Skip to content
GitLab
Next
Menu
Why GitLab
Pricing
Contact Sales
Explore
Why GitLab
Pricing
Contact Sales
Explore
Sign in
Get free trial
GitLab.org
security-products
sast-rules
Merge requests
Open
3
Merged
67
Closed
17
All
87
Recent searches
{{formattedKey}}
{{ title }}
{{ help }}
{{name}}
@{{username}}
None
Any
{{name}}
@{{username}}
None
Any
{{name}}
@{{username}}
None
Any
{{name}}
@{{username}}
None
Any
{{name}}
@{{username}}
{{name}}
@{{username}}
None
Any
Upcoming
Started
{{title}}
None
Any
{{title}}
None
Any
{{title}}
None
Any
{{name}}
Yes
No
Yes
No
{{title}}
{{title}}
{{title}}
Created date
Improve C# LDAPi and XPathi rules
!89
· created
Oct 04, 2022
by
James Liu
15.5
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
11
Approved
updated
Oct 11, 2022
Imported changes (Do not detect HttpDelete or HttpPut)
!100
· created
Oct 31, 2022
by
Julian Thome
15.6
1st contribution
Category:SAST
Community contribution
devops
secure
feature
enhancement
group
vulnerability research
section
sec
type
feature
Merged
4
Approved
updated
Dec 26, 2022
Synchronize new upstream rules in the ruleset
!112
· created
Jan 04, 2023
by
Vishwa Bhat
15.9
Category:SAST
backend
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
57
Approved
updated
Apr 22, 2024
Sync upstream bandit rules
2 of 2 checklist items completed
!119
· created
Feb 15, 2023
by
Vishwa Bhat
15.9
Category:SAST
backend
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
2
Approved
updated
Feb 22, 2023
feat: Add missing OWASP categories to C rulesets
!123
· created
Mar 08, 2023
by
Lucas Charles
15.11
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
55
Approved
updated
Mar 30, 2023
Revert !101
!138
· created
May 02, 2023
by
Craig Smith
16.0
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
17
Approved
updated
May 08, 2023
Update pattern of avoid PyYAML.load in bandit.b506
!140
· created
May 04, 2023
by
Ahmed Hemdan
16.0
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
8
Approved
updated
May 10, 2023
Improve Scala ruleset coverage
!142
· created
May 08, 2023
by
Vishwa Bhat
16.0
Category:SAST
backend
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
40
Approved
updated
May 10, 2023
feat: Drop high-FP eslint detect-object-injection rule
!150
· created
May 15, 2023
by
Lucas Charles
16.0
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
4
Approved
updated
Apr 10, 2024
Reapply 188
!215
· created
Sep 12, 2023
by
Craig Smith
16.6
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
1
Approved
updated
Oct 19, 2023
Remove poor Go rules
!216
· created
Sep 13, 2023
by
Craig Smith
16.6
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
2
Approved
updated
Oct 31, 2023
Merge branch 'remove_python_rules' into 'main'
!217
· created
Sep 13, 2023
by
Craig Smith
16.6
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
2
Approved
updated
Nov 02, 2023
Merge branch 'remove_csharp_rules' into 'main'
!218
· created
Sep 13, 2023
by
Craig Smith
16.7
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
2
Approved
updated
Nov 17, 2023
Merge branch 'remove_javascript_rules' into 'main'
!219
· created
Sep 13, 2023
by
Craig Smith
16.6
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
1
Approved
updated
Nov 10, 2023
Merge branch 'remove_bad_java_rules' into 'main'
!220
· created
Sep 13, 2023
by
Craig Smith
16.7
Category:SAST
devops
secure
feature
enhancement
group
static analysis
section
sec
type
feature
Merged
3
Approved
updated
Nov 23, 2023
Issue-433061 Update java ModifyAfterValidation rule with new sinks
!246
· created
Dec 10, 2023
by
Lanka De Alwis
1st contribution
Community contribution
devops
secure
feature
enhancement
group
vulnerability research
linked-issue
section
sec
type
feature
Merged
10
Approved
updated
Dec 13, 2023
Enhance Node SQLi Injection Semgrep rule to Support Sequelize
!261
· created
Dec 13, 2023
by
Bhavya Kaushal
16.8
Contractor Contribution
Hackathon
Leading Organization
devops
secure
feature
enhancement
group
vulnerability research
linked-issue
section
sec
type
feature
Merged
8
Approved
updated
Apr 15, 2024
Updated the rule-ScriptInjection.yml
!266
· created
Dec 15, 2023
by
Chathumina Vimukthi
16.8
Community contribution
Hackathon
devops
secure
feature
enhancement
group
vulnerability research
linked-issue
section
sec
type
feature
Merged
11
Approved
updated
Jan 04, 2024
Update 'go/sql/rule-concat-sqli.yml' to cover more cases
!272
· created
Dec 18, 2023
by
Dinesh Bolkensteyn
16.8
devops
secure
feature
enhancement
group
vulnerability research
section
sec
type
feature
Merged
Approved
updated
Dec 18, 2023
Update 'go/injection/rule-ssrf.yml' to remove false-positives
!273
· created
Dec 18, 2023
by
Dinesh Bolkensteyn
16.8
devops
secure
feature
enhancement
group
vulnerability research
section
sec
type
feature
Merged
1
Approved
updated
Dec 19, 2023
Prev
1
2
3
4
Next