forked from TrueCloudLab/frostfs-node
[#628] semgrep: Add semgrep
Signed-off-by: Alexander Chuprov <a.chuprov@yadro.com>
This commit is contained in:
parent
62c2ad4b22
commit
9d2999327e
3 changed files with 34 additions and 0 deletions
|
@ -20,6 +20,21 @@ jobs:
|
||||||
- name: Run linters
|
- name: Run linters
|
||||||
run: make lint
|
run: make lint
|
||||||
|
|
||||||
|
semgrep:
|
||||||
|
name: semgrep
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v3
|
||||||
|
- uses: actions/setup-python@v4
|
||||||
|
with:
|
||||||
|
python-version: '3.10'
|
||||||
|
|
||||||
|
- name: Install semgrep
|
||||||
|
run: make semgrep-install
|
||||||
|
|
||||||
|
- name: Run semgrep
|
||||||
|
run: make semgrep
|
||||||
|
|
||||||
tests:
|
tests:
|
||||||
name: Tests
|
name: Tests
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
9
Makefile
9
Makefile
|
@ -162,6 +162,15 @@ staticcheck-install:
|
||||||
staticcheck-run:
|
staticcheck-run:
|
||||||
@staticcheck ./...
|
@staticcheck ./...
|
||||||
|
|
||||||
|
semgrep-install:
|
||||||
|
@python3 -m pip install --upgrade virtualenv
|
||||||
|
@python3 -m virtualenv venv
|
||||||
|
@. venv/bin/activate && pip install semgrep
|
||||||
|
|
||||||
|
semgrep:
|
||||||
|
@. venv/bin/activate
|
||||||
|
@semgrep --error -f semgrep.yml . || (test $$? -eq 127 && echo "Run: make semgrep-install")
|
||||||
|
|
||||||
# Run linters in Docker
|
# Run linters in Docker
|
||||||
docker/lint:
|
docker/lint:
|
||||||
docker run --rm -t \
|
docker run --rm -t \
|
||||||
|
|
10
semgrep.yml
Normal file
10
semgrep.yml
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
rules:
|
||||||
|
- id: find-sprintf
|
||||||
|
languages:
|
||||||
|
- go
|
||||||
|
message: Found fmt.Sprintf usage
|
||||||
|
pattern-either:
|
||||||
|
- pattern: fmt.Sprintf("%d", $VAR)
|
||||||
|
- pattern: fmt.Sprintf("%f", $VAR)
|
||||||
|
- pattern: fmt.Sprintf("%t", $VAR)
|
||||||
|
severity: ERROR
|
Loading…
Reference in a new issue