feat(python): add honeybadger third party rule (CWE-201)

rules/python/third_parties/honeybadger.yml

@@ -0,0 +1,46 @@
+imports:
+  - python_shared_lang_datatype
+  - python_shared_lang_import2
+patterns:
+  - pattern: |
+      $<HONEYBADGER>($<...>$<DATA_TYPE>$<...>)
+    filters:
+      - variable: HONEYBADGER
+        detection: python_shared_lang_import2
+        scope: cursor
+        filters:
+          - variable: MODULE1
+            values: [honeybadger]
+          - variable: MODULE2
+            values: [honeybadger]
+          - variable: NAME
+            values:
+              - set_context
+              - context
+              - notify
+      - variable: DATA_TYPE
+        detection: python_shared_lang_datatype
+        scope: result
+languages:
+  - python
+severity: medium
+skip_data_types:
+  - Unique Identifier
+metadata:
+  description: Leakage of sensitive data to Honeybadger
+  remediation_message: |
+    ## Description
+
+    Leaking sensitive data to third-party loggers like Honeybadger is a common cause of data leaks and can lead to data breaches.
+
+    ## Remediations
+
+    - **Do** ensure all sensitive data is removed when sending data to third-party loggers like Honeybadger.
+
+    ## References
+    - [Honeybadger Docs](https://docs.honeybadger.io/lib/python/)
+  cwe_id:
+    - 201
+  associated_recipe: Honeybadger
+  id: python_third_parties_honeybadger
+  documentation_url: https://docs.bearer.com/reference/rules/python_third_parties_honeybadger

tests/python/third_parties/honeybadger/test.js

@@ -0,0 +1,20 @@
+const {
+  createNewInvoker,
+  getEnvironment,
+} = require("../../../helper.js")
+const { ruleId, ruleFile, testBase } = getEnvironment(__dirname)
+
+describe(ruleId, () => {
+  const invoke = createNewInvoker(ruleId, ruleFile, testBase)
+
+  test("honeybadger", () => {
+    const testCase = "main.py"
+
+    const results = invoke(testCase)
+
+    expect(results).toEqual({
+      Missing: [],
+      Extra: []
+    })
+  })
+})

tests/python/third_parties/honeybadger/testdata/main.py

@@ -0,0 +1,18 @@
+from honeybadger import honeybadger
+
+# bearer:expected python_third_parties_honeybadger
+honeybadger.set_context(current_ip_address=current_user.ip_address)
+
+def bad():
+  # bearer:expected python_third_parties_honeybadger
+  with honeybadger.context(user_email=current_user.email):
+    # do something
+
+# bearer:expected python_third_parties_honeybadger
+honeybadger.notify(MyException, context={ "user": current_user.email })
+
+# bearer:expected python_third_parties_honeybadger
+honeybadger.notify(error_class='MyError', error_message=f'Something bad happened to {current_user.email}!', fingerprint='custom_fingerprint')
+
+# ok 
+honeybadger.notify(MyException, context={ "user": current_user.uuid })