Unnecessary whitespace is being added to packaged SAST rules
Background
The packaged rules from sast-rules
sometimes include odd whitespace in individual fields.
@mhenriksen noted this in an internal note on a related epic: &13906 (comment 1920078818)
A significant number of patterns are inserted with strange trailing whitespace like this:
. . . patterns: - pattern: '$VALUE. ... .setProperty("jdk.tls.client.protocols", "$PATTERNS"); ' . . .
I don't know whether this could cause them to not match properly or not.
This doesn't seem to impact detection, but:
- At best, it's unnecessary and potentially confusing.
- At worst, it could directly or indirectly cause functional bugs.
Proposal
Remove the unexpected whitespace from the packaged rule files to reduce confusion and risk.