- Update sast-rules version 2.0.11 (!370)
- License GitLab rules as GitLab Enterprise Edition
- Update
go/filesystem/rule-decompression-bomb.yml
adds io.LimitReader as a sanitizer - Update
java/inject/rule-ELInjection.yml
with additional patterns - Add
java/crypto/rule-JwtDecodeWithoutVerify.yml
to detect the decoding of a JWT token without a verify step - Add OWASP mappings for all C# rules
- Add OWASP mappings for all Go rules
- Add OWASP mappings for all Python rules
- Add OWASP mappings for all Java rules
- Remove
java/inject/rule-CLRFInjectionLogs.yml
as modern loggers (from at least 2018) no longer allow injection of control characters