From 9a6b030b56c21d6ab45129db4b48693804a2175a Mon Sep 17 00:00:00 2001 From: Karan Batavia <118820668+karan-batavia@users.noreply.github.com> Date: Wed, 29 May 2024 16:46:57 +0530 Subject: [PATCH 1/3] add env to run comparison report (#465) --- .github/workflows/comparison-result.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/comparison-result.yml b/.github/workflows/comparison-result.yml index b60fe8c3..ca15c76b 100644 --- a/.github/workflows/comparison-result.yml +++ b/.github/workflows/comparison-result.yml @@ -59,8 +59,8 @@ jobs: ref: main - name: Run the script for ${{github.head_ref}} and ${{github.base_ref}} - run: cd ./temp/standalone-monitoring-stability && pip install -r requirements.txt && python3 ./run.py -r ./repos/${{matrix.language}}.txt -rbb ${{github.base_ref}} -rbh ${{github.head_ref}} -brr ${{ github.event.pull_request.base.repo.html_url }} -hrr ${{ github.event.pull_request.head.repo.html_url }} -guf -urc - + run: export GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} && cd ./temp/standalone-monitoring-stability && pip install -r requirements.txt && python3 ./run.py -r ./repos/${{matrix.language}}.txt -rbb ${{github.base_ref}} -rbh ${{github.head_ref}} -brr ${{ github.event.pull_request.base.repo.html_url }} -hrr ${{ github.event.pull_request.head.repo.html_url }} -guf -urc + - name: Run aws-export run: cd ./temp/standalone-monitoring-stability/ && python3 aws-export.py ${{matrix.language}}-${{github.event.number}} From c6499247289767dc4f33b07a0086de2d1766b612 Mon Sep 17 00:00:00 2001 From: Ankit Kumar <118803988+ankit-privado@users.noreply.github.com> Date: Thu, 30 May 2024 14:27:44 +0530 Subject: [PATCH 2/3] Third party and API rules (#464) * added missing third parties rule * code refactoring * Jenkins Id name change --------- Co-authored-by: Karan Batavia --- config/systemConfig/go.yaml | 2 +- rules/sinks/third_parties/sdk/apache/go.yaml | 13 +++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 rules/sinks/third_parties/sdk/apache/go.yaml diff --git a/config/systemConfig/go.yaml b/config/systemConfig/go.yaml index 471b1e14..37b02cd0 100644 --- a/config/systemConfig/go.yaml +++ b/config/systemConfig/go.yaml @@ -1,6 +1,6 @@ systemConfig: - key: apiHttpLibraries - value: ^(?i)(net/http|github.com/parnurzeal/gorequest|(gopkg.in|github.com/go-resty)/resty|valyala/fasthttp|github.com/gojektech/heimdall/v\\d/httpclient|github.com/levigross/grequests|github.com/PuerkitoBio/rehttp|github.com/machinebox/graphql).* + value: ^(?i)(net/http|github.com/parnurzeal/gorequest|(gopkg.in|github.com/go-resty)/resty|valyala/fasthttp|github.com/gojektech/heimdall/v\\d/httpclient|github.com/levigross/grequests|github.com/PuerkitoBio/rehttp|github.com/machinebox/graphql|github.com/gin-gonic/gin).* - key: apiSinks value: (?i)(?:url|client|open|request|execute|newCall|load|host|access|list|set|put|post|proceed|trace|patch|Path|send|remove|delete|write|read|postForEntity|call|createCall|createEndpoint|dispatch|invoke|getInput|getOutput|getResponse|do) diff --git a/rules/sinks/third_parties/sdk/apache/go.yaml b/rules/sinks/third_parties/sdk/apache/go.yaml new file mode 100644 index 00000000..2211aa9f --- /dev/null +++ b/rules/sinks/third_parties/sdk/apache/go.yaml @@ -0,0 +1,13 @@ + +# Sink rule for ThirdParty SDK +# The id follows a format : "ThirdParties.SDK.." + +sinks: + + - id: ThirdParties.SDK.Apache.Jenkins + name: Apache Jenkins + domains: + - "jenkins.io" + patterns: + - "(?i)(github.com)(/)(bndr)(/)(gojenkins).*" + tags: \ No newline at end of file From 2ca33b7a918e0b0c6e9c92d26a95160c615a35e8 Mon Sep 17 00:00:00 2001 From: Karan Batavia <118820668+karan-batavia@users.noreply.github.com> Date: Mon, 10 Jun 2024 17:45:52 +0530 Subject: [PATCH 3/3] paypal rule for csharp (#467) --- rules/sinks/third_parties/sdk/paypal/csharp.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 rules/sinks/third_parties/sdk/paypal/csharp.yaml diff --git a/rules/sinks/third_parties/sdk/paypal/csharp.yaml b/rules/sinks/third_parties/sdk/paypal/csharp.yaml new file mode 100644 index 00000000..cc05283d --- /dev/null +++ b/rules/sinks/third_parties/sdk/paypal/csharp.yaml @@ -0,0 +1,13 @@ + +# Sink rule for ThirdParty SDK +# The id follows a format : "ThirdParties.SDK.." + +sinks: + + - id: ThirdParties.SDK.Paypal + name: Paypal + domains: + - "paypal.com" + patterns: + - "(?i)(PayflowNetApi|PFPro|Paypal).*" + tags: