Revert !101
What does this MR do?
In !101 (merged) the primary identifiers were updated in that:
This MR uses only the first component of the primary identifier so that we no longer generate very long primary identifiers and that they map to a distinct native analyzer rule.
Changing the primary identifiers in this way means that if these rules were to be used in semgrep
, all existing customer vulnerability findings would be auto-resolved, and new ones would be created in their place.
This MR reverts that change so that sast-rules
can become the SSoT for all semgrep rules without affecting customers' vulnerability findings.
Related discussion: gitlab-org/security-products/analyzers/semgrep!249 (comment 1374137046)
Note: This MR also changes the primary identifiers of find_sec_bugs_scala
which were not included in the original MR. I decided to do this because I don't think find_sec_bugs_scala
has been released, and to maintain consistency which will make any future changes simple.