gitlab gitlab-org/security-products/analyzers/semgrep v5.29.0
on GitLab

3 days ago
  • Update sast-rules version 2.8.2 (!552)
    • Update metadata (severity and CWE mappings) for some rules (!665)
    • Split javascript_buf_rule-buffer-noassert rule into two more specific and narrower rules (!665)
    • Remove duplicate rule rules_lgpl_javascript_memory_rule-buffer-noassert (!665)
    • Update rule-SqlInjection.yml to assume numbers and booleans cannot contain taint (!668)
    • Update python_escaping_rule-jinja2-autoescape-false rule to enhance patterns (!609)
    • Update rules_lgpl_javascript_ssrf_rule-node-ssrf rule to enhances patterns to reduce False Positives (!663)
    • Update rules_lgpl_javascript_ssrf_rule-node-ssrf rule to enhance fetch api patterns to reduce False Positives (!662)
    • Update java_crypto_rule-CipherPaddingOracle, java_crypto_rule-CipherIntegrity and java_crypto_rule-CipherECBMode rules to enhance patterns (!646)
    • Add rules/lgpl-cc/yaml/spring/accesscontrol/rule-SpringActuatorFullyEnabled to detect vulnerable spring actuator configuration in *.yaml and *.yml files (!675)
    • Add rules/lgpl-cc/properties/spring/accesscontrol/rule-SpringActuatorFullyEnabled to detect vulnerable spring actuator configuration in *.properties files (!675)
    • Update python_sql_rule-hardcoded-sql-expression rule to reduce False Positives (!684)
    • Update csharp_injection_rule-SQLInjection rule to increase coverage (!679)
    • Add rules/gitlab/java/deserialization/rule-InsecureDeserialization.yaml (!678)
Check out latest releases or
releases around gitlab-org/security-products/analyzers/semgrep v5.29.0

Don't miss a new semgrep release

NewReleases is sending notifications on new releases.

Get notifications