Skip to content

Pull requests: semgrep/semgrep-rules

New pull request New
35 Open 3,015 Closed
35 Open 3,015 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Update formatted-sql-string rule message with better guidance
#3701 opened Sep 29, 2025 by stuartcmehrens Loading…
Add nextjs-images-wildcard-hostname security rule
#3700 opened Sep 28, 2025 by mortezapiri Loading…
1
New Published Rules - python.fastapi.ai.prompt-injection-fastapi.prompt-injection-fastapi
#3699 opened Sep 27, 2025 by semgrep-dev-pr-bot bot Loading…
4
New Published Rules - ahamedjobayer57_personal_org.detect-huggingface-unsafe-agent-run-copy
#3697 opened Sep 25, 2025 by semgrep-dev-pr-bot bot Loading…
3
Merge Develop into Release
#3696 opened Sep 24, 2025 by r2c-argo bot Loading…
New Published Rules - ahamedjobayer57_personal_org.pprof-debug-exposure-copy
#3695 opened Sep 23, 2025 by semgrep-dev-pr-bot bot Loading…
New Published Rules - ahamedjobayer57_personal_org.detected-jwt-token-copy
#3693 opened Sep 16, 2025 by semgrep-dev-pr-bot bot Loading…
1
Add AWS CDK RDS unencrypted database detection rule
#3689 opened Sep 12, 2025 by ryan-niemes-helix Loading…
1
New Published Rules - brigg_559_com.html-external-script-no-sri
#3687 opened Sep 10, 2025 by semgrep-dev-pr-bot bot Loading…
New Published Rules - brigg_559_com.html-target-blank-noopener
#3686 opened Sep 10, 2025 by semgrep-dev-pr-bot bot Loading…
Add missing GitHub Actions context variables to command injection rules
#3685 opened Sep 9, 2025 by ddworken Loading…
2
New Published Rules - princenchiba_demo.no-eval-prince-demo
#3684 opened Sep 8, 2025 by semgrep-dev-pr-bot bot Loading…
Detect XSS in trigger_error
#3682 opened Sep 3, 2025 by Sjord Loading…
Fix false positive for unquoted-attribute-var
#3680 opened Sep 2, 2025 by Sjord Loading…
Add observability rule for metrics name changes
#3679 opened Aug 28, 2025 by Essekar Loading…
2
Update GKE best practice to specify COS_CONTAINERD image type
#3677 opened Aug 20, 2025 by somethingnew2-0 Loading…
1
Use different scriptlet JSP to test no-scriptlets rule
#3676 opened Aug 18, 2025 by Sjord Loading…
1
New Published Rules - java.lang.security.audit.active-debug-code-getstacktrace.active-debug-code-getstacktrace
#3675 opened Aug 16, 2025 by semgrep-dev-pr-bot bot Loading…
2
New Published Rules - jobayerahamed2099_personal_org.active-debug-code-printstacktrace-copy
#3674 opened Aug 16, 2025 by semgrep-dev-pr-bot bot Loading…
New Published Rules - aucegypt_edu.file-inclusion-copy
#3668 opened Jul 24, 2025 by semgrep-dev-pr-bot bot Loading…
5
New Published Rules - unobravo.detect-malicious-eslint-packages-cve-2025-54313
#3663 opened Jul 21, 2025 by semgrep-dev-pr-bot bot Loading…
New Published Rules - semakovdaniel_personal_org.user-id-flow-vulnerability
#3662 opened Jul 19, 2025 by semgrep-dev-pr-bot bot Loading…
New Published Rules - khamisibrahimsfamily_personal_org.detect-openai-copy-copy
#3661 opened Jul 19, 2025 by semgrep-dev-pr-bot bot Loading…
New Published Rules - khamisibrahimsfamily_personal_org.detect-openai-copy
#3660 opened Jul 19, 2025 by semgrep-dev-pr-bot bot Loading…
2
Fix SQL injection vulnerability in tainted-sql-string test
#3655 opened Jul 10, 2025 by semgrep-code-dev-returntocorp bot Draft
ProTip! Follow long discussions with comments:>50.