From eb0d81310b7bcdc8e3088f0cfbc447f9ebd689cb Mon Sep 17 00:00:00 2001 From: elsapet Date: Wed, 21 Feb 2024 11:14:10 +0200 Subject: [PATCH] feat: add severity where missing --- rules/go/gorilla/cookie_missing_http_only.yml | 1 + rules/go/gorilla/insecure_cookie.yml | 1 + rules/go/lang/cookie_missing_http_only.yml | 1 + rules/go/lang/deserialization_of_user_input.yml | 1 + rules/go/lang/html_tag_injection.yml | 1 + rules/go/lang/insecure_cookie.yml | 1 + rules/go/lang/insufficiently_random_values.yml | 1 + rules/go/lang/log_output_neutralization.yml | 1 + rules/go/lang/logger.yml | 1 + rules/go/lang/open_redirect.yml | 1 + rules/go/lang/weak_hash_md5.yml | 1 + rules/go/lang/weak_hash_sha1.yml | 1 + rules/go/lang/weak_password_encryption_md5.yml | 1 + rules/go/lang/weak_password_encryption_sha1.yml | 1 + rules/java/android/world_readable_writable_mode.yml | 1 + rules/java/lang/apache_commons_collection.yml | 1 + rules/java/lang/code_injection.yml | 1 + rules/java/lang/cookie_leak.yml | 1 + rules/java/lang/cookie_missing_http_only.yml | 1 + rules/java/lang/cookie_missing_secure.yml | 1 + rules/java/lang/cookie_with_http_only_false.yml | 1 + rules/java/lang/crlf_injection.yml | 1 + rules/java/lang/deserialization_of_user_input.yml | 1 + rules/java/lang/eval_using_user_input.yml | 1 + rules/java/lang/exception.yml | 1 + rules/java/lang/file_upload_filename.yml | 1 + rules/java/lang/format_string_manipulation.yml | 1 + rules/java/lang/http_parameter_pollution.yml | 1 + rules/java/lang/http_url_using_user_input.yml | 1 + rules/java/lang/insecure_allow_origin.yml | 1 + rules/java/lang/insecure_cookie.yml | 1 + rules/java/lang/insufficiently_random_values.yml | 1 + rules/java/lang/ldap_injection.yml | 1 + rules/java/lang/log_injection.yml | 1 + rules/java/lang/logger.yml | 1 + rules/java/lang/missing_integrity_check.yml | 1 + rules/java/lang/missing_smtp_ssl_host_check.yml | 1 + rules/java/lang/padding_oracle_encryption_vulnerability.yml | 1 + rules/java/lang/path_traversal.yml | 1 + rules/java/lang/path_using_user_input.yml | 1 + rules/java/lang/permissive_allow_origin.yml | 1 + rules/java/lang/permissive_cookie_config.yml | 1 + rules/java/lang/reflection_using_user_input.yml | 1 + rules/java/lang/regex_using_user_input.yml | 1 + rules/java/lang/rsa_no_padding.yml | 1 + rules/java/lang/sqli.yml | 1 + rules/java/lang/weak_encryption_des.yml | 1 + rules/java/lang/weak_encryption_ecb_mode.yml | 1 + rules/java/lang/weak_hash_md5.yml | 1 + rules/java/lang/weak_hash_sha1.yml | 1 + rules/java/lang/weak_password_encryption_des.yml | 1 + rules/java/lang/weak_password_hash_md5.yml | 1 + rules/java/lang/weak_password_hash_sha1.yml | 1 + rules/java/lang/xpath_injection.yml | 1 + rules/java/lang/xss_response_writer.yml | 1 + rules/java/spring/sqli.yml | 1 + rules/java/third_parties/airbrake_javabrake.yml | 1 + rules/java/third_parties/algolia.yml | 1 + rules/java/third_parties/aws_query_injection.yml | 1 + rules/java/third_parties/bugsnag.yml | 1 + rules/java/third_parties/clickhouse.yml | 2 +- rules/java/third_parties/datadog.yml | 1 + rules/java/third_parties/new_relic.yml | 1 + rules/java/third_parties/open_telemetry.yml | 1 + rules/java/third_parties/rollbar.yml | 1 + rules/java/third_parties/sentry.yml | 1 + rules/javascript/express/cookie_missing_http_only.yml | 1 + rules/javascript/express/exposed_dir_listing.yml | 1 + rules/javascript/express/external_file_upload.yml | 1 + rules/javascript/express/external_resource.yml | 1 + rules/javascript/express/helmet_missing.yml | 1 + rules/javascript/express/https_protocol_missing.yml | 1 + rules/javascript/express/insecure_allow_origin.yml | 1 + rules/javascript/express/insecure_cookie.yml | 1 + rules/javascript/express/reduce_fingerprint.yml | 1 + rules/javascript/express/static_asset_with_session.yml | 1 + rules/javascript/express/ui_redress.yml | 1 + rules/javascript/lang/exception.yml | 1 + rules/javascript/lang/file_generation.yml | 1 + rules/javascript/lang/import_using_user_input.yml | 1 + rules/javascript/lang/jwt.yml | 1 + rules/javascript/lang/jwt_weak_encryption.yml | 1 + rules/javascript/lang/logger.yml | 1 + rules/javascript/lang/regex_using_user_input.yml | 1 + rules/javascript/lang/session.yml | 1 + rules/javascript/lang/weak_encryption_des.yml | 1 + rules/javascript/lang/weak_encryption_rc4.yml | 1 + rules/javascript/lang/weak_hash_md5.yml | 1 + rules/javascript/lang/weak_hash_sha1.yml | 1 + rules/javascript/lang/weak_password_encryption_des.yml | 1 + rules/javascript/lang/weak_password_encryption_rc4.yml | 1 + rules/javascript/lang/weak_password_hash_argon2.yml | 1 + rules/javascript/lang/weak_password_hash_md5.yml | 1 + rules/javascript/lang/weak_password_hash_sha1.yml | 1 + rules/javascript/react/google_analytics.yml | 1 + rules/javascript/third_parties/airbrake.yml | 1 + rules/javascript/third_parties/algolia.yml | 1 + rules/javascript/third_parties/bugsnag.yml | 1 + rules/javascript/third_parties/datadog.yml | 1 + rules/javascript/third_parties/datadog_browser.yml | 1 + rules/javascript/third_parties/elasticsearch.yml | 1 + rules/javascript/third_parties/google_analytics.yml | 1 + rules/javascript/third_parties/google_tag_manager.yml | 1 + rules/javascript/third_parties/honeybadger.yml | 1 + rules/javascript/third_parties/new_relic.yml | 1 + rules/javascript/third_parties/open_telemetry.yml | 1 + rules/javascript/third_parties/openai.yml | 1 + rules/javascript/third_parties/rollbar.yml | 1 + rules/javascript/third_parties/segment.yml | 1 + rules/javascript/third_parties/sentry.yml | 1 + rules/php/lang/cookie_missing_http_only.yml | 1 + rules/php/lang/cookies.yml | 1 + rules/php/lang/exception.yml | 1 + rules/php/lang/file_generation.yml | 1 + rules/php/lang/http_url_using_sensitive_data.yml | 1 + rules/php/lang/insecure_allow_origin.yml | 1 + rules/php/lang/insecure_cookie.yml | 1 + rules/php/lang/jwt.yml | 1 + rules/php/lang/logger.yml | 1 + rules/php/lang/raw_output_using_user_input.yml | 1 + rules/php/lang/regex_using_user_input.yml | 1 + rules/php/lang/ui_redress.yml | 1 + rules/php/lang/weak_hash_adler32.yml | 1 + rules/php/lang/weak_hash_crc32.yml | 1 + rules/php/lang/weak_hash_md.yml | 1 + rules/php/lang/weak_hash_sha1.yml | 1 + rules/php/lang/weak_password_hash_md.yml | 1 + rules/php/lang/weak_password_hash_sha1.yml | 1 + rules/php/lang/xpath_injection.yml | 1 + rules/php/symfony/cookie_missing_http_only.yml | 1 + rules/php/symfony/cookies.yml | 1 + rules/php/symfony/insecure_allow_origin.yml | 1 + rules/php/symfony/insecure_cookie.yml | 1 + rules/php/symfony/insecure_smtp.yml | 1 + rules/php/symfony/permissive_regex_validation.yml | 1 + rules/php/symfony/ui_redress.yml | 1 + rules/php/third_parties/airbrake.yml | 1 + rules/php/third_parties/algolia.yml | 1 + rules/php/third_parties/bigquery.yml | 1 + rules/php/third_parties/bugsnag.yml | 1 + rules/php/third_parties/clickhouse.yml | 1 + rules/php/third_parties/datadog.yml | 4 +++- rules/php/third_parties/elasticsearch.yml | 1 + rules/php/third_parties/honeybadger.yml | 1 + rules/php/third_parties/logger.yml | 1 + rules/php/third_parties/new_relic.yml | 1 + rules/php/third_parties/open_telemetry.yml | 1 + rules/php/third_parties/rollbar.yml | 1 + rules/php/third_parties/scout_apm.yml | 1 + rules/php/third_parties/segment.yml | 1 + rules/php/third_parties/sentry.yml | 1 + rules/python/lang/logger.yml | 1 + rules/python/lang/weak_hash_md5.yml | 1 + rules/python/lang/weak_hash_sha1.yml | 1 + rules/python/lang/weak_password_encryption_md5.yml | 1 + rules/python/lang/weak_password_encryption_sha1.yml | 1 + rules/ruby/lang/cookies.yml | 1 + rules/ruby/lang/exception.yml | 1 + rules/ruby/lang/file_generation.yml | 1 + rules/ruby/lang/http_get_params.yml | 1 + rules/ruby/lang/jwt.yml | 1 + rules/ruby/lang/logger.yml | 1 + rules/ruby/lang/regex_using_user_input.yml | 1 + rules/ruby/lang/weak_encryption_blowfish.yml | 1 + rules/ruby/lang/weak_encryption_dsa.yml | 1 + rules/ruby/lang/weak_encryption_rc4.yml | 1 + rules/ruby/lang/weak_encryption_rsa.yml | 1 + rules/ruby/lang/weak_hash_dss.yml | 1 + rules/ruby/lang/weak_hash_md.yml | 1 + rules/ruby/lang/weak_hash_sha.yml | 1 + rules/ruby/lang/weak_password_encryption_blowfish.yml | 1 + rules/ruby/lang/weak_password_encryption_dsa.yml | 1 + rules/ruby/lang/weak_password_encryption_rc4.yml | 1 + rules/ruby/lang/weak_password_encryption_rsa.yml | 1 + rules/ruby/lang/weak_password_hash_dss.yml | 1 + rules/ruby/lang/weak_password_hash_md.yml | 1 + rules/ruby/lang/weak_password_hash_sha.yml | 1 + rules/ruby/rails/insecure_disabling_of_callback.yml | 1 + rules/ruby/rails/insecure_http_password.yml | 1 + rules/ruby/rails/insecure_smtp.yml | 1 + rules/ruby/rails/logger.yml | 1 + rules/ruby/rails/permissive_regex_validation.yml | 1 + rules/ruby/rails/session.yml | 1 + rules/ruby/rails/session_with_httponly_disabled.yml | 1 + rules/ruby/rails/unsafe_cookie_serialization_strategy.yml | 1 + rules/ruby/rails/weak_custom_key.yml | 1 + rules/ruby/third_parties/airbrake.yml | 1 + rules/ruby/third_parties/algolia.yml | 1 + rules/ruby/third_parties/bigquery.yml | 1 + rules/ruby/third_parties/bugsnag.yml | 1 + rules/ruby/third_parties/clickhouse.yml | 1 + rules/ruby/third_parties/datadog.yml | 1 + rules/ruby/third_parties/elasticsearch.yml | 1 + rules/ruby/third_parties/google_analytics.yml | 1 + rules/ruby/third_parties/google_dataflow.yml | 1 + rules/ruby/third_parties/honeybadger.yml | 1 + rules/ruby/third_parties/new_relic.yml | 1 + rules/ruby/third_parties/open_telemetry.yml | 1 + rules/ruby/third_parties/rollbar.yml | 1 + rules/ruby/third_parties/scout_apm.yml | 1 + rules/ruby/third_parties/segment.yml | 1 + rules/ruby/third_parties/sentry.yml | 1 + 202 files changed, 204 insertions(+), 2 deletions(-) diff --git a/rules/go/gorilla/cookie_missing_http_only.yml b/rules/go/gorilla/cookie_missing_http_only.yml index acb2d934a..a5bec0d91 100644 --- a/rules/go/gorilla/cookie_missing_http_only.yml +++ b/rules/go/gorilla/cookie_missing_http_only.yml @@ -93,3 +93,4 @@ metadata: id: go_gorilla_cookie_missing_http_only documentation_url: https://docs.bearer.com/reference/rules/go_gorilla_cookie_missing_http_only cloud_code_suggestions: true +severity: low diff --git a/rules/go/gorilla/insecure_cookie.yml b/rules/go/gorilla/insecure_cookie.yml index 2b14375be..86a5dd92f 100644 --- a/rules/go/gorilla/insecure_cookie.yml +++ b/rules/go/gorilla/insecure_cookie.yml @@ -72,3 +72,4 @@ metadata: id: go_gorilla_insecure_cookie documentation_url: https://docs.bearer.com/reference/rules/go_gorilla_insecure_cookie cloud_code_suggestions: true +severity: low diff --git a/rules/go/lang/cookie_missing_http_only.yml b/rules/go/lang/cookie_missing_http_only.yml index bdb478a1a..e4732f0cc 100644 --- a/rules/go/lang/cookie_missing_http_only.yml +++ b/rules/go/lang/cookie_missing_http_only.yml @@ -70,3 +70,4 @@ metadata: - 1004 id: go_lang_cookie_missing_http_only documentation_url: https://docs.bearer.com/reference/rules/go_lang_cookie_missing_http_only +severity: low diff --git a/rules/go/lang/deserialization_of_user_input.yml b/rules/go/lang/deserialization_of_user_input.yml index e4cff3e29..b1186f06b 100644 --- a/rules/go/lang/deserialization_of_user_input.yml +++ b/rules/go/lang/deserialization_of_user_input.yml @@ -59,3 +59,4 @@ metadata: - 502 id: go_lang_deserialization_of_user_input documentation_url: https://docs.bearer.com/reference/rules/go_lang_deserialization_of_user_input +severity: low diff --git a/rules/go/lang/html_tag_injection.yml b/rules/go/lang/html_tag_injection.yml index 538a69ba3..a59961033 100644 --- a/rules/go/lang/html_tag_injection.yml +++ b/rules/go/lang/html_tag_injection.yml @@ -94,3 +94,4 @@ metadata: - 80 id: go_lang_html_tag_injection documentation_url: https://docs.bearer.com/reference/rules/go_lang_missing_script_tag_sanitization +severity: low diff --git a/rules/go/lang/insecure_cookie.yml b/rules/go/lang/insecure_cookie.yml index db7fb560c..b036fa257 100644 --- a/rules/go/lang/insecure_cookie.yml +++ b/rules/go/lang/insecure_cookie.yml @@ -70,3 +70,4 @@ metadata: - 614 id: go_lang_insecure_cookie documentation_url: https://docs.bearer.com/reference/rules/go_lang_insecure_cookie +severity: low diff --git a/rules/go/lang/insufficiently_random_values.yml b/rules/go/lang/insufficiently_random_values.yml index 2adcec51e..e060dedd1 100644 --- a/rules/go/lang/insufficiently_random_values.yml +++ b/rules/go/lang/insufficiently_random_values.yml @@ -54,3 +54,4 @@ metadata: - 330 id: go_lang_insufficiently_random_values documentation_url: https://docs.bearer.com/reference/rules/go_lang_insufficiently_random_values +severity: low diff --git a/rules/go/lang/log_output_neutralization.yml b/rules/go/lang/log_output_neutralization.yml index ce0bc7be6..da0287ec3 100644 --- a/rules/go/lang/log_output_neutralization.yml +++ b/rules/go/lang/log_output_neutralization.yml @@ -149,3 +149,4 @@ metadata: - 117 id: go_lang_log_output_neutralization documentation_url: https://docs.bearer.com/reference/rules/go_lang_log_output_neutralization +severity: low diff --git a/rules/go/lang/logger.yml b/rules/go/lang/logger.yml index 7f533e7b4..f6ccd94c8 100644 --- a/rules/go/lang/logger.yml +++ b/rules/go/lang/logger.yml @@ -46,3 +46,4 @@ metadata: id: go_lang_logger documentation_url: https://docs.bearer.com/reference/rules/go_lang_logger cloud_code_suggestions: true +severity: high diff --git a/rules/go/lang/open_redirect.yml b/rules/go/lang/open_redirect.yml index 75ac7697f..9f68d9a84 100644 --- a/rules/go/lang/open_redirect.yml +++ b/rules/go/lang/open_redirect.yml @@ -66,3 +66,4 @@ metadata: - 601 id: go_lang_open_redirect documentation_url: https://docs.bearer.com/reference/rules/go_lang_open_redirect +severity: low diff --git a/rules/go/lang/weak_hash_md5.yml b/rules/go/lang/weak_hash_md5.yml index b48b34704..43229c6d7 100644 --- a/rules/go/lang/weak_hash_md5.yml +++ b/rules/go/lang/weak_hash_md5.yml @@ -59,3 +59,4 @@ metadata: id: go_lang_weak_hash_md5 documentation_url: https://docs.bearer.com/reference/rules/go_lang_weak_hash_md5 cloud_code_suggestions: true +severity: high diff --git a/rules/go/lang/weak_hash_sha1.yml b/rules/go/lang/weak_hash_sha1.yml index 4580aeedf..1397908b8 100644 --- a/rules/go/lang/weak_hash_sha1.yml +++ b/rules/go/lang/weak_hash_sha1.yml @@ -59,3 +59,4 @@ metadata: id: go_lang_weak_hash_sha1 documentation_url: https://docs.bearer.com/reference/rules/go_lang_weak_hash_sha1 cloud_code_suggestions: true +severity: high diff --git a/rules/go/lang/weak_password_encryption_md5.yml b/rules/go/lang/weak_password_encryption_md5.yml index 47984f5ff..8b5c2336e 100644 --- a/rules/go/lang/weak_password_encryption_md5.yml +++ b/rules/go/lang/weak_password_encryption_md5.yml @@ -48,3 +48,4 @@ metadata: id: go_lang_weak_password_encryption_md5 documentation_url: https://docs.bearer.com/reference/rules/go_lang_weak_password_encryption_md5 cloud_code_suggestions: true +severity: high diff --git a/rules/go/lang/weak_password_encryption_sha1.yml b/rules/go/lang/weak_password_encryption_sha1.yml index 1cf5371fd..93927aa13 100644 --- a/rules/go/lang/weak_password_encryption_sha1.yml +++ b/rules/go/lang/weak_password_encryption_sha1.yml @@ -48,3 +48,4 @@ metadata: id: go_lang_weak_password_encryption_sha1 documentation_url: https://docs.bearer.com/reference/rules/go_lang_weak_password_encryption_sha1 cloud_code_suggestions: true +severity: high diff --git a/rules/java/android/world_readable_writable_mode.yml b/rules/java/android/world_readable_writable_mode.yml index f450709ac..dea1d87c6 100644 --- a/rules/java/android/world_readable_writable_mode.yml +++ b/rules/java/android/world_readable_writable_mode.yml @@ -29,3 +29,4 @@ metadata: - 276 id: java_android_world_readable_writable_mode documentation_url: https://docs.bearer.com/reference/rules/java_android_world_readable_writable_mode +severity: low diff --git a/rules/java/lang/apache_commons_collection.yml b/rules/java/lang/apache_commons_collection.yml index 7737f2e32..bfc17a538 100644 --- a/rules/java/lang/apache_commons_collection.yml +++ b/rules/java/lang/apache_commons_collection.yml @@ -29,3 +29,4 @@ metadata: - 1395 id: java_lang_apache_commons_collection documentation_url: https://docs.bearer.com/reference/rules/java_lang_apache_commons_collection +severity: low diff --git a/rules/java/lang/code_injection.yml b/rules/java/lang/code_injection.yml index ab71366f2..925102cdd 100644 --- a/rules/java/lang/code_injection.yml +++ b/rules/java/lang/code_injection.yml @@ -49,3 +49,4 @@ metadata: - 94 id: java_lang_code_injection documentation_url: https://docs.bearer.com/reference/rules/java_lang_code_injection +severity: low diff --git a/rules/java/lang/cookie_leak.yml b/rules/java/lang/cookie_leak.yml index c27b64898..8baed950a 100644 --- a/rules/java/lang/cookie_leak.yml +++ b/rules/java/lang/cookie_leak.yml @@ -28,3 +28,4 @@ metadata: - 315 id: java_lang_cookie_leak documentation_url: https://docs.bearer.com/reference/rules/java_lang_cookie_leak +severity: high diff --git a/rules/java/lang/cookie_missing_http_only.yml b/rules/java/lang/cookie_missing_http_only.yml index 84f1ab3ae..acb6e6235 100644 --- a/rules/java/lang/cookie_missing_http_only.yml +++ b/rules/java/lang/cookie_missing_http_only.yml @@ -50,3 +50,4 @@ metadata: id: java_lang_cookie_missing_http_only documentation_url: https://docs.bearer.com/reference/rules/java_lang_cookie_missing_http_only cloud_code_suggestions: true +severity: low diff --git a/rules/java/lang/cookie_missing_secure.yml b/rules/java/lang/cookie_missing_secure.yml index 272c54d3b..3ff2ee0bc 100644 --- a/rules/java/lang/cookie_missing_secure.yml +++ b/rules/java/lang/cookie_missing_secure.yml @@ -48,3 +48,4 @@ metadata: id: java_lang_cookie_missing_secure documentation_url: https://docs.bearer.com/reference/rules/java_lang_cookie_missing_secure cloud_code_suggestions: true +severity: low diff --git a/rules/java/lang/cookie_with_http_only_false.yml b/rules/java/lang/cookie_with_http_only_false.yml index 9178724ce..3b4c0384f 100644 --- a/rules/java/lang/cookie_with_http_only_false.yml +++ b/rules/java/lang/cookie_with_http_only_false.yml @@ -37,3 +37,4 @@ metadata: id: java_lang_cookie_with_http_only_false documentation_url: https://docs.bearer.com/reference/rules/java_lang_cookie_with_http_only_false cloud_code_suggestions: true +severity: low diff --git a/rules/java/lang/crlf_injection.yml b/rules/java/lang/crlf_injection.yml index eb79a8a36..e208d8f45 100644 --- a/rules/java/lang/crlf_injection.yml +++ b/rules/java/lang/crlf_injection.yml @@ -95,3 +95,4 @@ metadata: - 93 id: java_lang_crlf_injection documentation_url: https://docs.bearer.com/reference/rules/java_lang_crlf_injection +severity: low diff --git a/rules/java/lang/deserialization_of_user_input.yml b/rules/java/lang/deserialization_of_user_input.yml index 0d8b9fbde..7b9247002 100644 --- a/rules/java/lang/deserialization_of_user_input.yml +++ b/rules/java/lang/deserialization_of_user_input.yml @@ -92,3 +92,4 @@ metadata: - 502 id: java_lang_deserialization_of_user_input documentation_url: https://docs.bearer.com/reference/rules/java_lang_deserialization_of_user_input +severity: low diff --git a/rules/java/lang/eval_using_user_input.yml b/rules/java/lang/eval_using_user_input.yml index ff001973f..ce461e760 100644 --- a/rules/java/lang/eval_using_user_input.yml +++ b/rules/java/lang/eval_using_user_input.yml @@ -37,3 +37,4 @@ metadata: - 95 id: java_lang_eval_using_user_input documentation_url: https://docs.bearer.com/reference/rules/java_lang_eval_using_user_input +severity: low diff --git a/rules/java/lang/exception.yml b/rules/java/lang/exception.yml index 187231db5..15f778c81 100644 --- a/rules/java/lang/exception.yml +++ b/rules/java/lang/exception.yml @@ -36,3 +36,4 @@ metadata: id: java_lang_exception documentation_url: https://docs.bearer.com/reference/rules/java_lang_exception cloud_code_suggestions: true +severity: high diff --git a/rules/java/lang/file_upload_filename.yml b/rules/java/lang/file_upload_filename.yml index 753e0d258..eb2b13c67 100644 --- a/rules/java/lang/file_upload_filename.yml +++ b/rules/java/lang/file_upload_filename.yml @@ -68,3 +68,4 @@ metadata: - 73 id: java_lang_file_upload_filename documentation_url: https://docs.bearer.com/reference/rules/java_lang_file_upload_filename +severity: low diff --git a/rules/java/lang/format_string_manipulation.yml b/rules/java/lang/format_string_manipulation.yml index 9520a97a9..5d234327f 100644 --- a/rules/java/lang/format_string_manipulation.yml +++ b/rules/java/lang/format_string_manipulation.yml @@ -126,3 +126,4 @@ metadata: - 134 id: java_lang_format_string_manipulation documentation_url: https://docs.bearer.com/reference/rules/java_lang_format_string_manipulation +severity: low diff --git a/rules/java/lang/http_parameter_pollution.yml b/rules/java/lang/http_parameter_pollution.yml index 0ff17c858..c84bc542e 100644 --- a/rules/java/lang/http_parameter_pollution.yml +++ b/rules/java/lang/http_parameter_pollution.yml @@ -84,3 +84,4 @@ metadata: - 88 id: java_lang_http_parameter_pollution documentation_url: https://docs.bearer.com/reference/rules/java_lang_http_parameter_pollution +severity: low diff --git a/rules/java/lang/http_url_using_user_input.yml b/rules/java/lang/http_url_using_user_input.yml index 28f267654..ca0d6a76b 100644 --- a/rules/java/lang/http_url_using_user_input.yml +++ b/rules/java/lang/http_url_using_user_input.yml @@ -84,3 +84,4 @@ metadata: - 918 id: java_lang_http_url_using_user_input documentation_url: https://docs.bearer.com/reference/rules/java_lang_http_url_using_user_input +severity: low diff --git a/rules/java/lang/insecure_allow_origin.yml b/rules/java/lang/insecure_allow_origin.yml index 1870f1813..e556056b1 100644 --- a/rules/java/lang/insecure_allow_origin.yml +++ b/rules/java/lang/insecure_allow_origin.yml @@ -47,3 +47,4 @@ metadata: - 346 id: java_lang_insecure_allow_origin documentation_url: https://docs.bearer.com/reference/rules/java_lang_insecure_allow_origin +severity: low diff --git a/rules/java/lang/insecure_cookie.yml b/rules/java/lang/insecure_cookie.yml index 75b51dee5..6fedf962f 100644 --- a/rules/java/lang/insecure_cookie.yml +++ b/rules/java/lang/insecure_cookie.yml @@ -37,3 +37,4 @@ metadata: id: java_lang_insecure_cookie documentation_url: https://docs.bearer.com/reference/rules/java_lang_insecure_cookie cloud_code_suggestions: true +severity: low diff --git a/rules/java/lang/insufficiently_random_values.yml b/rules/java/lang/insufficiently_random_values.yml index 2ee72e4b2..76c9aa132 100644 --- a/rules/java/lang/insufficiently_random_values.yml +++ b/rules/java/lang/insufficiently_random_values.yml @@ -43,3 +43,4 @@ metadata: - 330 id: java_lang_insufficiently_random_values documentation_url: https://docs.bearer.com/reference/rules/java_lang_insufficiently_random_values +severity: low diff --git a/rules/java/lang/ldap_injection.yml b/rules/java/lang/ldap_injection.yml index 7c69cef9d..10a61ed77 100644 --- a/rules/java/lang/ldap_injection.yml +++ b/rules/java/lang/ldap_injection.yml @@ -107,3 +107,4 @@ metadata: - 90 id: java_lang_ldap_injection documentation_url: https://docs.bearer.com/reference/rules/java_lang_ldap_injection +severity: low diff --git a/rules/java/lang/log_injection.yml b/rules/java/lang/log_injection.yml index a5acfa249..2a7a30613 100644 --- a/rules/java/lang/log_injection.yml +++ b/rules/java/lang/log_injection.yml @@ -42,3 +42,4 @@ metadata: id: "java_lang_log_injection" documentation_url: https://docs.bearer.com/reference/rules/java_lang_logger +severity: low diff --git a/rules/java/lang/logger.yml b/rules/java/lang/logger.yml index aeb1a762d..ad01e6186 100644 --- a/rules/java/lang/logger.yml +++ b/rules/java/lang/logger.yml @@ -45,3 +45,4 @@ metadata: id: "java_lang_logger" documentation_url: https://docs.bearer.com/reference/rules/java_lang_logger cloud_code_suggestions: true +severity: high diff --git a/rules/java/lang/missing_integrity_check.yml b/rules/java/lang/missing_integrity_check.yml index 98d5ea7d3..1118079f3 100644 --- a/rules/java/lang/missing_integrity_check.yml +++ b/rules/java/lang/missing_integrity_check.yml @@ -35,3 +35,4 @@ metadata: id: java_lang_missing_integrity_check documentation_url: https://docs.bearer.com/reference/rules/java_lang_missing_integrity_check cloud_code_suggestions: true +severity: low diff --git a/rules/java/lang/missing_smtp_ssl_host_check.yml b/rules/java/lang/missing_smtp_ssl_host_check.yml index ec4593ee5..97b91b0ae 100644 --- a/rules/java/lang/missing_smtp_ssl_host_check.yml +++ b/rules/java/lang/missing_smtp_ssl_host_check.yml @@ -57,3 +57,4 @@ metadata: id: java_lang_missing_smtp_ssl_host_check documentation_url: https://docs.bearer.com/reference/rules/java_lang_missing_smtp_ssl_host_check cloud_code_suggestions: true +severity: low diff --git a/rules/java/lang/padding_oracle_encryption_vulnerability.yml b/rules/java/lang/padding_oracle_encryption_vulnerability.yml index f2afa6f8e..d43bc408f 100644 --- a/rules/java/lang/padding_oracle_encryption_vulnerability.yml +++ b/rules/java/lang/padding_oracle_encryption_vulnerability.yml @@ -38,3 +38,4 @@ metadata: - 327 id: java_lang_padding_oracle_encryption_vulnerability documentation_url: https://docs.bearer.com/reference/rules/java_lang_padding_oracle_encryption_vulnerability +severity: low diff --git a/rules/java/lang/path_traversal.yml b/rules/java/lang/path_traversal.yml index 07e26fc68..f4265ad89 100644 --- a/rules/java/lang/path_traversal.yml +++ b/rules/java/lang/path_traversal.yml @@ -47,3 +47,4 @@ metadata: - 73 id: java_lang_path_traversal documentation_url: https://docs.bearer.com/reference/rules/java_lang_path_traversal +severity: low diff --git a/rules/java/lang/path_using_user_input.yml b/rules/java/lang/path_using_user_input.yml index 4150fa40a..bdc3a50ba 100644 --- a/rules/java/lang/path_using_user_input.yml +++ b/rules/java/lang/path_using_user_input.yml @@ -87,3 +87,4 @@ metadata: - 73 id: java_lang_path_using_user_input documentation_url: https://docs.bearer.com/reference/rules/java_lang_path_using_user_input +severity: low diff --git a/rules/java/lang/permissive_allow_origin.yml b/rules/java/lang/permissive_allow_origin.yml index 89bb9d8f9..17a7bff25 100644 --- a/rules/java/lang/permissive_allow_origin.yml +++ b/rules/java/lang/permissive_allow_origin.yml @@ -41,3 +41,4 @@ metadata: - 942 id: java_lang_permissive_allow_origin documentation_url: https://docs.bearer.com/reference/rules/java_lang_permissive_allow_origin +severity: low diff --git a/rules/java/lang/permissive_cookie_config.yml b/rules/java/lang/permissive_cookie_config.yml index 07861250b..49d14ba88 100644 --- a/rules/java/lang/permissive_cookie_config.yml +++ b/rules/java/lang/permissive_cookie_config.yml @@ -42,3 +42,4 @@ metadata: - 693 id: java_lang_permissive_cookie_config documentation_url: https://docs.bearer.com/reference/rules/java_lang_permissive_cookie_config +severity: low diff --git a/rules/java/lang/reflection_using_user_input.yml b/rules/java/lang/reflection_using_user_input.yml index 583f3e0f9..df027d7d8 100644 --- a/rules/java/lang/reflection_using_user_input.yml +++ b/rules/java/lang/reflection_using_user_input.yml @@ -44,3 +44,4 @@ metadata: - 470 id: java_lang_reflection_using_user_input documentation_url: https://docs.bearer.com/reference/rules/java_lang_reflection_using_user_input +severity: low diff --git a/rules/java/lang/regex_using_user_input.yml b/rules/java/lang/regex_using_user_input.yml index fc13a0a96..167e56072 100644 --- a/rules/java/lang/regex_using_user_input.yml +++ b/rules/java/lang/regex_using_user_input.yml @@ -30,3 +30,4 @@ metadata: - 1287 id: java_lang_regex_using_user_input documentation_url: https://docs.bearer.com/reference/rules/java_lang_regex_using_user_input +severity: low diff --git a/rules/java/lang/rsa_no_padding.yml b/rules/java/lang/rsa_no_padding.yml index fe981abfa..441c82e6b 100644 --- a/rules/java/lang/rsa_no_padding.yml +++ b/rules/java/lang/rsa_no_padding.yml @@ -29,3 +29,4 @@ metadata: id: "java_lang_rsa_no_padding" documentation_url: https://docs.bearer.com/reference/rules/java_lang_rsa_no_padding cloud_code_suggestions: true +severity: low diff --git a/rules/java/lang/sqli.yml b/rules/java/lang/sqli.yml index da1881794..327d40593 100644 --- a/rules/java/lang/sqli.yml +++ b/rules/java/lang/sqli.yml @@ -125,3 +125,4 @@ metadata: - 89 id: "java_lang_sqli" documentation_url: https://docs.bearer.com/reference/rules/java_lang_sqli +severity: low diff --git a/rules/java/lang/weak_encryption_des.yml b/rules/java/lang/weak_encryption_des.yml index 3a3980e00..585d1d6b3 100644 --- a/rules/java/lang/weak_encryption_des.yml +++ b/rules/java/lang/weak_encryption_des.yml @@ -55,3 +55,4 @@ metadata: id: java_lang_weak_encryption_des documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_encryption_des cloud_code_suggestions: true +severity: high diff --git a/rules/java/lang/weak_encryption_ecb_mode.yml b/rules/java/lang/weak_encryption_ecb_mode.yml index d69012733..aa9a81e7a 100644 --- a/rules/java/lang/weak_encryption_ecb_mode.yml +++ b/rules/java/lang/weak_encryption_ecb_mode.yml @@ -36,3 +36,4 @@ metadata: id: java_lang_weak_encryption_ecb_mode documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_encryption_ecb_mode cloud_code_suggestions: true +severity: low diff --git a/rules/java/lang/weak_hash_md5.yml b/rules/java/lang/weak_hash_md5.yml index 5639d59ef..4012fe455 100644 --- a/rules/java/lang/weak_hash_md5.yml +++ b/rules/java/lang/weak_hash_md5.yml @@ -52,3 +52,4 @@ metadata: id: java_lang_weak_hash_md5 documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_hash_md5 cloud_code_suggestions: true +severity: high diff --git a/rules/java/lang/weak_hash_sha1.yml b/rules/java/lang/weak_hash_sha1.yml index dbddcaeb6..49981925a 100644 --- a/rules/java/lang/weak_hash_sha1.yml +++ b/rules/java/lang/weak_hash_sha1.yml @@ -52,3 +52,4 @@ metadata: id: java_lang_weak_hash_sha1 documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_hash_sha1 cloud_code_suggestions: true +severity: high diff --git a/rules/java/lang/weak_password_encryption_des.yml b/rules/java/lang/weak_password_encryption_des.yml index b10d942c3..e05a920f4 100644 --- a/rules/java/lang/weak_password_encryption_des.yml +++ b/rules/java/lang/weak_password_encryption_des.yml @@ -46,3 +46,4 @@ metadata: id: java_lang_weak_password_encryption_des documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_password_encryption_des cloud_code_suggestions: true +severity: high diff --git a/rules/java/lang/weak_password_hash_md5.yml b/rules/java/lang/weak_password_hash_md5.yml index caec78133..ec6d1562d 100644 --- a/rules/java/lang/weak_password_hash_md5.yml +++ b/rules/java/lang/weak_password_hash_md5.yml @@ -45,3 +45,4 @@ metadata: id: java_lang_weak_password_hash_md5 documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_password_hash_md5 cloud_code_suggestions: true +severity: high diff --git a/rules/java/lang/weak_password_hash_sha1.yml b/rules/java/lang/weak_password_hash_sha1.yml index b542584ec..a3a129c6b 100644 --- a/rules/java/lang/weak_password_hash_sha1.yml +++ b/rules/java/lang/weak_password_hash_sha1.yml @@ -45,3 +45,4 @@ metadata: id: java_lang_weak_password_hash_sha1 documentation_url: https://docs.bearer.com/reference/rules/java_lang_weak_password_hash_sha1 cloud_code_suggestions: true +severity: high diff --git a/rules/java/lang/xpath_injection.yml b/rules/java/lang/xpath_injection.yml index 20f82b3b1..cf48148fc 100644 --- a/rules/java/lang/xpath_injection.yml +++ b/rules/java/lang/xpath_injection.yml @@ -68,3 +68,4 @@ metadata: - 643 id: "java_lang_xpath_injection" documentation_url: https://docs.bearer.com/reference/rules/java_lang_xpath_injection +severity: low diff --git a/rules/java/lang/xss_response_writer.yml b/rules/java/lang/xss_response_writer.yml index deff1b35c..7ed0d2062 100644 --- a/rules/java/lang/xss_response_writer.yml +++ b/rules/java/lang/xss_response_writer.yml @@ -83,3 +83,4 @@ metadata: - 79 id: "java_lang_xss_response_writer" documentation_url: https://docs.bearer.com/reference/rules/java_lang_xss_response_writer +severity: low diff --git a/rules/java/spring/sqli.yml b/rules/java/spring/sqli.yml index c37c6c194..776456ecb 100644 --- a/rules/java/spring/sqli.yml +++ b/rules/java/spring/sqli.yml @@ -111,3 +111,4 @@ metadata: - 89 id: "java_spring_sqli" documentation_url: https://docs.bearer.com/reference/rules/java_spring_sqli +severity: low diff --git a/rules/java/third_parties/airbrake_javabrake.yml b/rules/java/third_parties/airbrake_javabrake.yml index 68ecb2f7c..cf6dcf33a 100644 --- a/rules/java/third_parties/airbrake_javabrake.yml +++ b/rules/java/third_parties/airbrake_javabrake.yml @@ -47,3 +47,4 @@ metadata: associated_recipe: Airbrake id: java_third_parties_airbrake_javabrake documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_airbrake_javabrake +severity: high diff --git a/rules/java/third_parties/algolia.yml b/rules/java/third_parties/algolia.yml index 001bbc99e..0cb714b8a 100644 --- a/rules/java/third_parties/algolia.yml +++ b/rules/java/third_parties/algolia.yml @@ -80,3 +80,4 @@ metadata: associated_recipe: Algolia id: java_third_parties_algolia documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_algolia +severity: high diff --git a/rules/java/third_parties/aws_query_injection.yml b/rules/java/third_parties/aws_query_injection.yml index 43b0d77d0..6638f59ae 100644 --- a/rules/java/third_parties/aws_query_injection.yml +++ b/rules/java/third_parties/aws_query_injection.yml @@ -73,3 +73,4 @@ metadata: - 943 id: java_third_parties_aws_query_injection documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_aws_query_injection +severity: low diff --git a/rules/java/third_parties/bugsnag.yml b/rules/java/third_parties/bugsnag.yml index f8f8aad26..61cd995df 100644 --- a/rules/java/third_parties/bugsnag.yml +++ b/rules/java/third_parties/bugsnag.yml @@ -79,3 +79,4 @@ metadata: associated_recipe: Bugsnag id: java_third_parties_bugsnag documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_bugsnag +severity: high diff --git a/rules/java/third_parties/clickhouse.yml b/rules/java/third_parties/clickhouse.yml index 3996fea9b..b834b9218 100644 --- a/rules/java/third_parties/clickhouse.yml +++ b/rules/java/third_parties/clickhouse.yml @@ -89,7 +89,6 @@ auxiliary: filters: - variable: FACTORY regex: \A(com\.clickhouse\.data\.)?ClickHouseDataStreamFactory\z - languages: - java skip_data_types: @@ -113,3 +112,4 @@ metadata: associated_recipe: ClickHouse id: java_third_parties_clickhouse documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_clickhouse +severity: high diff --git a/rules/java/third_parties/datadog.yml b/rules/java/third_parties/datadog.yml index 52a232990..7084c207e 100644 --- a/rules/java/third_parties/datadog.yml +++ b/rules/java/third_parties/datadog.yml @@ -59,3 +59,4 @@ metadata: associated_recipe: Datadog id: java_third_parties_datadog documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_datadog +severity: high diff --git a/rules/java/third_parties/new_relic.yml b/rules/java/third_parties/new_relic.yml index 229693521..d412e046a 100644 --- a/rules/java/third_parties/new_relic.yml +++ b/rules/java/third_parties/new_relic.yml @@ -42,3 +42,4 @@ metadata: associated_recipe: New Relic id: java_third_parties_new_relic documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_new_relic +severity: high diff --git a/rules/java/third_parties/open_telemetry.yml b/rules/java/third_parties/open_telemetry.yml index 4f1081647..2436f251d 100644 --- a/rules/java/third_parties/open_telemetry.yml +++ b/rules/java/third_parties/open_telemetry.yml @@ -40,3 +40,4 @@ metadata: - 201 id: java_third_parties_open_telemetry documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_open_telemetry +severity: high diff --git a/rules/java/third_parties/rollbar.yml b/rules/java/third_parties/rollbar.yml index cc3b93869..7dc77257f 100644 --- a/rules/java/third_parties/rollbar.yml +++ b/rules/java/third_parties/rollbar.yml @@ -49,3 +49,4 @@ metadata: associated_recipe: Rollbar id: java_third_parties_rollbar documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_rollbar +severity: high diff --git a/rules/java/third_parties/sentry.yml b/rules/java/third_parties/sentry.yml index 6013ce2e0..c7e4a31dd 100644 --- a/rules/java/third_parties/sentry.yml +++ b/rules/java/third_parties/sentry.yml @@ -84,3 +84,4 @@ metadata: associated_recipe: Sentry id: java_third_parties_sentry documentation_url: https://docs.bearer.com/reference/rules/java_third_parties_sentry +severity: high diff --git a/rules/javascript/express/cookie_missing_http_only.yml b/rules/javascript/express/cookie_missing_http_only.yml index 2c39402a2..549ae0e61 100644 --- a/rules/javascript/express/cookie_missing_http_only.yml +++ b/rules/javascript/express/cookie_missing_http_only.yml @@ -46,3 +46,4 @@ metadata: id: javascript_express_cookie_missing_http_only documentation_url: https://docs.bearer.com/reference/rules/javascript_express_cookie_missing_http_only cloud_code_suggestions: true +severity: low diff --git a/rules/javascript/express/exposed_dir_listing.yml b/rules/javascript/express/exposed_dir_listing.yml index 3c70f6236..2caf01460 100644 --- a/rules/javascript/express/exposed_dir_listing.yml +++ b/rules/javascript/express/exposed_dir_listing.yml @@ -19,3 +19,4 @@ metadata: id: "javascript_express_exposed_dir_listing" documentation_url: https://docs.bearer.com/reference/rules/javascript_express_exposed_dir_listing cloud_code_suggestions: true +severity: low diff --git a/rules/javascript/express/external_file_upload.yml b/rules/javascript/express/external_file_upload.yml index 929a455f0..27e0882ed 100644 --- a/rules/javascript/express/external_file_upload.yml +++ b/rules/javascript/express/external_file_upload.yml @@ -53,3 +53,4 @@ metadata: - 73 id: "javascript_express_external_file_upload" documentation_url: https://docs.bearer.com/reference/rules/javascript_express_external_file_upload +severity: low diff --git a/rules/javascript/express/external_resource.yml b/rules/javascript/express/external_resource.yml index e33dcee6a..0a4f0b84c 100644 --- a/rules/javascript/express/external_resource.yml +++ b/rules/javascript/express/external_resource.yml @@ -33,3 +33,4 @@ metadata: id: "javascript_express_external_resource" documentation_url: https://docs.bearer.com/reference/rules/javascript_express_external_resource cloud_code_suggestions: true +severity: low diff --git a/rules/javascript/express/helmet_missing.yml b/rules/javascript/express/helmet_missing.yml index 0f6b64aef..b4428b7f1 100644 --- a/rules/javascript/express/helmet_missing.yml +++ b/rules/javascript/express/helmet_missing.yml @@ -110,3 +110,4 @@ metadata: - 693 id: javascript_express_helmet_missing documentation_url: https://docs.bearer.com/reference/rules/javascript_express_helmet_missing +severity: low diff --git a/rules/javascript/express/https_protocol_missing.yml b/rules/javascript/express/https_protocol_missing.yml index ac673d67f..c847e004d 100644 --- a/rules/javascript/express/https_protocol_missing.yml +++ b/rules/javascript/express/https_protocol_missing.yml @@ -35,3 +35,4 @@ metadata: id: javascript_express_https_protocol_missing documentation_url: https://docs.bearer.com/reference/rules/javascript_express_https_protocol_missing cloud_code_suggestions: true +severity: low diff --git a/rules/javascript/express/insecure_allow_origin.yml b/rules/javascript/express/insecure_allow_origin.yml index b99a33759..4022fb1fa 100644 --- a/rules/javascript/express/insecure_allow_origin.yml +++ b/rules/javascript/express/insecure_allow_origin.yml @@ -51,3 +51,4 @@ metadata: id: javascript_express_insecure_allow_origin documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_allow_origin cloud_code_suggestions: true +severity: low diff --git a/rules/javascript/express/insecure_cookie.yml b/rules/javascript/express/insecure_cookie.yml index f5ddc19a2..ce13e5e2c 100644 --- a/rules/javascript/express/insecure_cookie.yml +++ b/rules/javascript/express/insecure_cookie.yml @@ -42,3 +42,4 @@ metadata: id: javascript_express_insecure_cookie documentation_url: https://docs.bearer.com/reference/rules/javascript_express_insecure_cookie cloud_code_suggestions: true +severity: low diff --git a/rules/javascript/express/reduce_fingerprint.yml b/rules/javascript/express/reduce_fingerprint.yml index 5786016e3..d3ecdfa38 100644 --- a/rules/javascript/express/reduce_fingerprint.yml +++ b/rules/javascript/express/reduce_fingerprint.yml @@ -44,3 +44,4 @@ metadata: id: javascript_express_reduce_fingerprint documentation_url: https://docs.bearer.com/reference/rules/javascript_express_reduce_fingerprint cloud_code_suggestions: true +severity: low diff --git a/rules/javascript/express/static_asset_with_session.yml b/rules/javascript/express/static_asset_with_session.yml index a2fece41c..a28f0c94d 100644 --- a/rules/javascript/express/static_asset_with_session.yml +++ b/rules/javascript/express/static_asset_with_session.yml @@ -54,3 +54,4 @@ metadata: - 352 id: javascript_express_static_asset_with_session documentation_url: https://docs.bearer.com/reference/rules/javascript_express_static_asset_with_session +severity: low diff --git a/rules/javascript/express/ui_redress.yml b/rules/javascript/express/ui_redress.yml index c3079cc1f..fbf1a51bc 100644 --- a/rules/javascript/express/ui_redress.yml +++ b/rules/javascript/express/ui_redress.yml @@ -46,3 +46,4 @@ metadata: id: "javascript_express_ui_redress" documentation_url: https://docs.bearer.com/reference/rules/javascript_express_ui_redress cloud_code_suggestions: true +severity: low diff --git a/rules/javascript/lang/exception.yml b/rules/javascript/lang/exception.yml index 8e2717bcd..17257b10b 100644 --- a/rules/javascript/lang/exception.yml +++ b/rules/javascript/lang/exception.yml @@ -62,3 +62,4 @@ metadata: id: javascript_lang_exception documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_exception cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/lang/file_generation.yml b/rules/javascript/lang/file_generation.yml index 2bf882ae6..257cc8fd7 100644 --- a/rules/javascript/lang/file_generation.yml +++ b/rules/javascript/lang/file_generation.yml @@ -34,3 +34,4 @@ metadata: - 313 id: javascript_lang_file_generation documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_file_generation +severity: high diff --git a/rules/javascript/lang/import_using_user_input.yml b/rules/javascript/lang/import_using_user_input.yml index e26c1d1dd..2d1859f81 100644 --- a/rules/javascript/lang/import_using_user_input.yml +++ b/rules/javascript/lang/import_using_user_input.yml @@ -39,3 +39,4 @@ metadata: - 470 id: "javascript_lang_import_using_user_input" documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_import_using_user_input +severity: low diff --git a/rules/javascript/lang/jwt.yml b/rules/javascript/lang/jwt.yml index c77e24bcd..5bbc4d206 100644 --- a/rules/javascript/lang/jwt.yml +++ b/rules/javascript/lang/jwt.yml @@ -40,3 +40,4 @@ metadata: - 312 id: javascript_lang_jwt documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_jwt +severity: high diff --git a/rules/javascript/lang/jwt_weak_encryption.yml b/rules/javascript/lang/jwt_weak_encryption.yml index c0d262d34..137bee858 100644 --- a/rules/javascript/lang/jwt_weak_encryption.yml +++ b/rules/javascript/lang/jwt_weak_encryption.yml @@ -30,3 +30,4 @@ metadata: id: javascript_lang_jwt_weak_encryption documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_jwt_weak_encryption cloud_code_suggestions: true +severity: low diff --git a/rules/javascript/lang/logger.yml b/rules/javascript/lang/logger.yml index 074d394b3..89e0b669e 100644 --- a/rules/javascript/lang/logger.yml +++ b/rules/javascript/lang/logger.yml @@ -98,3 +98,4 @@ metadata: id: "javascript_lang_logger" documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_logger cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/lang/regex_using_user_input.yml b/rules/javascript/lang/regex_using_user_input.yml index 475b606af..c0a49b328 100644 --- a/rules/javascript/lang/regex_using_user_input.yml +++ b/rules/javascript/lang/regex_using_user_input.yml @@ -29,3 +29,4 @@ metadata: - 1287 id: javascript_lang_regex_using_user_input documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_regex_using_user_input +severity: low diff --git a/rules/javascript/lang/session.yml b/rules/javascript/lang/session.yml index ad417d5f0..9662e1555 100644 --- a/rules/javascript/lang/session.yml +++ b/rules/javascript/lang/session.yml @@ -40,3 +40,4 @@ metadata: - 312 id: javascript_lang_session documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_session +severity: high diff --git a/rules/javascript/lang/weak_encryption_des.yml b/rules/javascript/lang/weak_encryption_des.yml index fbb598002..fdb5ed6ba 100644 --- a/rules/javascript/lang/weak_encryption_des.yml +++ b/rules/javascript/lang/weak_encryption_des.yml @@ -49,3 +49,4 @@ metadata: id: javascript_lang_weak_encryption_des documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_weak_encryption cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/lang/weak_encryption_rc4.yml b/rules/javascript/lang/weak_encryption_rc4.yml index dde078533..803868de4 100644 --- a/rules/javascript/lang/weak_encryption_rc4.yml +++ b/rules/javascript/lang/weak_encryption_rc4.yml @@ -49,3 +49,4 @@ metadata: id: javascript_lang_weak_encryption_rc4 documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_weak_encryption_rc4 cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/lang/weak_hash_md5.yml b/rules/javascript/lang/weak_hash_md5.yml index 109d1b42e..99bc18809 100644 --- a/rules/javascript/lang/weak_hash_md5.yml +++ b/rules/javascript/lang/weak_hash_md5.yml @@ -119,3 +119,4 @@ metadata: id: javascript_lang_weak_hash_md5 documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_weak_hash_md5 cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/lang/weak_hash_sha1.yml b/rules/javascript/lang/weak_hash_sha1.yml index b220c1e71..9caba6b9b 100644 --- a/rules/javascript/lang/weak_hash_sha1.yml +++ b/rules/javascript/lang/weak_hash_sha1.yml @@ -92,3 +92,4 @@ metadata: id: javascript_lang_weak_hash_sha1 documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_weak_hash_sha1 cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/lang/weak_password_encryption_des.yml b/rules/javascript/lang/weak_password_encryption_des.yml index d742ea125..8584d8205 100644 --- a/rules/javascript/lang/weak_password_encryption_des.yml +++ b/rules/javascript/lang/weak_password_encryption_des.yml @@ -43,3 +43,4 @@ metadata: id: javascript_lang_weak_password_encryption_des documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_weak_password_encryption_des cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/lang/weak_password_encryption_rc4.yml b/rules/javascript/lang/weak_password_encryption_rc4.yml index 8a424c6f5..f1312f967 100644 --- a/rules/javascript/lang/weak_password_encryption_rc4.yml +++ b/rules/javascript/lang/weak_password_encryption_rc4.yml @@ -43,3 +43,4 @@ metadata: id: javascript_lang_weak_password_encryption_rc4 documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_weak_password_encryption_rc4 cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/lang/weak_password_hash_argon2.yml b/rules/javascript/lang/weak_password_hash_argon2.yml index 977de99ab..ca8b3da0c 100644 --- a/rules/javascript/lang/weak_password_hash_argon2.yml +++ b/rules/javascript/lang/weak_password_hash_argon2.yml @@ -63,3 +63,4 @@ metadata: id: javascript_lang_weak_password_hash_argon2 documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_weak_password_hash_argon2 cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/lang/weak_password_hash_md5.yml b/rules/javascript/lang/weak_password_hash_md5.yml index 7e7fb4333..c973c4e4a 100644 --- a/rules/javascript/lang/weak_password_hash_md5.yml +++ b/rules/javascript/lang/weak_password_hash_md5.yml @@ -95,3 +95,4 @@ metadata: id: javascript_lang_weak_password_hash_md5 documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_weak_password_hash_md5 cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/lang/weak_password_hash_sha1.yml b/rules/javascript/lang/weak_password_hash_sha1.yml index f5a7cfa9e..002bd4493 100644 --- a/rules/javascript/lang/weak_password_hash_sha1.yml +++ b/rules/javascript/lang/weak_password_hash_sha1.yml @@ -73,3 +73,4 @@ metadata: id: javascript_lang_weak_password_hash_sha1 documentation_url: https://docs.bearer.com/reference/rules/javascript_lang_weak_password_hash_sha1 cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/react/google_analytics.yml b/rules/javascript/react/google_analytics.yml index e3d8ef344..b03762fb9 100644 --- a/rules/javascript/react/google_analytics.yml +++ b/rules/javascript/react/google_analytics.yml @@ -29,3 +29,4 @@ metadata: id: "javascript_react_google_analytics" documentation_url: https://docs.bearer.com/reference/rules/javascript_react_google_analytics cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/airbrake.yml b/rules/javascript/third_parties/airbrake.yml index f98bfa155..c0ebc1278 100644 --- a/rules/javascript/third_parties/airbrake.yml +++ b/rules/javascript/third_parties/airbrake.yml @@ -47,3 +47,4 @@ metadata: id: javascript_third_parties_airbrake documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_airbrake cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/algolia.yml b/rules/javascript/third_parties/algolia.yml index 8e4945dcd..ce5ec2775 100644 --- a/rules/javascript/third_parties/algolia.yml +++ b/rules/javascript/third_parties/algolia.yml @@ -73,3 +73,4 @@ metadata: id: javascript_third_parties_algolia documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_algolia cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/bugsnag.yml b/rules/javascript/third_parties/bugsnag.yml index b052dd7bf..4b5c26e8a 100644 --- a/rules/javascript/third_parties/bugsnag.yml +++ b/rules/javascript/third_parties/bugsnag.yml @@ -82,3 +82,4 @@ metadata: id: javascript_third_parties_bugsnag documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_bugsnag cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/datadog.yml b/rules/javascript/third_parties/datadog.yml index 175dfac72..4dfa95bf6 100644 --- a/rules/javascript/third_parties/datadog.yml +++ b/rules/javascript/third_parties/datadog.yml @@ -58,3 +58,4 @@ metadata: id: javascript_third_parties_datadog documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_datadog cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/datadog_browser.yml b/rules/javascript/third_parties/datadog_browser.yml index de42db8c7..d9ac7455e 100644 --- a/rules/javascript/third_parties/datadog_browser.yml +++ b/rules/javascript/third_parties/datadog_browser.yml @@ -28,3 +28,4 @@ metadata: id: javascript_third_parties_datadog_browser documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_datadog_browser cloud_code_suggestions: true +severity: low diff --git a/rules/javascript/third_parties/elasticsearch.yml b/rules/javascript/third_parties/elasticsearch.yml index 4c5a915b0..9bc1149de 100644 --- a/rules/javascript/third_parties/elasticsearch.yml +++ b/rules/javascript/third_parties/elasticsearch.yml @@ -32,3 +32,4 @@ metadata: id: javascript_third_parties_elasticsearch documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_elasticsearch cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/google_analytics.yml b/rules/javascript/third_parties/google_analytics.yml index cd82ba3a3..d30a1b914 100644 --- a/rules/javascript/third_parties/google_analytics.yml +++ b/rules/javascript/third_parties/google_analytics.yml @@ -40,3 +40,4 @@ metadata: id: javascript_third_parties_google_analytics documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_google_analytics cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/google_tag_manager.yml b/rules/javascript/third_parties/google_tag_manager.yml index c857c4497..732ef74e1 100644 --- a/rules/javascript/third_parties/google_tag_manager.yml +++ b/rules/javascript/third_parties/google_tag_manager.yml @@ -52,3 +52,4 @@ metadata: id: javascript_third_parties_google_tag_manager documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_google_tag_manager cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/honeybadger.yml b/rules/javascript/third_parties/honeybadger.yml index 577a63772..ac3df7dcd 100644 --- a/rules/javascript/third_parties/honeybadger.yml +++ b/rules/javascript/third_parties/honeybadger.yml @@ -48,3 +48,4 @@ metadata: id: javascript_third_parties_honeybadger documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_honeybadger cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/new_relic.yml b/rules/javascript/third_parties/new_relic.yml index 9c11490cc..ef56aeeb8 100644 --- a/rules/javascript/third_parties/new_relic.yml +++ b/rules/javascript/third_parties/new_relic.yml @@ -69,3 +69,4 @@ metadata: id: "javascript_third_parties_new_relic" documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_new_relic cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/open_telemetry.yml b/rules/javascript/third_parties/open_telemetry.yml index e66dcfd49..bfdcb18d6 100644 --- a/rules/javascript/third_parties/open_telemetry.yml +++ b/rules/javascript/third_parties/open_telemetry.yml @@ -42,3 +42,4 @@ metadata: id: javascript_third_parties_open_telemetry documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_open_telemetry cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/openai.yml b/rules/javascript/third_parties/openai.yml index 1657b4462..e49c80a76 100644 --- a/rules/javascript/third_parties/openai.yml +++ b/rules/javascript/third_parties/openai.yml @@ -34,3 +34,4 @@ metadata: id: javascript_third_parties_openai documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_openai cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/rollbar.yml b/rules/javascript/third_parties/rollbar.yml index f2be105ca..58a0a96b7 100644 --- a/rules/javascript/third_parties/rollbar.yml +++ b/rules/javascript/third_parties/rollbar.yml @@ -47,3 +47,4 @@ metadata: id: javascript_third_parties_rollbar documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_rollbar cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/segment.yml b/rules/javascript/third_parties/segment.yml index 55ad90645..d286a3b6d 100644 --- a/rules/javascript/third_parties/segment.yml +++ b/rules/javascript/third_parties/segment.yml @@ -47,3 +47,4 @@ metadata: id: javascript_third_parties_segment documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_segment cloud_code_suggestions: true +severity: high diff --git a/rules/javascript/third_parties/sentry.yml b/rules/javascript/third_parties/sentry.yml index 9151bb596..daa0f100c 100644 --- a/rules/javascript/third_parties/sentry.yml +++ b/rules/javascript/third_parties/sentry.yml @@ -54,3 +54,4 @@ metadata: id: javascript_third_parties_sentry documentation_url: https://docs.bearer.com/reference/rules/javascript_third_parties_sentry cloud_code_suggestions: true +severity: high diff --git a/rules/php/lang/cookie_missing_http_only.yml b/rules/php/lang/cookie_missing_http_only.yml index 778a324df..b8f863c43 100644 --- a/rules/php/lang/cookie_missing_http_only.yml +++ b/rules/php/lang/cookie_missing_http_only.yml @@ -87,3 +87,4 @@ metadata: id: php_lang_cookie_missing_http_only documentation_url: https://docs.bearer.com/reference/rules/php_lang_cookie_missing_http_only cloud_code_suggestions: true +severity: low diff --git a/rules/php/lang/cookies.yml b/rules/php/lang/cookies.yml index bd094a906..f3b55c772 100644 --- a/rules/php/lang/cookies.yml +++ b/rules/php/lang/cookies.yml @@ -32,3 +32,4 @@ metadata: id: php_lang_cookies documentation_url: https://docs.bearer.com/reference/rules/php_lang_cookies cloud_code_suggestions: true +severity: high diff --git a/rules/php/lang/exception.yml b/rules/php/lang/exception.yml index 2b0a51191..7d150ec63 100644 --- a/rules/php/lang/exception.yml +++ b/rules/php/lang/exception.yml @@ -45,3 +45,4 @@ metadata: id: php_lang_exception documentation_url: https://docs.bearer.com/reference/rules/php_lang_exception cloud_code_suggestions: true +severity: high diff --git a/rules/php/lang/file_generation.yml b/rules/php/lang/file_generation.yml index 65328a2b6..908ae5696 100644 --- a/rules/php/lang/file_generation.yml +++ b/rules/php/lang/file_generation.yml @@ -36,3 +36,4 @@ metadata: - 313 id: php_lang_file_generation documentation_url: https://docs.bearer.com/reference/rules/php_lang_file_generation +severity: high diff --git a/rules/php/lang/http_url_using_sensitive_data.yml b/rules/php/lang/http_url_using_sensitive_data.yml index 4b5e0bbab..2937855f0 100644 --- a/rules/php/lang/http_url_using_sensitive_data.yml +++ b/rules/php/lang/http_url_using_sensitive_data.yml @@ -496,3 +496,4 @@ metadata: - 598 id: php_lang_http_url_using_sensitive_data documentation_url: https://docs.bearer.com/reference/rules/php_lang_http_url_using_sensitive_data +severity: high diff --git a/rules/php/lang/insecure_allow_origin.yml b/rules/php/lang/insecure_allow_origin.yml index bc7cb6932..aed7197c2 100644 --- a/rules/php/lang/insecure_allow_origin.yml +++ b/rules/php/lang/insecure_allow_origin.yml @@ -28,3 +28,4 @@ metadata: - 346 id: php_lang_insecure_allow_origin documentation_url: https://docs.bearer.com/reference/rules/php_lang_insecure_allow_origin +severity: low diff --git a/rules/php/lang/insecure_cookie.yml b/rules/php/lang/insecure_cookie.yml index 66f7a6a0a..456f575ff 100644 --- a/rules/php/lang/insecure_cookie.yml +++ b/rules/php/lang/insecure_cookie.yml @@ -84,3 +84,4 @@ metadata: id: php_lang_insecure_cookie documentation_url: https://docs.bearer.com/reference/rules/php_lang_insecure_cookie cloud_code_suggestions: true +severity: low diff --git a/rules/php/lang/jwt.yml b/rules/php/lang/jwt.yml index 9383ee382..ab86941a5 100644 --- a/rules/php/lang/jwt.yml +++ b/rules/php/lang/jwt.yml @@ -41,3 +41,4 @@ metadata: - 315 id: php_lang_jwt documentation_url: https://docs.bearer.com/reference/rules/php_lang_jwt +severity: high diff --git a/rules/php/lang/logger.yml b/rules/php/lang/logger.yml index 0b4982d7f..b6daa2ee9 100644 --- a/rules/php/lang/logger.yml +++ b/rules/php/lang/logger.yml @@ -39,3 +39,4 @@ metadata: id: php_lang_logger documentation_url: https://docs.bearer.com/reference/rules/php_lang_logger cloud_code_suggestions: true +severity: high diff --git a/rules/php/lang/raw_output_using_user_input.yml b/rules/php/lang/raw_output_using_user_input.yml index 4b4a71bd4..cfee5834b 100644 --- a/rules/php/lang/raw_output_using_user_input.yml +++ b/rules/php/lang/raw_output_using_user_input.yml @@ -56,3 +56,4 @@ metadata: - 79 id: php_lang_raw_output_using_user_input documentation_url: https://docs.bearer.com/reference/rules/php_lang_raw_output_using_user_input +severity: low diff --git a/rules/php/lang/regex_using_user_input.yml b/rules/php/lang/regex_using_user_input.yml index 672562361..186a0e226 100644 --- a/rules/php/lang/regex_using_user_input.yml +++ b/rules/php/lang/regex_using_user_input.yml @@ -64,3 +64,4 @@ metadata: - 1287 id: php_lang_regex_using_user_input documentation_url: https://docs.bearer.com/reference/rules/php_lang_regex_using_user_input +severity: low diff --git a/rules/php/lang/ui_redress.yml b/rules/php/lang/ui_redress.yml index 113cea916..5208ad62f 100644 --- a/rules/php/lang/ui_redress.yml +++ b/rules/php/lang/ui_redress.yml @@ -34,3 +34,4 @@ metadata: id: "php_lang_ui_redress" documentation_url: https://docs.bearer.com/reference/rules/php_lang_ui_redress cloud_code_suggestions: true +severity: low diff --git a/rules/php/lang/weak_hash_adler32.yml b/rules/php/lang/weak_hash_adler32.yml index 40e4f90ee..9d6273532 100644 --- a/rules/php/lang/weak_hash_adler32.yml +++ b/rules/php/lang/weak_hash_adler32.yml @@ -52,3 +52,4 @@ metadata: - 328 id: php_lang_weak_hash_adler32 documentation_url: https://docs.bearer.com/reference/rules/php_lang_weak_hash_adler32 +severity: low diff --git a/rules/php/lang/weak_hash_crc32.yml b/rules/php/lang/weak_hash_crc32.yml index 459629227..a3486f041 100644 --- a/rules/php/lang/weak_hash_crc32.yml +++ b/rules/php/lang/weak_hash_crc32.yml @@ -55,3 +55,4 @@ metadata: - 328 id: php_lang_weak_hash_crc32 documentation_url: https://docs.bearer.com/reference/rules/php_lang_weak_hash_crc32 +severity: low diff --git a/rules/php/lang/weak_hash_md.yml b/rules/php/lang/weak_hash_md.yml index ee995a962..50261e06d 100644 --- a/rules/php/lang/weak_hash_md.yml +++ b/rules/php/lang/weak_hash_md.yml @@ -91,3 +91,4 @@ metadata: id: php_lang_weak_hash_md documentation_url: https://docs.bearer.com/reference/rules/php_lang_weak_hash_md cloud_code_suggestions: true +severity: high diff --git a/rules/php/lang/weak_hash_sha1.yml b/rules/php/lang/weak_hash_sha1.yml index 7f373feab..76bbf8e96 100644 --- a/rules/php/lang/weak_hash_sha1.yml +++ b/rules/php/lang/weak_hash_sha1.yml @@ -91,3 +91,4 @@ metadata: id: php_lang_weak_hash_sha1 documentation_url: https://docs.bearer.com/reference/rules/php_lang_weak_hash_sha1 cloud_code_suggestions: true +severity: high diff --git a/rules/php/lang/weak_password_hash_md.yml b/rules/php/lang/weak_password_hash_md.yml index 236135b6e..54868bc71 100644 --- a/rules/php/lang/weak_password_hash_md.yml +++ b/rules/php/lang/weak_password_hash_md.yml @@ -65,3 +65,4 @@ metadata: id: php_lang_weak_password_hash_md documentation_url: https://docs.bearer.com/reference/rules/php_lang_weak_password_hash_md cloud_code_suggestions: true +severity: high diff --git a/rules/php/lang/weak_password_hash_sha1.yml b/rules/php/lang/weak_password_hash_sha1.yml index e4069414c..80bfa4207 100644 --- a/rules/php/lang/weak_password_hash_sha1.yml +++ b/rules/php/lang/weak_password_hash_sha1.yml @@ -65,3 +65,4 @@ metadata: id: php_lang_weak_password_hash_sha1 documentation_url: https://docs.bearer.com/reference/rules/php_lang_weak_password_hash_sha1 cloud_code_suggestions: true +severity: high diff --git a/rules/php/lang/xpath_injection.yml b/rules/php/lang/xpath_injection.yml index 71136cacd..53e5f4204 100644 --- a/rules/php/lang/xpath_injection.yml +++ b/rules/php/lang/xpath_injection.yml @@ -64,3 +64,4 @@ metadata: - 643 id: php_lang_xpath_injection documentation_url: https://docs.bearer.com/reference/rules/php_lang_xpath_injection +severity: low diff --git a/rules/php/symfony/cookie_missing_http_only.yml b/rules/php/symfony/cookie_missing_http_only.yml index 784d02f39..a91f01b78 100644 --- a/rules/php/symfony/cookie_missing_http_only.yml +++ b/rules/php/symfony/cookie_missing_http_only.yml @@ -85,3 +85,4 @@ metadata: id: php_symfony_cookie_missing_http_only documentation_url: https://docs.bearer.com/reference/rules/php_symfony_cookie_missing_http_only cloud_code_suggestions: true +severity: low diff --git a/rules/php/symfony/cookies.yml b/rules/php/symfony/cookies.yml index d0e7da0c1..ba37556d3 100644 --- a/rules/php/symfony/cookies.yml +++ b/rules/php/symfony/cookies.yml @@ -38,3 +38,4 @@ metadata: id: php_symfony_cookies documentation_url: https://docs.bearer.com/reference/rules/php_symfony_cookies cloud_code_suggestions: true +severity: high diff --git a/rules/php/symfony/insecure_allow_origin.yml b/rules/php/symfony/insecure_allow_origin.yml index 8a51911f8..d7292ce6c 100644 --- a/rules/php/symfony/insecure_allow_origin.yml +++ b/rules/php/symfony/insecure_allow_origin.yml @@ -49,3 +49,4 @@ metadata: - 346 id: php_symfony_insecure_allow_origin documentation_url: https://docs.bearer.com/reference/rules/php_symfony_insecure_allow_origin +severity: low diff --git a/rules/php/symfony/insecure_cookie.yml b/rules/php/symfony/insecure_cookie.yml index 4d6100701..80030b29a 100644 --- a/rules/php/symfony/insecure_cookie.yml +++ b/rules/php/symfony/insecure_cookie.yml @@ -83,3 +83,4 @@ metadata: id: php_symfony_insecure_cookie documentation_url: https://docs.bearer.com/reference/rules/php_symfony_insecure_cookie cloud_code_suggestions: true +severity: low diff --git a/rules/php/symfony/insecure_smtp.yml b/rules/php/symfony/insecure_smtp.yml index 407c7d297..88c0149f6 100644 --- a/rules/php/symfony/insecure_smtp.yml +++ b/rules/php/symfony/insecure_smtp.yml @@ -29,3 +29,4 @@ metadata: id: php_symfony_insecure_smtp documentation_url: https://docs.bearer.com/reference/rules/php_symfony_insecure_smtp cloud_code_suggestions: true +severity: low diff --git a/rules/php/symfony/permissive_regex_validation.yml b/rules/php/symfony/permissive_regex_validation.yml index f9d6b1b17..ebd5be052 100644 --- a/rules/php/symfony/permissive_regex_validation.yml +++ b/rules/php/symfony/permissive_regex_validation.yml @@ -87,3 +87,4 @@ metadata: id: php_symfony_permissive_regex_validation documentation_url: https://docs.bearer.com/reference/rules/php_symfony_permissive_regex_validation cloud_code_suggestions: true +severity: low diff --git a/rules/php/symfony/ui_redress.yml b/rules/php/symfony/ui_redress.yml index 873a7e3c6..cccacef01 100644 --- a/rules/php/symfony/ui_redress.yml +++ b/rules/php/symfony/ui_redress.yml @@ -54,3 +54,4 @@ metadata: id: "php_symfony_ui_redress" documentation_url: https://docs.bearer.com/reference/rules/php_symfony_ui_redress cloud_code_suggestions: true +severity: low diff --git a/rules/php/third_parties/airbrake.yml b/rules/php/third_parties/airbrake.yml index eaba86dc2..3d196c6e7 100644 --- a/rules/php/third_parties/airbrake.yml +++ b/rules/php/third_parties/airbrake.yml @@ -64,3 +64,4 @@ metadata: associated_recipe: Airbrake id: php_third_parties_airbrake documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_airbrake +severity: high diff --git a/rules/php/third_parties/algolia.yml b/rules/php/third_parties/algolia.yml index 287ba2991..a9cd7403c 100644 --- a/rules/php/third_parties/algolia.yml +++ b/rules/php/third_parties/algolia.yml @@ -63,3 +63,4 @@ metadata: associated_recipe: Algolia id: php_third_parties_algolia documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_algolia +severity: high diff --git a/rules/php/third_parties/bigquery.yml b/rules/php/third_parties/bigquery.yml index 4365246fc..899f9977b 100644 --- a/rules/php/third_parties/bigquery.yml +++ b/rules/php/third_parties/bigquery.yml @@ -63,3 +63,4 @@ metadata: associated_recipe: Google Cloud BigQuery id: php_third_parties_bigquery documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_bigquery +severity: high diff --git a/rules/php/third_parties/bugsnag.yml b/rules/php/third_parties/bugsnag.yml index 2acad66ec..c96b95672 100644 --- a/rules/php/third_parties/bugsnag.yml +++ b/rules/php/third_parties/bugsnag.yml @@ -77,3 +77,4 @@ metadata: associated_recipe: Bugsnag id: php_third_parties_bugsnag documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_bugsnag +severity: high diff --git a/rules/php/third_parties/clickhouse.yml b/rules/php/third_parties/clickhouse.yml index b814a7e75..3bf4402c4 100644 --- a/rules/php/third_parties/clickhouse.yml +++ b/rules/php/third_parties/clickhouse.yml @@ -37,3 +37,4 @@ metadata: associated_recipe: ClickHouse id: php_third_parties_clickhouse documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_clickhouse +severity: high diff --git a/rules/php/third_parties/datadog.yml b/rules/php/third_parties/datadog.yml index 2f862ea09..105908447 100644 --- a/rules/php/third_parties/datadog.yml +++ b/rules/php/third_parties/datadog.yml @@ -47,7 +47,8 @@ auxiliary: - \DDTrace\trace_function($<_>, function($$$<...>) {}) - \DDTrace\trace_function($<_>, [$<_> => function($$$<...>) {}]) - \DDTrace\trace_method($<_>, $<_>, function($$$<...>) {}) - - \DDTrace\trace_method($<_>, $<_>, [$<_> => function($$$<...>) {}]) + - \DDTrace\trace_method($<_>, $<_>, [$<_> => function($$$<...>) + {}]) - pattern: \DDTrace\$() filters: - variable: FUNCTION @@ -105,3 +106,4 @@ metadata: associated_recipe: Datadog id: php_third_parties_datadog documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_datadog +severity: high diff --git a/rules/php/third_parties/elasticsearch.yml b/rules/php/third_parties/elasticsearch.yml index e549d04b7..1e5c9d320 100644 --- a/rules/php/third_parties/elasticsearch.yml +++ b/rules/php/third_parties/elasticsearch.yml @@ -65,3 +65,4 @@ metadata: associated_recipe: Elasticsearch id: php_third_parties_elasticsearch documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_elasticsearch +severity: high diff --git a/rules/php/third_parties/honeybadger.yml b/rules/php/third_parties/honeybadger.yml index 623d481f5..fecf96329 100644 --- a/rules/php/third_parties/honeybadger.yml +++ b/rules/php/third_parties/honeybadger.yml @@ -53,3 +53,4 @@ metadata: associated_recipe: Honeybadger id: php_third_parties_honeybadger documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_honeybadger +severity: high diff --git a/rules/php/third_parties/logger.yml b/rules/php/third_parties/logger.yml index 80f5cea9f..1f09c95a7 100644 --- a/rules/php/third_parties/logger.yml +++ b/rules/php/third_parties/logger.yml @@ -56,3 +56,4 @@ metadata: id: php_third_parties_logger documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_logger cloud_code_suggestions: true +severity: high diff --git a/rules/php/third_parties/new_relic.yml b/rules/php/third_parties/new_relic.yml index ca07fc99a..31172dbed 100644 --- a/rules/php/third_parties/new_relic.yml +++ b/rules/php/third_parties/new_relic.yml @@ -38,3 +38,4 @@ metadata: associated_recipe: New Relic id: php_third_parties_new_relic documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_new_relic +severity: high diff --git a/rules/php/third_parties/open_telemetry.yml b/rules/php/third_parties/open_telemetry.yml index a5558fd15..a11a33aa0 100644 --- a/rules/php/third_parties/open_telemetry.yml +++ b/rules/php/third_parties/open_telemetry.yml @@ -64,3 +64,4 @@ metadata: - 201 id: php_third_parties_open_telemetry documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_open_telemetry +severity: high diff --git a/rules/php/third_parties/rollbar.yml b/rules/php/third_parties/rollbar.yml index c996ecaff..7f1c64125 100644 --- a/rules/php/third_parties/rollbar.yml +++ b/rules/php/third_parties/rollbar.yml @@ -55,3 +55,4 @@ metadata: associated_recipe: Rollbar id: php_third_parties_rollbar documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_rollbar +severity: high diff --git a/rules/php/third_parties/scout_apm.yml b/rules/php/third_parties/scout_apm.yml index c9ce6ceaf..899db9b9c 100644 --- a/rules/php/third_parties/scout_apm.yml +++ b/rules/php/third_parties/scout_apm.yml @@ -63,3 +63,4 @@ metadata: associated_recipe: Scout APM id: php_third_parties_scout_apm documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_scout_apm +severity: high diff --git a/rules/php/third_parties/segment.yml b/rules/php/third_parties/segment.yml index 10b34bda4..0d65b5f99 100644 --- a/rules/php/third_parties/segment.yml +++ b/rules/php/third_parties/segment.yml @@ -39,3 +39,4 @@ metadata: associated_recipe: Segment id: php_third_parties_segment documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_segment +severity: high diff --git a/rules/php/third_parties/sentry.yml b/rules/php/third_parties/sentry.yml index 4931a9265..ae4c7cf8c 100644 --- a/rules/php/third_parties/sentry.yml +++ b/rules/php/third_parties/sentry.yml @@ -73,3 +73,4 @@ metadata: associated_recipe: Sentry id: php_third_parties_sentry documentation_url: https://docs.bearer.com/reference/rules/php_third_parties_sentry +severity: high diff --git a/rules/python/lang/logger.yml b/rules/python/lang/logger.yml index d9c7a61e9..663f09057 100644 --- a/rules/python/lang/logger.yml +++ b/rules/python/lang/logger.yml @@ -43,3 +43,4 @@ metadata: id: python_lang_logger documentation_url: https://docs.bearer.com/reference/rules/python_lang_logger cloud_code_suggestions: true +severity: high diff --git a/rules/python/lang/weak_hash_md5.yml b/rules/python/lang/weak_hash_md5.yml index d3c909b33..8768a1ed2 100644 --- a/rules/python/lang/weak_hash_md5.yml +++ b/rules/python/lang/weak_hash_md5.yml @@ -59,3 +59,4 @@ metadata: id: python_lang_weak_hash_md5 documentation_url: https://docs.bearer.com/reference/rules/python_lang_weak_hash_md5 cloud_code_suggestions: true +severity: high diff --git a/rules/python/lang/weak_hash_sha1.yml b/rules/python/lang/weak_hash_sha1.yml index a00925901..4b8d57518 100644 --- a/rules/python/lang/weak_hash_sha1.yml +++ b/rules/python/lang/weak_hash_sha1.yml @@ -59,3 +59,4 @@ metadata: id: python_lang_weak_hash_sha1 documentation_url: https://docs.bearer.com/reference/rules/python_lang_weak_hash_sha1 cloud_code_suggestions: true +severity: high diff --git a/rules/python/lang/weak_password_encryption_md5.yml b/rules/python/lang/weak_password_encryption_md5.yml index 07cfd530b..eec8b3d06 100644 --- a/rules/python/lang/weak_password_encryption_md5.yml +++ b/rules/python/lang/weak_password_encryption_md5.yml @@ -47,3 +47,4 @@ metadata: - 326 id: python_lang_weak_password_encryption_md5 documentation_url: https://docs.bearer.com/reference/rules/python_lang_weak_password_encryption_md5 +severity: high diff --git a/rules/python/lang/weak_password_encryption_sha1.yml b/rules/python/lang/weak_password_encryption_sha1.yml index ae23f9c4e..a57414865 100644 --- a/rules/python/lang/weak_password_encryption_sha1.yml +++ b/rules/python/lang/weak_password_encryption_sha1.yml @@ -47,3 +47,4 @@ metadata: - 326 id: python_lang_weak_password_encryption_sha1 documentation_url: https://docs.bearer.com/reference/rules/python_lang_weak_password_encryption_sha1 +severity: high diff --git a/rules/ruby/lang/cookies.yml b/rules/ruby/lang/cookies.yml index 5c4188891..c189707e8 100644 --- a/rules/ruby/lang/cookies.yml +++ b/rules/ruby/lang/cookies.yml @@ -61,3 +61,4 @@ metadata: id: ruby_lang_cookies documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_cookies cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/exception.yml b/rules/ruby/lang/exception.yml index 188151aaa..046f2e5cf 100644 --- a/rules/ruby/lang/exception.yml +++ b/rules/ruby/lang/exception.yml @@ -36,3 +36,4 @@ metadata: id: ruby_lang_exception documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_exception cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/file_generation.yml b/rules/ruby/lang/file_generation.yml index 04917c4d4..66b5ea208 100644 --- a/rules/ruby/lang/file_generation.yml +++ b/rules/ruby/lang/file_generation.yml @@ -69,3 +69,4 @@ metadata: - 313 id: ruby_lang_file_generation documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_file_generation +severity: high diff --git a/rules/ruby/lang/http_get_params.yml b/rules/ruby/lang/http_get_params.yml index aac5ceb82..05b82ff80 100644 --- a/rules/ruby/lang/http_get_params.yml +++ b/rules/ruby/lang/http_get_params.yml @@ -80,3 +80,4 @@ metadata: id: ruby_lang_http_get_params documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_http_get_params cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/jwt.yml b/rules/ruby/lang/jwt.yml index 1b2a54cb9..2c202f916 100644 --- a/rules/ruby/lang/jwt.yml +++ b/rules/ruby/lang/jwt.yml @@ -35,3 +35,4 @@ metadata: - 315 id: ruby_lang_jwt documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_jwt +severity: high diff --git a/rules/ruby/lang/logger.yml b/rules/ruby/lang/logger.yml index 85ba97817..a79456cd5 100644 --- a/rules/ruby/lang/logger.yml +++ b/rules/ruby/lang/logger.yml @@ -47,3 +47,4 @@ metadata: id: ruby_lang_logger documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_logger cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/regex_using_user_input.yml b/rules/ruby/lang/regex_using_user_input.yml index b6aec3140..65317d536 100644 --- a/rules/ruby/lang/regex_using_user_input.yml +++ b/rules/ruby/lang/regex_using_user_input.yml @@ -59,3 +59,4 @@ metadata: - 1287 id: ruby_lang_regex_using_user_input documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_regex_using_user_input +severity: low diff --git a/rules/ruby/lang/weak_encryption_blowfish.yml b/rules/ruby/lang/weak_encryption_blowfish.yml index 479354c95..b4799a710 100644 --- a/rules/ruby/lang/weak_encryption_blowfish.yml +++ b/rules/ruby/lang/weak_encryption_blowfish.yml @@ -92,3 +92,4 @@ metadata: id: ruby_lang_weak_encryption_blowfish documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_encryption_blowfish cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_encryption_dsa.yml b/rules/ruby/lang/weak_encryption_dsa.yml index ec290e566..a6fbaed75 100644 --- a/rules/ruby/lang/weak_encryption_dsa.yml +++ b/rules/ruby/lang/weak_encryption_dsa.yml @@ -55,3 +55,4 @@ metadata: id: ruby_lang_weak_encryption_dsa documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_encryption_dsa cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_encryption_rc4.yml b/rules/ruby/lang/weak_encryption_rc4.yml index 5f78575cf..50866873f 100644 --- a/rules/ruby/lang/weak_encryption_rc4.yml +++ b/rules/ruby/lang/weak_encryption_rc4.yml @@ -55,3 +55,4 @@ metadata: id: ruby_lang_weak_encryption_rc4 documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_encryption_rc4 cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_encryption_rsa.yml b/rules/ruby/lang/weak_encryption_rsa.yml index 6a0bceb9a..2375402eb 100644 --- a/rules/ruby/lang/weak_encryption_rsa.yml +++ b/rules/ruby/lang/weak_encryption_rsa.yml @@ -55,3 +55,4 @@ metadata: id: ruby_lang_weak_encryption_rsa documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_encryption_rsa cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_hash_dss.yml b/rules/ruby/lang/weak_hash_dss.yml index e8474466a..c56f0f7ee 100644 --- a/rules/ruby/lang/weak_hash_dss.yml +++ b/rules/ruby/lang/weak_hash_dss.yml @@ -106,3 +106,4 @@ metadata: id: ruby_lang_weak_hash_dss documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_hash_dss cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_hash_md.yml b/rules/ruby/lang/weak_hash_md.yml index 83f8bac09..7a762395d 100644 --- a/rules/ruby/lang/weak_hash_md.yml +++ b/rules/ruby/lang/weak_hash_md.yml @@ -121,3 +121,4 @@ metadata: id: ruby_lang_weak_hash_md documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_hash_md cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_hash_sha.yml b/rules/ruby/lang/weak_hash_sha.yml index 5776bf17a..0e759c188 100644 --- a/rules/ruby/lang/weak_hash_sha.yml +++ b/rules/ruby/lang/weak_hash_sha.yml @@ -122,3 +122,4 @@ metadata: id: ruby_lang_weak_hash_sha documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_hash_sha cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_password_encryption_blowfish.yml b/rules/ruby/lang/weak_password_encryption_blowfish.yml index ad78026c1..b4e7f0bda 100644 --- a/rules/ruby/lang/weak_password_encryption_blowfish.yml +++ b/rules/ruby/lang/weak_password_encryption_blowfish.yml @@ -79,3 +79,4 @@ metadata: id: ruby_lang_weak_password_encryption_blowfish documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_password_encryption_blowfish cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_password_encryption_dsa.yml b/rules/ruby/lang/weak_password_encryption_dsa.yml index 95b0ea75b..b62cb0ebf 100644 --- a/rules/ruby/lang/weak_password_encryption_dsa.yml +++ b/rules/ruby/lang/weak_password_encryption_dsa.yml @@ -52,3 +52,4 @@ metadata: id: ruby_lang_weak_password_encryption_dsa documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_password_encryption_dsa cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_password_encryption_rc4.yml b/rules/ruby/lang/weak_password_encryption_rc4.yml index 580f5852b..00d518630 100644 --- a/rules/ruby/lang/weak_password_encryption_rc4.yml +++ b/rules/ruby/lang/weak_password_encryption_rc4.yml @@ -52,3 +52,4 @@ metadata: id: ruby_lang_weak_password_encryption_rc4 documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_password_encryption_rc4 cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_password_encryption_rsa.yml b/rules/ruby/lang/weak_password_encryption_rsa.yml index 5762c9742..0dda758a0 100644 --- a/rules/ruby/lang/weak_password_encryption_rsa.yml +++ b/rules/ruby/lang/weak_password_encryption_rsa.yml @@ -50,3 +50,4 @@ metadata: id: ruby_lang_weak_password_encryption_rsa documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_password_encryption_rsa cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_password_hash_dss.yml b/rules/ruby/lang/weak_password_hash_dss.yml index 601b4b042..28fa64447 100644 --- a/rules/ruby/lang/weak_password_hash_dss.yml +++ b/rules/ruby/lang/weak_password_hash_dss.yml @@ -81,3 +81,4 @@ metadata: id: ruby_lang_weak_password_hash_dss documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_password_hash_dss cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_password_hash_md.yml b/rules/ruby/lang/weak_password_hash_md.yml index 747dbb01a..43901a7b7 100644 --- a/rules/ruby/lang/weak_password_hash_md.yml +++ b/rules/ruby/lang/weak_password_hash_md.yml @@ -91,3 +91,4 @@ metadata: id: ruby_lang_weak_password_hash_md documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_password_hash_md cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/lang/weak_password_hash_sha.yml b/rules/ruby/lang/weak_password_hash_sha.yml index 8720c2853..701201c67 100644 --- a/rules/ruby/lang/weak_password_hash_sha.yml +++ b/rules/ruby/lang/weak_password_hash_sha.yml @@ -91,3 +91,4 @@ metadata: id: ruby_lang_weak_password_hash_sha documentation_url: https://docs.bearer.com/reference/rules/ruby_lang_weak_password_hash_sha cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/rails/insecure_disabling_of_callback.yml b/rules/ruby/rails/insecure_disabling_of_callback.yml index c20575cba..ecab7e35f 100644 --- a/rules/ruby/rails/insecure_disabling_of_callback.yml +++ b/rules/ruby/rails/insecure_disabling_of_callback.yml @@ -35,3 +35,4 @@ metadata: id: ruby_rails_insecure_disabling_of_callback documentation_url: https://docs.bearer.com/reference/rules/ruby_rails_insecure_disabling_of_callback cloud_code_suggestions: true +severity: low diff --git a/rules/ruby/rails/insecure_http_password.yml b/rules/ruby/rails/insecure_http_password.yml index ab54ce464..388964fa1 100644 --- a/rules/ruby/rails/insecure_http_password.yml +++ b/rules/ruby/rails/insecure_http_password.yml @@ -28,3 +28,4 @@ metadata: cwe_id: - 259 documentation_url: https://docs.bearer.com/reference/rules/ruby_rails_insecure_http_password +severity: low diff --git a/rules/ruby/rails/insecure_smtp.yml b/rules/ruby/rails/insecure_smtp.yml index 8fbe47eba..1efcb90c7 100644 --- a/rules/ruby/rails/insecure_smtp.yml +++ b/rules/ruby/rails/insecure_smtp.yml @@ -38,3 +38,4 @@ metadata: id: ruby_rails_insecure_smtp documentation_url: https://docs.bearer.com/reference/rules/ruby_rails_insecure_smtp cloud_code_suggestions: true +severity: low diff --git a/rules/ruby/rails/logger.yml b/rules/ruby/rails/logger.yml index c8555a79c..38c246b15 100644 --- a/rules/ruby/rails/logger.yml +++ b/rules/ruby/rails/logger.yml @@ -45,3 +45,4 @@ metadata: id: ruby_rails_logger documentation_url: https://docs.bearer.com/reference/rules/ruby_rails_logger cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/rails/permissive_regex_validation.yml b/rules/ruby/rails/permissive_regex_validation.yml index 7389d6bf0..b6092eebd 100644 --- a/rules/ruby/rails/permissive_regex_validation.yml +++ b/rules/ruby/rails/permissive_regex_validation.yml @@ -54,3 +54,4 @@ metadata: id: ruby_rails_permissive_regex_validation documentation_url: https://docs.bearer.com/reference/rules/ruby_rails_permissive_regex_validation cloud_code_suggestions: true +severity: low diff --git a/rules/ruby/rails/session.yml b/rules/ruby/rails/session.yml index 64c97d024..34038c422 100644 --- a/rules/ruby/rails/session.yml +++ b/rules/ruby/rails/session.yml @@ -34,3 +34,4 @@ metadata: id: ruby_rails_session documentation_url: https://docs.bearer.com/reference/rules/ruby_rails_session cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/rails/session_with_httponly_disabled.yml b/rules/ruby/rails/session_with_httponly_disabled.yml index 6ab9242f0..017ed6d80 100644 --- a/rules/ruby/rails/session_with_httponly_disabled.yml +++ b/rules/ruby/rails/session_with_httponly_disabled.yml @@ -27,3 +27,4 @@ metadata: id: ruby_rails_session_with_httponly_disabled documentation_url: https://docs.bearer.com/reference/rules/ruby_rails_session_with_httponly_disabled cloud_code_suggestions: true +severity: low diff --git a/rules/ruby/rails/unsafe_cookie_serialization_strategy.yml b/rules/ruby/rails/unsafe_cookie_serialization_strategy.yml index d1ad99388..22ec086c9 100644 --- a/rules/ruby/rails/unsafe_cookie_serialization_strategy.yml +++ b/rules/ruby/rails/unsafe_cookie_serialization_strategy.yml @@ -34,3 +34,4 @@ metadata: id: ruby_rails_unsafe_cookie_serialization_strategy documentation_url: https://docs.bearer.com/reference/rules/ruby_rails_unsafe_cookie_serialization_strategy cloud_code_suggestions: true +severity: low diff --git a/rules/ruby/rails/weak_custom_key.yml b/rules/ruby/rails/weak_custom_key.yml index f5dc3cf46..9b4fe31b7 100644 --- a/rules/ruby/rails/weak_custom_key.yml +++ b/rules/ruby/rails/weak_custom_key.yml @@ -29,3 +29,4 @@ metadata: - 326 id: ruby_rails_weak_custom_key documentation_url: https://docs.bearer.com/reference/rules/ruby_rails_weak_custom_key +severity: low diff --git a/rules/ruby/third_parties/airbrake.yml b/rules/ruby/third_parties/airbrake.yml index 31db867af..ea9f4d88f 100644 --- a/rules/ruby/third_parties/airbrake.yml +++ b/rules/ruby/third_parties/airbrake.yml @@ -75,3 +75,4 @@ metadata: id: ruby_third_parties_airbrake documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_airbrake cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/algolia.yml b/rules/ruby/third_parties/algolia.yml index c0aeb3e91..89445dcce 100644 --- a/rules/ruby/third_parties/algolia.yml +++ b/rules/ruby/third_parties/algolia.yml @@ -51,3 +51,4 @@ metadata: id: ruby_third_parties_algolia documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_algolia cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/bigquery.yml b/rules/ruby/third_parties/bigquery.yml index d0d888302..dbd89a33e 100644 --- a/rules/ruby/third_parties/bigquery.yml +++ b/rules/ruby/third_parties/bigquery.yml @@ -87,3 +87,4 @@ metadata: id: ruby_third_parties_bigquery documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_bigquery cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/bugsnag.yml b/rules/ruby/third_parties/bugsnag.yml index aa26711c9..2cbb7c95b 100644 --- a/rules/ruby/third_parties/bugsnag.yml +++ b/rules/ruby/third_parties/bugsnag.yml @@ -55,3 +55,4 @@ metadata: id: ruby_third_parties_bugsnag documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_bugsnag cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/clickhouse.yml b/rules/ruby/third_parties/clickhouse.yml index e1ea05199..1c7de9d21 100644 --- a/rules/ruby/third_parties/clickhouse.yml +++ b/rules/ruby/third_parties/clickhouse.yml @@ -37,3 +37,4 @@ metadata: id: ruby_third_parties_clickhouse documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_clickhouse cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/datadog.yml b/rules/ruby/third_parties/datadog.yml index 76979860c..2651a719b 100644 --- a/rules/ruby/third_parties/datadog.yml +++ b/rules/ruby/third_parties/datadog.yml @@ -56,3 +56,4 @@ metadata: id: ruby_third_parties_datadog documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_datadog cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/elasticsearch.yml b/rules/ruby/third_parties/elasticsearch.yml index 1bfcee803..ad68287a7 100644 --- a/rules/ruby/third_parties/elasticsearch.yml +++ b/rules/ruby/third_parties/elasticsearch.yml @@ -57,3 +57,4 @@ metadata: id: ruby_third_parties_elasticsearch documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_elasticsearch cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/google_analytics.yml b/rules/ruby/third_parties/google_analytics.yml index 937c2cedd..d1e8bade0 100644 --- a/rules/ruby/third_parties/google_analytics.yml +++ b/rules/ruby/third_parties/google_analytics.yml @@ -43,3 +43,4 @@ metadata: id: ruby_third_parties_google_analytics documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_google_analytics cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/google_dataflow.yml b/rules/ruby/third_parties/google_dataflow.yml index 0cf4480c5..ef2a3a3e8 100644 --- a/rules/ruby/third_parties/google_dataflow.yml +++ b/rules/ruby/third_parties/google_dataflow.yml @@ -152,3 +152,4 @@ metadata: id: ruby_third_parties_google_dataflow documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_google_dataflow cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/honeybadger.yml b/rules/ruby/third_parties/honeybadger.yml index 7213425e6..7ac084c70 100644 --- a/rules/ruby/third_parties/honeybadger.yml +++ b/rules/ruby/third_parties/honeybadger.yml @@ -49,3 +49,4 @@ metadata: id: ruby_third_parties_honeybadger documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_honeybadger cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/new_relic.yml b/rules/ruby/third_parties/new_relic.yml index 2c94c7870..ddf620851 100644 --- a/rules/ruby/third_parties/new_relic.yml +++ b/rules/ruby/third_parties/new_relic.yml @@ -42,3 +42,4 @@ metadata: id: ruby_third_parties_new_relic documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_new_relic cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/open_telemetry.yml b/rules/ruby/third_parties/open_telemetry.yml index d2e12f643..cb7f5eadf 100644 --- a/rules/ruby/third_parties/open_telemetry.yml +++ b/rules/ruby/third_parties/open_telemetry.yml @@ -59,3 +59,4 @@ metadata: id: ruby_third_parties_open_telemetry documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_open_telemetry cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/rollbar.yml b/rules/ruby/third_parties/rollbar.yml index dc0f5ef2a..c7b73bd1c 100644 --- a/rules/ruby/third_parties/rollbar.yml +++ b/rules/ruby/third_parties/rollbar.yml @@ -71,3 +71,4 @@ metadata: id: ruby_third_parties_rollbar documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_rollbar cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/scout_apm.yml b/rules/ruby/third_parties/scout_apm.yml index 8e5c00abd..d8fd5188b 100644 --- a/rules/ruby/third_parties/scout_apm.yml +++ b/rules/ruby/third_parties/scout_apm.yml @@ -35,3 +35,4 @@ metadata: id: ruby_third_parties_scout_apm documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_scout_apm cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/segment.yml b/rules/ruby/third_parties/segment.yml index 720570aec..ecf3d411f 100644 --- a/rules/ruby/third_parties/segment.yml +++ b/rules/ruby/third_parties/segment.yml @@ -44,3 +44,4 @@ metadata: id: ruby_third_parties_segment documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_segment cloud_code_suggestions: true +severity: high diff --git a/rules/ruby/third_parties/sentry.yml b/rules/ruby/third_parties/sentry.yml index 5373c5652..3a7284fd7 100644 --- a/rules/ruby/third_parties/sentry.yml +++ b/rules/ruby/third_parties/sentry.yml @@ -165,3 +165,4 @@ metadata: id: ruby_third_parties_sentry documentation_url: https://docs.bearer.com/reference/rules/ruby_third_parties_sentry cloud_code_suggestions: true +severity: high