Skip to content

Sql injection py checker#1

Open
viveka1302 wants to merge 66 commits into
masterfrom
sql-injection-py-checker
Open

Sql injection py checker#1
viveka1302 wants to merge 66 commits into
masterfrom
sql-injection-py-checker

Conversation

@viveka1302
Copy link
Copy Markdown
Owner

@viveka1302 viveka1302 commented Feb 24, 2025

No description provided.

hrideshmg and others added 29 commits February 25, 2025 10:58
@hrideshmg @sanket-deepsource
feat(docker): avoid using sudo in RUN commands (DeepSourceCorp#133)
e1b3134 
* docker: avoid using `sudo` in RUN commands

* Update checkers/docker/avoid_sudo.yml

Signed-off-by: Sanket Saurav <sanket@deepsource.io>

---------

Signed-off-by: Sanket Saurav <sanket@deepsource.io>
Co-authored-by: Sanket Saurav <sanket@deepsource.io>
@hrideshmg @sanket-deepsource
feat(docker): avoid the use of the ADD instruction (DeepSourceCorp#130
893248d 
)

* docker: avoid the use of the `ADD` instruction

* Update checkers/docker/avoid_add.yml

Signed-off-by: Sanket Saurav <sanket@deepsource.io>

---------

Signed-off-by: Sanket Saurav <sanket@deepsource.io>
Co-authored-by: Sanket Saurav <sanket@deepsource.io>
@hrideshmg @sanket-deepsource
feat(docker): avoid the use of latest tag (DeepSourceCorp#124)
c728e31 
* docker: avoid the use of `latest` tag

* Update checkers/docker/avoid_latest.yml

Signed-off-by: Sanket Saurav <sanket@deepsource.io>

---------

Signed-off-by: Sanket Saurav <sanket@deepsource.io>
Co-authored-by: Sanket Saurav <sanket@deepsource.io>
@sourya-deepsource
feat: add test runner for Go-based rules (DeepSourceCorp#123)
1509388
@sanket-deepsource
docs: update README with new promo images and refined content
0ca01e8
@sanket-deepsource
docs: update README with Python eval() example
0c1187f
@sourya-deepsource
feat (DeepSourceCorp#25): add support for custom Go rules (DeepSource…
eb85a22 
…Corp#145)

Signed-off-by: Sourya Vatsyayan <sourya@deepsource.io>
@sourya-deepsource
chore: use v0.3.0 in analyzer stub (DeepSourceCorp#150)
568c13d 
Signed-off-by: Sourya Vatsyayan <sourya@deepsource.io>
@sanket-deepsource
docs: add guide for writing checkers in Go (DeepSourceCorp#149)
16fb597
@sourya-deepsource
fix: fix analysis and test runners (DeepSourceCorp#151)
f4a5dfd 
* fix: fix analysis runner

Signed-off-by: Sourya Vatsyayan <sourya@deepsource.io>

* fix: fix test runner

Signed-off-by: Sourya Vatsyayan <sourya@deepsource.io>

* add support for scope tree

Signed-off-by: Sourya Vatsyayan <sourya@deepsource.io>

* chore: rename lint and rule to checker

Signed-off-by: Sourya Vatsyayan <sourya@deepsource.io>

---------

Signed-off-by: Sourya Vatsyayan <sourya@deepsource.io>
@sourya-deepsource
chore: bump globstar.dev to v0.4.0 (DeepSourceCorp#153)
804b8c7 
Signed-off-by: Sourya Vatsyayan <sourya@deepsource.io>
@MashyBasker
chore: add checker to detect usage of weak SSL version (DeepSourceCor…
d9fffe0 
…p#146)

* chore: add checker to detect usage of weak SSL version

Signed-off-by: Maharshi Basu <basumaharshi10@gmail.com>

* chore: improve checker message

Signed-off-by: Maharshi Basu <basumaharshi10@gmail.com>

---------

Signed-off-by: Maharshi Basu <basumaharshi10@gmail.com>
@MashyBasker
chore: add checker to detect usage of django secret key used as salt …
2e000b9 
…in HashID (DeepSourceCorp#125)

Signed-off-by: Maharshi Basu <basumaharshi10@gmail.com>
@sanket-deepsource
fix: return non-zero exit code if checks fail (DeepSourceCorp#156)
ac294e2 
Add tracking of failed tests and use that to raise a non-zero exit code
at the end. This way we can ensure that all the test cases run and the
CI can break if anything is failing.

Fixes DeepSourceCorp#155.
@hrideshmg
rust: avoid using unwrap() (DeepSourceCorp#117)
9de6d96
@Thiru-moorthi
ruby: ssl_no_verify (DeepSourceCorp#110)
14dc7b8
@Thiru-moorthi
ruby: skip_authorization checker (DeepSourceCorp#109)
7864e0d
@hrideshmg
feat(javascript): implement Go-based SQL injection checker (DeepSourc…
2eb3f3c 
…eCorp#139)
@Thiru-moorthi
ruby: sha1 weak hash checker (DeepSourceCorp#108)
9225c82
@Thiru-moorthi
ruby: rsa_weak_crypto (DeepSourceCorp#107)
11a36f1
@Thiru-moorthi
ruby: rails unsafe direct assignment (DeepSourceCorp#106)
1c09540
@Thiru-moorthi
ruby: rails_samesite_cookie (DeepSourceCorp#105)
9bf02e4
@Thiru-moorthi
ruby: rails_insecure_smtp (DeepSourceCorp#104)
27e558b
@Thiru-moorthi
ruby: rails_httponly_cookie (DeepSourceCorp#103)
c1ace6a
@Thiru-moorthi
ruby: rails_http_hardcoded_passwd (DeepSourceCorp#102)
eebd61f
@Thiru-moorthi
ruby: rails_force_ssl (DeepSourceCorp#101)
586adfc
@Thiru-moorthi
ruby: md5_weak_hash (DeepSourceCorp#100)
f84a196
@Thiru-moorthi
ruby: eval_method (DeepSourceCorp#99)
8b46cbd
@Thiru-moorthi
ruby: dsa_weak_crypto (DeepSourceCorp#98)
9276fa6
Thiru-moorthi and others added 27 commits March 7, 2025 17:22
@Thiru-moorthi
go: mysql conn raw passwd (DeepSourceCorp#89)
de20e8c
@Thiru-moorthi
go: missing error file open (DeepSourceCorp#87)
1c4af9a
@Thiru-moorthi
go: fmt print in prod (DeepSourceCorp#76)
ca0ca92
@Thiru-moorthi
go: md5 weak hash (DeepSourceCorp#86)
f1fbb12
@Thiru-moorthi
go: jwt none algorithm (DeepSourceCorp#85)
884e514
@Thiru-moorthi
go: jwt hardcoded signing key (DeepSourceCorp#84)
501427f
@Thiru-moorthi
go: insecure cookie (DeepSourceCorp#83)
89299cd
@Thiru-moorthi
go: http file server (DeepSourceCorp#80)
72b95d5
@Thiru-moorthi @sourya-deepsource
checker: go_html_req_template_injection (DeepSourceCorp#79)
8e0a1cd 
* go: html req template injection

* Apply suggestions from code review

Signed-off-by: Sourya Vatsyayan <sourya@deepsource.io>

---------

Signed-off-by: Sourya Vatsyayan <sourya@deepsource.io>
Co-authored-by: Sourya Vatsyayan <sourya@deepsource.io>
@Thiru-moorthi
go: grpc server insecure tls (DeepSourceCorp#78)
5a87ebf
@Thiru-moorthi
go: grpc client insecure tls (DeepSourceCorp#77)
bc404e7
@Thiru-moorthi
go: des weak crypto (DeepSourceCorp#75)
b2eaaf6
@Thiru-moorthi
go: cgi import (DeepSourceCorp#73)
7c83be9
@Thiru-moorthi
go: unsafe pkg (DeepSourceCorp#72)
a3feda2
@Thiru-moorthi
go: tls insecure (DeepSourceCorp#71)
a5ad0d7
@Thiru-moorthi
go: tls config minver (DeepSourceCorp#70)
c922590
@Thiru-moorthi
go: reflect package (DeepSourceCorp#66)
acd6311
@Thiru-moorthi
go: samesite cookie (DeepSourceCorp#67)
459ab28
@Thiru-moorthi
go: sha1 weak hash (DeepSourceCorp#68)
79c57d3
@viveka1302 @sourya-deepsource
SQL injection checker python
9a58f0b
@viveka1302 @sourya-deepsource
Update avoid-unsanitized-sql.go
2cdb4bf
@viveka1302 @sourya-deepsource
Update avoid-unsanitized-sql.go
134b832
@viveka1302 @sourya-deepsource
Update avoid-unsanitized-sql.go
dfa2e0b
@viveka1302 @sourya-deepsource
Create avoid-unsanitized-sql.test.py
153b832
@viveka1302 @sourya-deepsource
Update avoid-unsanitized-sql.go
8e2d0ba
@viveka1302 @sourya-deepsource
test-directives added
a8ba78a
@sourya-deepsource
chore: migrate to the new runner
c57caa6 
Signed-off-by: Sourya Vatsyayan <sourya@deepsource.io>
@sourya-deepsource sourya-deepsource force-pushed the sql-injection-py-checker branch from 6e24cec to c57caa6 Compare March 9, 2025 12:34
@viveka1302
Update avoid-unsanitized-sql.test.py
3e8106e 
Signed-off-by: Vivek Anand <78247712+viveka1302@users.noreply.github.com>
@viveka1302
Update avoid-unsanitized-sql.test.py
3889396 
Signed-off-by: Vivek Anand <78247712+viveka1302@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@viveka1302 @hrideshmg @sourya-deepsource @sanket-deepsource @MashyBasker @Thiru-moorthi