outdated rules in semgrep registry #15
Assignees
Comments
|
Hi @adriensaladin, thank you for opening this. The Semgrep registry cannot be automatically updated to reflect specific changes, such as deleted rules. For that reason, we suggest using the rules directly from this repo. I will update this issue once I reach out to them and they update the registry. |
|
Small update - we are going to slightly change the structure of the repo, which requires updates to the registry and so is related to this issue. We are still waiting for response from the r2c team. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi team,
Thank you for maintaining this repository of semgrep rules!
I've noticed that the semgrep registry https://semgrep.dev/p/trailofbits is a bit outdated compared to this github repo. For example, the go/questionable-assignment.yml ruleset, which tends to generate false positives, is still used on semgrep.
If the current version is considered stable, would it be possible to update the registry?
Thanks!
The text was updated successfully, but these errors were encountered: