Skip to content

Commit a191751

Browse files
andrzej-janczakandrzej-janczak
committed
semgrep test now include detection
1 parent 094d3ed commit a191751

File tree

2 files changed

+45
-2
lines changed

2 files changed

+45
-2
lines changed

tools/testdata/repositories/semgrep/expected.sarif

Lines changed: 42 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,24 @@
88
"name": "Semgrep",
99
"version": "1.41.0",
1010
"informationUri": "https://semgrep.dev",
11-
"rules": []
11+
"rules": [
12+
{
13+
"id": "hardcoded-credentials",
14+
"name": "Hardcoded Credentials",
15+
"shortDescription": {
16+
"text": "Hardcoded API key detected"
17+
},
18+
"fullDescription": {
19+
"text": "Found hardcoded API key. This is a security risk."
20+
},
21+
"defaultConfiguration": {
22+
"level": "warning"
23+
},
24+
"help": {
25+
"text": "API keys and other credentials should not be hardcoded in source files. Use environment variables or secure credential storage instead."
26+
}
27+
}
28+
]
1229
}
1330
},
1431
"artifacts": [
@@ -18,7 +35,30 @@
1835
}
1936
}
2037
],
21-
"results": []
38+
"results": [
39+
{
40+
"ruleId": "hardcoded-credentials",
41+
"level": "warning",
42+
"message": {
43+
"text": "Hardcoded API key detected"
44+
},
45+
"locations": [
46+
{
47+
"physicalLocation": {
48+
"artifactLocation": {
49+
"uri": "testdata/repositories/semgrep/sample.js"
50+
},
51+
"region": {
52+
"startLine": 3,
53+
"startColumn": 16,
54+
"endLine": 3,
55+
"endColumn": 32
56+
}
57+
}
58+
}
59+
]
60+
}
61+
]
2262
}
2363
]
2464
}

tools/testdata/repositories/semgrep/sample.js

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,10 @@
11
// Sample JavaScript file for Semgrep testing
22

3+
const API_KEY = "1234567890abcdef"; // Hardcoded credential for testing
4+
35
function helloWorld() {
46
console.log("Hello, world!");
7+
console.log("Using API Key:", API_KEY);
58
}
69

710
helloWorld();

0 commit comments

Comments
 (0)