Skip to content

fix: Reintroduce security prefix for secondary identifiers, drop unneeded index suffix when single-mapping, and split react rule mapping

What

Assorted changes to get us closer to gitlab-org/security-products/analyzers/semgrep!147 (closed)

  1. Previous security prefix removal should have only applied to primary IDs, see https://gitlab.com/gitlab-org/secure/gsoc-sast-vulnerability-rules/playground/sast-rules/-/merge_requests/94
  1. Drops unnecessary -1 suffix for rules which are not aggregated
  • This prevents primary identifier mismatches and simplies semgrep's convert functionality to no longer need computeRuleName to split
  1. (relies on 2 above) Splits react eslint rule into two separate rules to ensure secondary_identifier mapping corresponds:

The second item is probably the biggest change. Any reason to not do this?

Edited by Lucas Charles

Merge request reports