- Support swift and objective-c extensions *.swift, *.m (!404)
- Update sast-rules version 2.4.0 (!404)
- Add MobSF rules
- Add Brakeman rules
- Add
rules/lgpl-cc/java/crypto/rule-HttpGetHTTPRequest
Java HttpGet HTTP request - Add
rules/lgpl-cc/java/crypto/rule-HTTPUrlConnectionHTTPRequest
Java HTTPUrlConnection HTTP Request - Add
rules/lgpl-cc/java/crypto/rule-SocketRequestUnsafeProtocols
Java Socket Unsafe Protocols - Add
rules/lgpl-cc/java/crypto/rule-TLSUnsafeRenegotiation
Java TLS Unsafe Renegotiation - Add
rules/lgpl-cc/java/crypto/rule-UnirestHTTPRequest
Java TLS Unirest - Add
rules/lgpl-cc/java/file/rule-FilePathTraversalHttpServlet
- Add
rules/lgpl-cc/java/xxe/rule-XMLInputFactoryExternalEntitiesEnabled
java xxe xmlinputfactory - Update
java/inject/rule-SqlInjection
with missing patterns - Update
rules/lgpl-cc/java/inject/rule-SqlInjection
with more sinks, sanitizers and sources - Update
python/exec/rule-exec-used
description - Update
python/exec/rule-linux-command-wildcard-injection
to cover both wildcards (* and ?) and simplifies the rule - Update
rules/lgpl/javascript/jwt/rule-jwt_express_hardcoded
- Update
rules/lgpl/javascript/xss/rule-squirrelly_autoescape
to match code written in ES6