Structure of the central rule repository
The central rule repository we need for #332153 (closed) has the following desirable properties.
-
Consistent Rule identification schema we use for all rules (rule slugs) -
Repository structure should make it possible to apply a sensible semantic versioning scheme (#329730 (closed)) (one rule per file) -
Rule verification; run CI jobs to verify and test rules once a rule is altered; CI job errors should be easily linkable to a specific rule (strict rule formatting guidelines + field constraints) -
Ideally rules are easily mappable to https://github.com/returntocorp/semgrep-rules (upstream contributions) (added source links to the rule headers)
Edited by Julian Thome