Fix a bug where only a subset of rules was copied over
What does this MR do?
Copy all rules from sast-rules into the /rules
directory.
Currently, only the rules below are active within our semgrep analyser:
/rules/bandit.yml
/rules/brakeman.yml
/rules/eslint.yml
/rules/find_sec_bugs.yml
/rules/find_sec_bugs_kotlin.yml
/rules/find_sec_bugs_scala.yml
/rules/flawfinder.yml
/rules/gosec.yml
/rules/mobsf.yml
/rules/nodejs_scan.yml
/rules/phpcs_security_audit.yml
/rules/security_code_scan.yml
With the new changes, the rules below are included:
/rules/bandit.yml
/rules/lgpl-cc/brakeman.yml
/rules/eslint.yml
/rules/find_sec_bugs.yml
/rules/lgpl/find_sec_bugs_kotlin.yml
/rules/find_sec_bugs_scala.yml
/rules/flawfinder.yml
/rules/gosec.yml
/rules/lgpl/mobsf.yml
/rules/lgpl/nodejs_scan.yml
/rules/lgpl-cc/phpcs_security_audit.yml
/rules/security_code_scan.yml
---
/rules/gitlab/gitlab_ee_java.yml
/rules/lgpl-cc/gitlab_lgpl_cc_java.yml
/rules/lgpl-cc/gitlab_lgpl_cc_javascript.yml
/rules/lgpl-cc/gitlab_lgpl_cc_python.yml
Rule-sets that were not previously available:
/rules/gitlab/gitlab_ee_java.yml
/rules/lgpl-cc/gitlab_lgpl_cc_java.yml
/rules/lgpl-cc/gitlab_lgpl_cc_javascript.yml
/rules/lgpl-cc/gitlab_lgpl_cc_python.yml
The effect of this change with regards to Semgrep-based analyzer image omits files that a... (gitlab-org/gitlab#463397 - closed) • Julian Thome • 17.1 • On track is described in gitlab-org/gitlab#463397 (comment 1920756356).
What are the relevant issue numbers?
gitlab-org/gitlab#463397 (closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests updated/added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Julian Thome