Skip to content

Commit

Permalink
feat: make PHP not enabled by default
Browse files Browse the repository at this point in the history
  • Loading branch information
@cfabianski
cfabianski committed Sep 21, 2023
1 parent 1944db4 commit a1db1d0
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 3 deletions.
1 change: 1 addition & 0 deletions .envrc.example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,4 @@ export SCAN_DIR=/Users/username/OWASP
export BEARER_DISABLE_DEFAULT_RULES=true
export BEARER_EXTERNAL_RULE_DIR=$PWD/../bearer-rules/rules
export BEARER_FORCE=true
export BEARER_PHP_ENABLED=true
4 changes: 2 additions & 2 deletions internal/commands/artifact/run.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -262,7 +262,7 @@ func Run(ctx context.Context, opts flag.Options) (err error) {
}
languageList := FormatFoundLanguages(inputgocloc.Languages)

// set used language list for extetrnal rules to empty if we dont use them
// set used language list for external rules to empty if we dont use them
metaLanguageList := languageList
if opts.RuleOptions.DisableDefaultRules {
metaLanguageList = make([]string, 0)
Expand Down Expand Up @@ -455,7 +455,7 @@ func anySupportedLanguagesPresent(inputgocloc *gocloc.Result, config settings.Co
for _, supportedLanguage := range maps.Keys(settings.GetSupportedRuleLanguages()) {
_, supportedLangPresent := foundLanguages[supportedLanguage]

if supportedLangPresent {
if supportedLangPresent && settings.GetSupportedRuleLanguages()[supportedLanguage] {
return true, nil
}
}
Expand Down
12 changes: 11 additions & 1 deletion internal/commands/process/settings/rules.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,12 @@ var (
)

func GetSupportedRuleLanguages() map[string]bool {
phpSupported := os.Getenv("BEARER_PHP_ENABLED") == "true"

return map[string]bool{
"php": true,
"php": phpSupported,
"java": true,
"sql": true, // partly supported but not exposed
"ruby": true,
"javascript": true,
"typescript": true,
Expand Down Expand Up @@ -140,6 +143,13 @@ func loadRuleDefinitionsFromDir(definitions map[string]RuleDefinition, dir fs.FS
return nil
}

for _, language := range ruleDefinition.Languages {
if exists := GetSupportedRuleLanguages()[language]; !exists {
log.Debug().Msgf("rule file includes unsupported language[%s] %s", language, path)
return nil
}
}

if _, exists := loadedDefinitions[id]; exists {
return fmt.Errorf("duplicate rule ID %s", id)
}
Expand Down

0 comments on commit a1db1d0

Please sign in to comment.