Enhance sast-rule python/eval/rule-eval.yml
Problem
- Add
pattern-not
for constant strings - Add other
pattern-not
s to reduce FPs if applicable.
Solution
Follow the enhance rule checklist.
-
Add a runnable test case demonstrating the vulnerability in one of the real world test projects -
Add a comment above each method/sink of which rule the test was implemented for.
-
-
Fix/update rule to the specification in this issue -
Create a test in the same directory, replacing 'rule-XXX.yml' with 'rule-XXX.java' -
If one exists, add the variants or update tests for both true and negative cases. Be sure they follow Semgrep's rule testing guidelines.
-
-
Update the CHANGELOG.md with the change -
Push the changes as a feature branch to this repository if access, otherwise to a fork -
Create the MR -
Update the ! in the CHANGELOG.md if necessary after the MR is created -
Assign for review to someone in the CODEOWNERS file
Edited by Jayson Salazar Rodriguez