Enhance sast-rule(s) python/exec/...yml
Problem
This issue contains changes to many files:
-
Delete python/exec/rule-import-subprocess.yml as this is a poor rulecovered by Remove sast-rule python/exec/rule-import-subpro... (#440839 - closed) - python/exec/rule-linux-command-wildcard-injection.yml confirm the pattern-regex applies properly to detecting wildcards. Create test case to confirm.
- Create tests for each yml file as most do not have them.
- Ensure each check's pattern has a pattern-not for constant strings to reduced FPs
- Consider consolidating many of these rules together as there is a lot of overlap
Solution
Follow the enhance rule checklist.
Edited by Dinesh Bolkensteyn