Update semgrep rules

crivetimihai · crivetimihai · commit f25ec11e277c · 2025-07-30T10:07:24.000+01:00
Signed-off-by: Mihai Criveti &lt;crivetimihai@gmail.com&gt;
diff --git a/Makefile b/Makefile
@@ -3094,7 +3094,7 @@ semgrep:                            ## 🔍 Security patterns & anti-patterns
 	@test -d "$(VENV_DIR)" || $(MAKE) venv
 	@/bin/bash -c "source $(VENV_DIR)/bin/activate && \
 		python3 -m pip install -q semgrep && \
-		$(VENV_DIR)/bin/semgrep --config=auto mcpgateway tests || true"
+		$(VENV_DIR)/bin/semgrep --config=auto mcpgateway tests --exclude-rule python.lang.compatibility.python37.python37-compatibility-importlib2 || true"
 
 dodgy:                              ## 🔐 Suspicious code patterns
 	@echo "🔐  dodgy - scanning for hardcoded secrets..."
diff --git a/semgrep.yml b/semgrep.yml
@@ -0,0 +1,8 @@
+rules:
+  - id: disable-importlib-resources-compat
+    languages: [python]
+    message: "This rule is intentionally disabled."
+    severity: INFO
+    pattern: import importlib.resources
+    metadata:
+      python_min_version: "3.12"
