-
Notifications
You must be signed in to change notification settings - Fork 25
Expand file tree
/
Copy pathsemgrep.yml
More file actions
37 lines (36 loc) · 1.53 KB
/
semgrep.yml
File metadata and controls
37 lines (36 loc) · 1.53 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# Copyright (C) 2025 l3montree GmbH
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
rules:
- id: missing-error-message
languages:
- go
severity: ERROR
message: |
Missing error message or forwarded error message from internal error. Use: echo.NewHTTPError(..., "...").
Do not concatenate the error message directly. Use fmt.Sprintf(...) instead. For example: echo.NewHTTPError(400, fmt.Sprintf("could not process request: %s", err.Error()))
patterns:
- pattern: echo.NewHTTPError(...)
- pattern-not: echo.NewHTTPError(..., "...")
- pattern-not: echo.NewHTTPError(..., fmt.Sprintf(...))
- id: no-internal-error
languages:
- go
severity: ERROR
message: |
Provide internal error for better logging. Use: echo.NewHTTPError(...).WithInternal(err)
patterns:
- pattern: echo.NewHTTPError(500)
- pattern-not-inside: |
echo.NewHTTPError(500).WithInternal(...)