zulip/tools/semgrep.yml

# See https://github.com/returntocorp/semgrep/blob/experimental/docs/config/advanced.md

rules:
####################### PYTHON RULES #######################
  - id: deprecated-render-usage
    pattern: django.shortcuts.render_to_response(...)
    message: "Use render() (from django.shortcuts) instead of render_to_response()"
    languages: [python]
    severity: ERROR

  - id: useless-if-body
    patterns:
      - pattern: |
          if $X:
              $S
          else:
              $S
    message: "Useless if statment; both blocks have the same body"
    languages: [python]
    severity: ERROR

  - id: dont-use-stream-objects-filter
    pattern: Stream.objects.filter(...)
    message: "Please use access_stream_by_*() to fetch Stream objects"
    languages: [python]
    severity: ERROR
    paths:
      - directory: "zerver/views/"
semgrep: Reformat and correct doc link. 2020-04-27 13:46:53 +02:00			`# See https://github.com/returntocorp/semgrep/blob/experimental/docs/config/advanced.md`
sgrep: Install syntactic code search tool as an external linter. Add sgrep (sgrep.dev) to tooling and include simple rule as proof of concept. Included rule detects use of old django render function. Also added a rule that looks for if-else statements where both code paths are identical. 2020-03-19 00:32:26 +01:00
			`rules:`
semgrep: Reformat and correct doc link. 2020-04-27 13:46:53 +02:00			`####################### PYTHON RULES #######################`
sgrep: Install syntactic code search tool as an external linter. Add sgrep (sgrep.dev) to tooling and include simple rule as proof of concept. Included rule detects use of old django render function. Also added a rule that looks for if-else statements where both code paths are identical. 2020-03-19 00:32:26 +01:00			`- id: deprecated-render-usage`
			`pattern: django.shortcuts.render_to_response(...)`
semgrep: Reformat and correct doc link. 2020-04-27 13:46:53 +02:00			`message: "Use render() (from django.shortcuts) instead of render_to_response()"`
sgrep: Install syntactic code search tool as an external linter. Add sgrep (sgrep.dev) to tooling and include simple rule as proof of concept. Included rule detects use of old django render function. Also added a rule that looks for if-else statements where both code paths are identical. 2020-03-19 00:32:26 +01:00			`languages: [python]`
			`severity: ERROR`
semgrep: Reformat and correct doc link. 2020-04-27 13:46:53 +02:00
sgrep: Install syntactic code search tool as an external linter. Add sgrep (sgrep.dev) to tooling and include simple rule as proof of concept. Included rule detects use of old django render function. Also added a rule that looks for if-else statements where both code paths are identical. 2020-03-19 00:32:26 +01:00			`- id: useless-if-body`
			`patterns:`
semgrep: Reformat and correct doc link. 2020-04-27 13:46:53 +02:00			`- pattern: \|`
			`if $X:`
			`$S`
			`else:`
			`$S`
			`message: "Useless if statment; both blocks have the same body"`
sgrep: Install syntactic code search tool as an external linter. Add sgrep (sgrep.dev) to tooling and include simple rule as proof of concept. Included rule detects use of old django render function. Also added a rule that looks for if-else statements where both code paths are identical. 2020-03-19 00:32:26 +01:00			`languages: [python]`
			`severity: ERROR`
semgrep: Add rule to enforce no use of stream.objects.filter. 2020-04-29 13:50:36 +02:00
			`- id: dont-use-stream-objects-filter`
			`pattern: Stream.objects.filter(...)`
			`message: "Please use access_stream_by_*() to fetch Stream objects"`
			`languages: [python]`
			`severity: ERROR`
			`paths:`
			`- directory: "zerver/views/"`