semgrep · p4p3r · Feb 8, 2024 · Feb 7, 2024 · Feb 7, 2024
diff --git a/generic/secrets/security/detected-etc-shadow.yaml b/generic/secrets/security/detected-etc-shadow.yaml
@@ -1,6 +1,8 @@
 rules:
 - id: detected-etc-shadow
-  pattern-regex: root:[x!*]*:[0-9]*:[0-9]*
+  patterns:
+  - pattern-regex: ^(\s*)(?P<ROOT>root:[x!*]*:[0-9]*:[0-9]*)
+  - focus-metavariable: $ROOT
   languages: [regex]
   message: linux shadow file detected
   severity: ERROR

diff --git a/go/lang/security/decompression_bomb.yaml b/go/lang/security/decompression_bomb.yaml
@@ -3,9 +3,7 @@ rules:
   message: >-
     Detected a possible denial-of-service via a zip bomb attack. By limiting the max
     bytes read, you can mitigate this attack.
-    `io.CopyN()` can specify a size. Refer to https://bomb.codes/ to learn more about
-    this attack and other ways to mitigate
-    it.
+    `io.CopyN()` can specify a size. 
   severity: WARNING
   languages: [go]
   patterns:
@@ -51,7 +49,6 @@ rules:
     - 'CWE-400: Uncontrolled Resource Consumption'
     source-rule-url: https://github.com/securego/gosec
     references:
-    - https://bomb.codes/
     - https://golang.org/pkg/io/#CopyN
     - https://github.com/securego/gosec/blob/master/rules/decompression-bomb.go
     category: security