Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge Develop into Release #3488

Closed
wants to merge 8 commits into from
Closed

Merge Develop into Release #3488

wants to merge 8 commits into from

Commits on Sep 18, 2024

  1. Be consistent with using .fixed.test.yaml not .test.fixed.yaml (#3471) 

    test plan:
make test
    @aryx
    aryx authored Sep 18, 2024
    Configuration menu
    Copy the full SHA
    b756568 View commit details
    Browse the repository at this point in the history

Commits on Sep 19, 2024

  1. PHP tainted exec (#3468) 

    * PHP tainted exec

When user input is passed to a function that executes a shell command, without
escaping.

* Correct message string YAML operator

Co-authored-by: Pieter De Cremer (Semgrep) <pieter@r2c.dev>

---------

Co-authored-by: Pieter De Cremer (Semgrep) <pieter@r2c.dev>
Co-authored-by: Lewis <LewisArdern@live.co.uk>
    @Sjord @0xDC0DE @LewisArdern
    3 people authored Sep 19, 2024
    Configuration menu
    Copy the full SHA
    6d1b466 View commit details
    Browse the repository at this point in the history

  2. Upload dockerd socket mount detection rule and test file (#3360) 

    * Upload dockerd socket mount detection rule and test file

* Update dockerd-socket-mount.dockerfile

* Update documentbuilderfactory-disallow-doctype-decl-missing.yaml

Update the rule for checking if FEATURE_SECURE_PROCESSING is set to TRUE for DocumentBuilderFactory object.

* Revert "Update documentbuilderfactory-disallow-doctype-decl-missing.yaml"

This reverts commit c1e2281.

---------

Co-authored-by: Pieter De Cremer (Semgrep) <pieter@r2c.dev>
    @r0075h3ll @0xDC0DE
    r0075h3ll and 0xDC0DE authored Sep 19, 2024
    Configuration menu
    Copy the full SHA
    7427b82 View commit details
    Browse the repository at this point in the history

  3. Switch to osemgrep test --experimental (from 3min to 21s) (#3472) 

    * Switch to osemgrep test --experimental

test plan:
wait for green CI check

* comment

* comments
    @aryx
    aryx authored Sep 19, 2024
    Configuration menu
    Copy the full SHA
    be389ac View commit details
    Browse the repository at this point in the history

  4. remove fingerprints/fingerprints.yaml (#3474) 

    * remove fingerprints/fingerprints.yaml

No idea what this file is, but it's annoying because
we have to skip it in many scripts because it does not
contain regular rules and target test files.
Let's just remove it to simplify things.

test plan:
wait for green CI checks

* remove every use of fingerprints (each time it was to skip the dir)
    @aryx
    aryx authored Sep 19, 2024
    Configuration menu
    Copy the full SHA
    46fc340 View commit details
    Browse the repository at this point in the history

Commits on Sep 23, 2024

  1. chore: Fix some wrong annotations (#3476) 

    test plan:
osemgrep test on those dirs do not report any more warnings
about wrong annotations
    @aryx
    aryx authored Sep 23, 2024
    Configuration menu
    Copy the full SHA
    8ce8781 View commit details
    Browse the repository at this point in the history

  2. Run osemgrep test --pro on apex/ and elixir/ too (#3478) 

    test plan:
wait for green CI checks
    @aryx
    aryx authored Sep 23, 2024
    Configuration menu
    Copy the full SHA
    de1405b View commit details
    Browse the repository at this point in the history

Commits on Sep 25, 2024

  1. Merge branch 'release' into merge-develop-to-release

    @0xDC0DE
    0xDC0DE authored Sep 25, 2024
    Configuration menu
    Copy the full SHA
    dc5a75d View commit details
    Browse the repository at this point in the history