• Update sast-rules version 2.1.1 (!384)
  • Update rules/lgpl/javascript/crypto/rule-node_insecure_random_generator.yml with better description text and pattern constraints
  • Update rules/lgpl/javascript/eval/rule-yaml_deserialize.yml to match on typescript import pattern
  • Update rules/lgpl/javascript/xss/rule-handlebars-noescape.yml with improved patterns and test-cases
  • Update rules/lgpl/javascript/crypto/rule-node_md5.yml with improved patterns and description text
  • Update javascript/xss/rule-mustache-escape.yml to match on how escape is actually used in mustache
  • Remove rules/lgpl/javascript/xml/rule-xxe_xml2json.yml
  • Remove all rules under rules/lgpl/javascript/generic as they contain secret detection rules or are FP prone
  • Import initial Ruby ruleset (but not yet enabled)
  • Correctly apply license for rules/lgpl-cc/java/ftp/rule-FTPInsecureTransport in distribution file
  • Correctly apply license for rules/lgpl-cc/java/password/rule-HardcodeKey in distribution file
  • Correctly apply license for rules/lgpl-cc/java/crypto/rule-JwtNoneAlgorithm in distribution file