slow-pattern-top-ellipsis
Using the ellipsis operator ...
at the top of the pattern drastically slows down the rule performance.
multi-line-message
This rule has a multi-line message field, which may display poorly in a terminal. Consider ensuring it is on one line. For example, use message: >-
, not message: |
.
metadata-owasp
The owasp
tag in Semgrep rule metadata should start with the format “A00:YYYY”, where A00 is the OWASP top ten number and YYYY is the OWASP top ten year.
metadata-references
The references in rule metadata should always be a list, even if there’s only one.
metadata-category
This Semgrep rule is missing a valid ‘category’ field in the ‘metadata’. ‘category’ must be one of ‘security’, ‘correctness’, ‘best-practice’, ‘performance’, ‘maintainability’, or ‘portability’.
metadata-confidence-incorrect-value
Semgrep rule confidence: $VALUE detected, but the value must be LOW, MEDIUM, or HIGH. For more information visit: https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
duplicate-pattern
Two identical pattern clauses were detected. This will cause Semgrep to run the same pattern twice. Remove one of the duplicate pattern clauses.
duplicate-id
The ‘id’ field $X was used multiple times. The ‘id’ field needs to be unique.
metadata-likelihood-incorrect-value
Semgrep rule likelihood: $VALUE detected, but the value must be LOW, MEDIUM, or HIGH. For more information visit: https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
yaml-key-indentation-check
It looks like you have an YAML indentation issue — instead of writing $KEY
, put a space between the hyphen and what comes after! Otherwise, it reads as a single string.
metadata-technology
This Semgrep rule is missing a ‘technology’ field in the ‘metadata’. Consider adding a list of technologies based on the rule’s associated library or framework, or another piece of relevant information.
metadata-subcategory
This Semgrep rule is missing a valid ‘subcategory’ field in the ‘metadata’. which should be either audit, vuln, or guardrail. For more information visit https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
metadata-cwe
$…CWE The cwe tag in rule metadata should always be in the format “CWE-000: Title”.
metadata-subcategory-incorrect-value
Semgrep rule likelihood: $VALUE detected, but the value must be vuln, audit, or guardrail. For more information visit: https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
metadata-impact-incorrect-value
Semgrep rule impact: $VALUE detected, but the value must be LOW, MEDIUM, or HIGH. For more information visit: https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
metadata-likelihood
This Semgrep rule is missing a valid ‘likelihood’ field in the ‘metadata’. which should be either LOW, MEDIUM, or HIGH. For more information visit https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
interfile-true-under-metadata-and-no-options
interfile: true
should be under the options
field, not the metadata
field.
slow-pattern-general-func
Using patterns like function (...) {...}
is too general it will probably slow down the rule performance.
missing-language-field
Please include a ‘languages’ field for your rule $RULEID!
unnecessary-parent-operator
Unnecessary parent operator. Remove one to fix.
message-whitespace-check
It looks like you have an additional space in your rule message, this can look awkward in the finding output, please remove the additional whitespace!
metadata-impact
This Semgrep rule is missing a valid ‘impact’ field in the ‘metadata’. which should be either LOW, MEDIUM, or HIGH. For more information visit https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
missing-message-field
This rule does not have a message. Semgrep requires that rules have a message. Include a message to explain what the rule does. Consider writing a message that explains why this is an issue and how to fix it.
metadata-confidence
This Semgrep rule is missing a valid ‘confidence’ field in the ‘metadata’. which should be either LOW, MEDIUM, or HIGH. For more information visit https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
metadata-incorrect-option
It looks like $KEY is not in the default list of expected options, if this is a new key update this rule
empty-message
This rule has an empty message field. Consider adding a message field that communicates why this rule is an issue and how to fix it. This will increase the chance that the finding gets addressed.
slow-pattern-single-metavariable
Using a single metavariable as a pattern drastically slows down the rule performance because it will match every expression in a file. Instead, try to match something specific such as a function name, or anchor on a statement that may occur above or below the pattern. The more specific you can be, the faster the pattern will run.
missing-deconstructed-value
Looks like this value is deconstructing a const/var/let you need to use all three const {...} =
var {...} =
and let {...} =
to provide accurate coverage consider adding the missing patterns in a pattern-inside
for better coverage.
unsatisfiable-rule
You can not use ‘pattern’ A together; this will always be empty.
interfile-true-under-metadata-and-options-already-present
interfile: true
should be under the options
field, not the metadata
field.
slow-pattern-general-property
Using patterns like $X.$Y
may be too general and may slow down the rule performance.
metadata-deepsemgrep
We no longer support deepsemgrep: true
, please use interfile:true
slow-pattern-top-ellipsis
Using the ellipsis operator ...
at the top of the pattern drastically slows down the rule performance.
multi-line-message
This rule has a multi-line message field, which may display poorly in a terminal. Consider ensuring it is on one line. For example, use message: >-
, not message: |
.
metadata-owasp
The owasp
tag in Semgrep rule metadata should start with the format “A00:YYYY”, where A00 is the OWASP top ten number and YYYY is the OWASP top ten year.
metadata-references
The references in rule metadata should always be a list, even if there’s only one.
metadata-category
This Semgrep rule is missing a valid ‘category’ field in the ‘metadata’. ‘category’ must be one of ‘security’, ‘correctness’, ‘best-practice’, ‘performance’, ‘maintainability’, or ‘portability’.
metadata-confidence-incorrect-value
Semgrep rule confidence: $VALUE detected, but the value must be LOW, MEDIUM, or HIGH. For more information visit: https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
duplicate-pattern
Two identical pattern clauses were detected. This will cause Semgrep to run the same pattern twice. Remove one of the duplicate pattern clauses.
duplicate-id
The ‘id’ field $X was used multiple times. The ‘id’ field needs to be unique.
metadata-likelihood-incorrect-value
Semgrep rule likelihood: $VALUE detected, but the value must be LOW, MEDIUM, or HIGH. For more information visit: https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
yaml-key-indentation-check
It looks like you have an YAML indentation issue — instead of writing $KEY
, put a space between the hyphen and what comes after! Otherwise, it reads as a single string.
metadata-technology
This Semgrep rule is missing a ‘technology’ field in the ‘metadata’. Consider adding a list of technologies based on the rule’s associated library or framework, or another piece of relevant information.
metadata-subcategory
This Semgrep rule is missing a valid ‘subcategory’ field in the ‘metadata’. which should be either audit, vuln, or guardrail. For more information visit https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
metadata-cwe
$…CWE The cwe tag in rule metadata should always be in the format “CWE-000: Title”.
metadata-subcategory-incorrect-value
Semgrep rule likelihood: $VALUE detected, but the value must be vuln, audit, or guardrail. For more information visit: https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
metadata-impact-incorrect-value
Semgrep rule impact: $VALUE detected, but the value must be LOW, MEDIUM, or HIGH. For more information visit: https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
metadata-likelihood
This Semgrep rule is missing a valid ‘likelihood’ field in the ‘metadata’. which should be either LOW, MEDIUM, or HIGH. For more information visit https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
interfile-true-under-metadata-and-no-options
interfile: true
should be under the options
field, not the metadata
field.
slow-pattern-general-func
Using patterns like function (...) {...}
is too general it will probably slow down the rule performance.
missing-language-field
Please include a ‘languages’ field for your rule $RULEID!
unnecessary-parent-operator
Unnecessary parent operator. Remove one to fix.
message-whitespace-check
It looks like you have an additional space in your rule message, this can look awkward in the finding output, please remove the additional whitespace!
metadata-impact
This Semgrep rule is missing a valid ‘impact’ field in the ‘metadata’. which should be either LOW, MEDIUM, or HIGH. For more information visit https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
missing-message-field
This rule does not have a message. Semgrep requires that rules have a message. Include a message to explain what the rule does. Consider writing a message that explains why this is an issue and how to fix it.
metadata-confidence
This Semgrep rule is missing a valid ‘confidence’ field in the ‘metadata’. which should be either LOW, MEDIUM, or HIGH. For more information visit https://semgrep.dev/docs/contributing/contributing-to-semgrep-rules-repository/
metadata-incorrect-option
It looks like $KEY is not in the default list of expected options, if this is a new key update this rule
empty-message
This rule has an empty message field. Consider adding a message field that communicates why this rule is an issue and how to fix it. This will increase the chance that the finding gets addressed.
slow-pattern-single-metavariable
Using a single metavariable as a pattern drastically slows down the rule performance because it will match every expression in a file. Instead, try to match something specific such as a function name, or anchor on a statement that may occur above or below the pattern. The more specific you can be, the faster the pattern will run.
missing-deconstructed-value
Looks like this value is deconstructing a const/var/let you need to use all three const {...} =
var {...} =
and let {...} =
to provide accurate coverage consider adding the missing patterns in a pattern-inside
for better coverage.
unsatisfiable-rule
You can not use ‘pattern’ A together; this will always be empty.
interfile-true-under-metadata-and-options-already-present
interfile: true
should be under the options
field, not the metadata
field.
slow-pattern-general-property
Using patterns like $X.$Y
may be too general and may slow down the rule performance.
metadata-deepsemgrep
We no longer support deepsemgrep: true
, please use interfile:true