Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

lint: Remove deprecated semgrep flag. 

The semgrep --dangerously-allow-arbitrary-code-execution-from-rules
flag is deprecated and no longer used.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
This commit is contained in:
Anders Kaseorg 2021-09-17 15:13:21 -07:00 committed by Tim Abbott
parent 26b885a6ec
commit fe8f2fbf94
1 changed files with 0 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
tools/lint
View File

@ -187,15 +187,6 @@ def run() -> None:
"--error", "--error",
"--disable-version-check", "--disable-version-check",
"--quiet", "--quiet",
# This option is dangerous in the context of running
# semgrep-as-a-service on untrusted user code, since it
# causes Python code in the rules configuration to be
# executed. From our standpoint, it is required for
# `pattern-where-python` rules, and there's no real
# security impact, since if you can put arbitrary code
# into zulip.git, you can run arbitrary code in a Zulip
# development environment anyway.
"--dangerously-allow-arbitrary-code-execution-from-rules",
] ]
linter_config.external_linter( linter_config.external_linter(
"semgrep-py", "semgrep-py",