gitlab gitlab-org/security-products/analyzers/semgrep v4.12.0
on GitLab

latest releases: v5.3.3, v5.3.2, v5.3.1...
4 months ago
  • Update sast-rules version 2.0.11 (!370)
    • License GitLab rules as GitLab Enterprise Edition
    • Update go/filesystem/rule-decompression-bomb.yml adds io.LimitReader as a sanitizer
    • Update java/inject/rule-ELInjection.yml with additional patterns
    • Add java/crypto/rule-JwtDecodeWithoutVerify.yml to detect the decoding of a JWT token without a verify step
    • Add OWASP mappings for all C# rules
    • Add OWASP mappings for all Go rules
    • Add OWASP mappings for all Python rules
    • Add OWASP mappings for all Java rules
    • Remove java/inject/rule-CLRFInjectionLogs.yml as modern loggers (from at least 2018) no longer allow injection of control characters
Check out latest releases or
releases around gitlab-org/security-products/analyzers/semgrep v4.12.0

Don't miss a new semgrep release

NewReleases is sending notifications on new releases.

Get notifications