|no)|pps[-_]?(?:nbr|no|number))" + tags: + law: GDPR diff --git a/rules/sources/personal_identification.yaml b/rules/sources/personal_identification.yaml index 95a72f4c..f1dace7a 100644 --- a/rules/sources/personal_identification.yaml +++ b/rules/sources/personal_identification.yaml @@ -15,7 +15,7 @@ sources: isSensitive: False sensitivity: low patterns: - - "(?i).*((?:first|given)[^\\s/(;)#|,=!>]{0,5}|full)name" + - "(?i).*((?:first|given)[^\\s/(;)#|,=!>]{0,5}|fore[-_]?|full[-_]?)name" tags: law: GDPR From cbf8ffe2c2c71ab37b3e38dd27aacd499e83a98e Mon Sep 17 00:00:00 2001 From: Ankit Kumar <118803988+ankit-privado@users.noreply.github.com> Date: Wed, 3 Jul 2024 22:00:22 +0530 Subject: [PATCH 04/11] JS 3ps refactoring (#477) Co-authored-by: Hitesh Mahajan --- rules/sinks/third_parties/sdk/datadog/go.yaml | 13 ------------- rules/sinks/third_parties/sdk/datadoghq/go.yaml | 2 +- 2 files changed, 1 insertion(+), 14 deletions(-) delete mode 100644 rules/sinks/third_parties/sdk/datadog/go.yaml diff --git a/rules/sinks/third_parties/sdk/datadog/go.yaml b/rules/sinks/third_parties/sdk/datadog/go.yaml deleted file mode 100644 index 3c78c81e..00000000 --- a/rules/sinks/third_parties/sdk/datadog/go.yaml +++ /dev/null @@ -1,13 +0,0 @@ - -# Sink rule for ThirdParty SDK -# The id follows a format : "ThirdParties.SDK.." - -sinks: - - - id: ThirdParties.SDK.Datadog - name: Datadog - domains: - - "datadoghq.com" - patterns: - - "(?i)(github.com|gopkg.in)(/)(DataDog)(/)(datadog-go|dd-trace-go).*" - tags: \ No newline at end of file diff --git a/rules/sinks/third_parties/sdk/datadoghq/go.yaml b/rules/sinks/third_parties/sdk/datadoghq/go.yaml index e489e562..bd0eafa9 100644 --- a/rules/sinks/third_parties/sdk/datadoghq/go.yaml +++ b/rules/sinks/third_parties/sdk/datadoghq/go.yaml @@ -9,5 +9,5 @@ sinks: domains: - "datadoghq.com" patterns: - - "(?i)(github.com)(/)(DataDog)(/)(opencensus-go-exporter-datadog).*" + - "(?i)(github.com|gopkg.in)(/)(DataDog)(/)(opencensus-go-exporter-datadog|datadog-go|dd-trace-go).*" tags: From 0062568a28481eee57e0ec36caca5e7d8330e335 Mon Sep 17 00:00:00 2001 From: Karan Batavia Date: Thu, 4 Jul 2024 15:43:03 +0530 Subject: [PATCH 05/11] dummy commit From d4fe0f892ebae3bf6eccc05f0fcfeb4a877e23f9 Mon Sep 17 00:00:00 2001 From: Karan Batavia Date: Thu, 4 Jul 2024 15:58:57 +0530 Subject: [PATCH 06/11] dummy commit From 69b12982c263741dc57acd8c0b02280fab110bc8 Mon Sep 17 00:00:00 2001 From: Ankit Kumar <118803988+ankit-privado@users.noreply.github.com> Date: Thu, 4 Jul 2024 16:48:04 +0530 Subject: [PATCH 07/11] php rule addition (#481) * php rule addition * removed false 3ps * code refactoring * aws rule addition --- config/systemConfig/php.yaml | 2 +- rules/sinks/storages/doctrine/php.yaml | 4 ++-- rules/sinks/storages/mongodb/php.yaml | 17 +++++++++++++++++ rules/sinks/third_parties/sdk/amazon/php.yaml | 1 + .../sinks/third_parties/sdk/microsoft/php.yaml | 8 ++++++++ .../third_parties/sdk/opentelemetry/php.yaml | 13 +++++++++++++ 6 files changed, 42 insertions(+), 3 deletions(-) create mode 100644 rules/sinks/storages/mongodb/php.yaml create mode 100644 rules/sinks/third_parties/sdk/opentelemetry/php.yaml diff --git a/config/systemConfig/php.yaml b/config/systemConfig/php.yaml index 3c302376..6c518f58 100644 --- a/config/systemConfig/php.yaml +++ b/config/systemConfig/php.yaml @@ -1,6 +1,6 @@ systemConfig: - key: apiHttpLibraries - value: (?i)(guzzlehttp|curl_init|requests|buzz.browser|httpful|phphttp|zend.http|buzz.client|unirest.request|curler.client|rollingcurlx|restclient|react.http|goutte.client|nyholm.psr7|restrequest|.*(httpclient)).* + value: (?i)(guzzlehttp|curl_init|requests|buzz.browser|httpful|phphttp|zend.http|buzz.client|unirest.request|curler.client|rollingcurlx|restclient|react.http|goutte.client|nyholm.psr7|restrequest|.*(httpclient)|psr\\\\http\\\\client|microsoft\\\\kiota|cebe\\\\openapi).* - key: apiSinks value: (?:url|request|sendRequest|create|client|openConnection|curl_init|request|execute|newCall|load|host|access|usequery|fetch|fetchapi|fetchlegacyxml|createfetch|postform|axios|cors|get|getInputStream|getApod|getForObject|getForEntity|list|set|put|post|del|proceed|trace|patch|Path|send|sendAsync|remove|delete|write|read|assignment|provider|exchange|postForEntity|call|createCall|createEndpoint|dispatch|invoke|newMessage|getInput|getOutput|getResponse|marshall|unmarshall|send|asyncSend|emit|on|track|addEventListener|ajax) diff --git a/rules/sinks/storages/doctrine/php.yaml b/rules/sinks/storages/doctrine/php.yaml index b0a799e8..3dab33d6 100644 --- a/rules/sinks/storages/doctrine/php.yaml +++ b/rules/sinks/storages/doctrine/php.yaml @@ -5,14 +5,14 @@ sinks: - id: Storages.Doctrine.Interface.Initialize name: Doctrine Interface (Initialize) domains: - - www.doctrine-project.org + - doctrine-project.org patterns: - "(?i).*(?:Doctrine\\\\ORM\\\\EntityManager).*(__construct)" - id: Storages.Doctrine.Interface.ReadAndWrite name: Doctrine Interface (Read and Write) domains: - - www.doctrine-project.org + - doctrine-project.org patterns: - "(?i).*(?:Doctrine\\\\ORM\\\\EntityManager).*(getConnection|getMetadataFactory|getExpressionBuilder|beginTransaction|transactional|commit|rollback|getClassMetadata|createQuery|createNamedQuery|createNativeQuery|createNamedNativeQuery|createQueryBuilder|flush|find|getReference|getPartialReference|clear|close|persist|remove|refresh|detach|merge|copy|lock|getEventManager|create|insert|delete)" tags: diff --git a/rules/sinks/storages/mongodb/php.yaml b/rules/sinks/storages/mongodb/php.yaml new file mode 100644 index 00000000..c2144c36 --- /dev/null +++ b/rules/sinks/storages/mongodb/php.yaml @@ -0,0 +1,17 @@ + +# Sink Rules for storage database MongoDB - https://www.mongodb.com/ + +sinks: + - id: Storages.MongoDB.Read + name: MongoDB(Read) + domains: + - mongodb.com + patterns: + - "(?i).*(MongoDB(\\\\)?(Client|Driver)).*(find|findOne|findAndModify|distinct|aggregate|execute|executeQuery)" + + - id: Storages.MongoDB.Write + name: MongoDB(Write) + domains: + - mongodb.com + patterns: + - "(?i).*(MongoDB(\\\\)?(Client|Driver)).*(insertOne|update|updateMany|replaceOne|deleteOne|deleteMany|bulkWrite)" \ No newline at end of file diff --git a/rules/sinks/third_parties/sdk/amazon/php.yaml b/rules/sinks/third_parties/sdk/amazon/php.yaml index 65a1eb9f..103e8e19 100644 --- a/rules/sinks/third_parties/sdk/amazon/php.yaml +++ b/rules/sinks/third_parties/sdk/amazon/php.yaml @@ -11,6 +11,7 @@ sinks: patterns: - "(?i)(aws.laravel).*" - "(?i).*(easy.amazon.advertising|sns.push|instantaccess.sdk|kinesis|rds.data.service|amazon.advertising.laravel|selling.partner.api|amazon.advertising.api.sdk|amazon.pay.api.sdk.|paapisdk|predis.client.nette.extension|firehose|simple.s3|typo3.aws|amazon.mws.sdk|secrets.manager|cloud.watch.logs|step.functions|amazon.pay.sdk|cloud.watch|event.bridge|amazon.mws.bundle|dynamo.db.session|yii.aws|dynamodb.sessions.dependency.free|amazon.mws.complete|login.and.pay.with.amazon.sdk.|sp.api.sdk|amazon.paapi5.sdk|cognito.identity.provider|paapi5.sdk).*" + - "(?i).*(aws\\\\s3\\\\s3client).*" tags: - id: ThirdParties.SDK.Amazon diff --git a/rules/sinks/third_parties/sdk/microsoft/php.yaml b/rules/sinks/third_parties/sdk/microsoft/php.yaml index 44524db4..f786d0c8 100644 --- a/rules/sinks/third_parties/sdk/microsoft/php.yaml +++ b/rules/sinks/third_parties/sdk/microsoft/php.yaml @@ -301,3 +301,11 @@ sinks: patterns: - "(?i)azure.powerbi.*" tags: + + - id: ThirdParties.SDK.Microsoft.Graph + name: Microsoft Graph + domains: + - "developer.microsoft.com/graph" + patterns: + - "(?i)Microsoft\\\\Graph.*" + tags: \ No newline at end of file diff --git a/rules/sinks/third_parties/sdk/opentelemetry/php.yaml b/rules/sinks/third_parties/sdk/opentelemetry/php.yaml new file mode 100644 index 00000000..fd3cbf1b --- /dev/null +++ b/rules/sinks/third_parties/sdk/opentelemetry/php.yaml @@ -0,0 +1,13 @@ + +# Sink rule for ThirdParty SDK +# The id follows a format : "ThirdParties.SDK.." + +sinks: + + - id: ThirdParties.SDK.Opentelemetry + name: Opentelemetry + domains: + - "opentelemetry.io" + patterns: + - "(?i)(OpenTelemetry\\\\(sdk|api)).*" + tags: From 18e71582aea2e1cf65cdd8729281172fa23c51dd Mon Sep 17 00:00:00 2001 From: Karan Batavia Date: Thu, 4 Jul 2024 16:53:19 +0530 Subject: [PATCH 08/11] dummy commit From c410535ec1a5408e1a72a0e56a7876bd59fb28f8 Mon Sep 17 00:00:00 2001 From: Karan Batavia Date: Thu, 4 Jul 2024 17:09:54 +0530 Subject: [PATCH 09/11] change docker tag --- buildspec.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/buildspec.yml b/buildspec.yml index d0ae060c..5985035c 100644 --- a/buildspec.yml +++ b/buildspec.yml @@ -23,15 +23,19 @@ phases: fi - echo $VERSION - echo $BRANCH_NAME + - | + COMMIT_HASH=$(git rev-parse --short HEAD) + TIMESTAMP=$(date +%Y%m%d%H%M%S) + DOCKER_TAG="${COMMIT_HASH}${TIMESTAMP}" - | if [[ $AWS_REGION = "eu-west-1" ]] then TAG_1=latest else - TAG_1=${CODEBUILD_WEBHOOK_TRIGGER:7} + TAG_1=$DOCKER_TAG fi - TAG_2=$VERSION - - TAG_3=${CODEBUILD_WEBHOOK_HEAD_REF##*/} + - TAG_3=$DOCKER_TAG build: commands: From da74df6293a1e4a824992a3cdac68594c9a8e5fe Mon Sep 17 00:00:00 2001 From: Karan Batavia Date: Thu, 4 Jul 2024 17:22:49 +0530 Subject: [PATCH 10/11] dummy commit From 927048466185bd4e1392723e415bff92e07c82ef Mon Sep 17 00:00:00 2001 From: Ankit Kumar <118803988+ankit-privado@users.noreply.github.com> Date: Thu, 4 Jul 2024 18:05:54 +0530 Subject: [PATCH 11/11] Php audit (#482) * php rule addition * removed false 3ps * code refactoring * aws rule addition * revert docker change --- buildspec.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/buildspec.yml b/buildspec.yml index 5985035c..d0ae060c 100644 --- a/buildspec.yml +++ b/buildspec.yml @@ -23,19 +23,15 @@ phases: fi - echo $VERSION - echo $BRANCH_NAME - - | - COMMIT_HASH=$(git rev-parse --short HEAD) - TIMESTAMP=$(date +%Y%m%d%H%M%S) - DOCKER_TAG="${COMMIT_HASH}${TIMESTAMP}" - | if [[ $AWS_REGION = "eu-west-1" ]] then TAG_1=latest else - TAG_1=$DOCKER_TAG + TAG_1=${CODEBUILD_WEBHOOK_TRIGGER:7} fi - TAG_2=$VERSION - - TAG_3=$DOCKER_TAG + - TAG_3=${CODEBUILD_WEBHOOK_HEAD_REF##*/} build: commands: