microsoft
/
DevSkim
зеркало из https://github.com/microsoft/DevSkim.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
694 коммитов 20 Ветки 199 Теги 39 MiB
Граф коммитов

694 Коммитов

Автор SHA1 Сообщение Дата
Pavel Bansky bd808563df Fixed override for MD5CryptoServiceProvider 2017-03-16 20:11:42 -07:00
Pavel Bansky a91e4f638a Refactoring 
- Added new language
- Updated language parser
- Enabled cache switch
 2017-03-16 19:02:56 -07:00
Pavel Bansky da65a6b9ec Merge branch 'master' of https://github.com/Microsoft/DevSkim 2017-03-16 13:57:06 -07:00
Pavel Bansky e167f25a20 updated packages_nuget.json 
- updated AppliesTo into full filename
 2017-03-16 13:57:02 -07:00
Michael Scovetta c0932b260d Add rules to partially cover #7 
Added detection for the following:
xp_cmdshell, xp_regread, xp_instance_regread,
xp_regwrite, sp_makewebtask, xp_sendmail,
sp_configure, sp_executesql, dbcc writepage
 2017-03-15 22:24:07 -07:00
Pavel Bansky 659b1e3b52 Updated rule filtering 2017-03-15 13:25:07 -07:00
Pavel Bansky 4356116b3e Fixed protocol.json 2017-03-15 13:12:31 -07:00
Pavel Bansky 8a637310e7 renaming microsoft_nuget.json 2017-03-15 11:33:55 -07:00
Pavel Bansky 6af410fa51 updated microsoft-nuget.json 2017-03-15 11:32:40 -07:00
Michael Scovetta 2c8f0607c8 Add fix-it for Python cert check. 
Added support for additional calls (post, head, etc.) and a fix-it to set vertify to True.
Moved the other two checks into their own rule.
 2017-03-15 11:11:39 -07:00
Pavel Bansky 91dfddad10 Readme and media 2017-03-15 10:12:00 -07:00
Pavel Bansky 89d53d173c Renaming 2017-03-15 09:59:38 -07:00
Pavel Bansky 5eda270cb1 updated gitignnore 2017-03-15 02:47:49 -07:00
Pavel Bansky ec8976b36c removed nugetpackage 2017-03-15 02:47:29 -07:00
Pavel Bansky 9ee5882e29 updates gitignore 2017-03-15 02:45:37 -07:00
Pavel Bansky 69be4ec975 Removing binary artifacts 2017-03-15 02:44:51 -07:00
Pavel Bansky 2a533383a6 Fixes for overrides 
- Fixed overrides
- Multi language queries
- Added SeverityLevel
 2017-03-15 02:41:48 -07:00
Michael Scovetta 97946ef394 Added vulnerable Microsoft NuGet packages, minor fixes. 2017-03-14 23:31:31 -07:00
Pavel Bansky 77a633fd1c Added RuleProcessor.Analyze 2017-03-14 19:46:53 -07:00
Pavel Bansky 868766f401 Fixed rules 
- Replaced underscores with dashes "regex-word" "regex-substitute"
- Removed active atribute
 2017-03-14 15:31:13 -07:00
Pavel Bansky cccf5103bd Added manual review 2017-03-14 13:32:08 -07:00
Josh Brown-White 0633f9466d Dropped dummy rule, and added overrides to other rules 2017-03-14 12:26:40 -07:00
Josh Brown-White 8fdf0ad713 Added \s* to catch spaces between API and () 
we were missing scenarios like gets (str) because of the space.  Adding
\s* will catch that
 2017-03-13 10:11:58 -07:00
Josh Brown-White 72864ce7bf Intro of manual review rules 
added manual review rules for eval for dynamic languages
 2017-03-10 11:00:57 -08:00
Pavel Bansky fdc6c5fc34 Updated Ruleset 2017-03-05 01:00:02 -08:00
Pavel Bansky de2d28df22 Ruleset class 
New class and tests
 2017-03-04 16:29:14 -08:00
Pavel Bansky 47ea984807 Public rule loader 2017-02-27 02:53:24 -08:00
Pavel Bansky b2e4af2c25 Added tests 
Changed DevSkim namespace
Added tests
 2017-02-20 21:09:23 -08:00
Pavel Bansky 31ceba08f9 Revert "Changed namespaces Added tests" 
This reverts commit 69f375fcaa.
 2017-02-20 21:05:47 -08:00
Pavel Bansky b00337b4df Revert "deleted assemblyinfo for tests" 
This reverts commit 29d97136ce.
 2017-02-20 21:05:11 -08:00
Pavel Bansky 29d97136ce deleted assemblyinfo for tests 2017-02-20 21:04:21 -08:00
Pavel Bansky 69f375fcaa Changed namespaces 
Added tests
 2017-02-20 21:02:25 -08:00
Pavel Bansky 491639bba7 dotnet parser 
First version of the .NET parser for DevSkim rules
 2017-02-17 14:09:20 -08:00
Josh Brown-White 97697aed64 Fixed typo in ID & made guidance file 
Accidentally used a 2xxxxx ID instead of 1xxxxxx, designating this as a
custom internal rule instead of the intended default rule
 2016-12-20 10:23:23 -08:00
Michael Scovetta f54e57664d Added note about public preview. 2016-12-13 10:10:00 -08:00
Michael Scovetta 694f65be63 Merge branch 'master' of github.com:Microsoft/DevSkim 2016-12-13 10:03:38 -08:00
Michael Scovetta 5276def303 Updated links to correct GitHub repo. 2016-12-13 10:03:31 -08:00
Michael Scovetta 83dc43f370 Fixed typo on VSCode. 2016-12-13 09:40:43 -08:00
Michael Scovetta 7d8e201484 Fixed link to CONTRIBUTING.md 2016-12-13 09:39:19 -08:00
Michael Scovetta 5a1b4c664f Migrated rules over from deprecated DevSkim-Rules repository. 2016-12-13 09:37:31 -08:00
Josh Brown-White 40de5e30ec published this guidance early 
This rule is incomplete - hence the 2x guidance instead of 1x. Removing
for now
 2016-12-11 17:18:55 -08:00
Josh Brown-White f585b415c3 Initial guidance checkin 
Just template MDs for now, with name and summary pulled from rules
 2016-12-11 17:08:44 -08:00
Michael Scovetta 7a40eabcad Update README.md 2016-10-17 14:19:16 -07:00
Microsoft GitHub User e59b548487 Initial commit 2016-08-03 08:30:26 -07:00