Remove low-value Python semgrep rules
Remove
- python/cgi/rule-import_httpoxy.yml not vulnerable since 2016 https://bugs.python.org/issue27568
- python/crypto/rule-import_pyghmi.yml super old rule (2013!) should remove https://www.cisa.gov/news-events/alerts/2013/07/26/risks-using-intelligent-platform-management-interface-ipmi
- python/xml/rule-import_pickle.yml we already have rules for these in the deserialization path
- python/escaping/rule-mark_safe.yml - duplicate of rule-django.yml
- python/exception/rule-try_except_continue.yml this is a poor rule, it's fine to call except/continue
- python/exception/rule-try_except_pass.yml this is a poor rule, it is fine to call try / except pass
- python/ftp/rule-import_ftplib.yml - remove as it's a duplicate of rule-ftplib.py
- python/https/rule-httpsconnection.yml - this is a SCA problem not a SAST problem (flag if python < 3.4.3 and HTTPSConnection is used)
- python/secrets/ - Remove as that's what secret detection is for
- python/telnet/rule-telnetlib.yml duplicate of telnib
- python/tmpdir/rule-specialdir.yml - perfectly fine to use /dev/shm as a tempfs. we also already catch using /tmp/ directly in rule-hardcodedtmp
- python/tmpdir/rule-tempnam.yml removed in python 3, python 2.7 is no longer supported
- python/urlopen/rule-urllib_urlopen2.yml duplicate of urlopen1, has no tests, merge missing patterns in to urllopen1
- python/xml/rule-import_pickle.yml this isn't even an xml rule also we have this covered in deserialization
- python/xml/rule-import_... - remove all import rules as they are just duplicates of the other rules