brotherton-erpnext/.github/helper/semgrep_rules/security.yml
Ankush Menat 6928fc17c6
chore: remove warning rules
semgrep-action doesn't consider severity, hence ignoring these rules for now.
2021-07-21 19:56:15 +05:30

11 lines
282 B
YAML

rules:
- id: frappe-codeinjection-eval
patterns:
- pattern-not: eval("...")
- pattern: eval(...)
message: |
Detected the use of eval(). eval() can be dangerous if used to evaluate
dynamic content. Avoid it or use safe_eval().
languages: [python]
severity: ERROR