Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/tintinweb/semgrep-rules
Low Noise Semgrep Security Rules
https://github.com/tintinweb/semgrep-rules
ethereum semgrep-rules solidity
Last synced: 20 days ago
JSON representation
Low Noise Semgrep Security Rules
- Host: GitHub
- URL: https://github.com/tintinweb/semgrep-rules
- Owner: tintinweb
- Created: 2024-06-11T12:25:33.000Z (5 months ago)
- Default Branch: main
- Last Pushed: 2024-09-18T17:22:19.000Z (about 2 months ago)
- Last Synced: 2024-10-07T16:21:07.828Z (about 1 month ago)
- Topics: ethereum, semgrep-rules, solidity
- Language: Solidity
- Homepage:
- Size: 14.6 KB
- Stars: 16
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# 🥷✨ Low Noise Semgrep Security Rules
Rules:
- ✅ Security relevant patterns only
- ❌ No performance, micro optimizations and other noise
Rulesets:
- Solidity
- MetaMask Snaps - Hover Info
[⇒ rules](./rules) - 👈🚀 Is the **active** ruleset. Be smart, use this ☝️
[⇒ _dev](./_dev) - 🧑🔬💥 Experimental rules. Would not use.
## ✨ Integrations
### CLI
```shell
tintin@:~/workspace/solidity/project-under-audit|⇒ semgrep --exclude="**mock**,**test**" --severity=WARNING --severity=ERROR -c /path_to_this_repo/rules .
```
### VSCode
1. install https://marketplace.visualstudio.com/items?itemName=Semgrep.semgrep
2. configure:
1. `semgrep.scan.exclude` 👉 `**/node_modules/**`, `**test**`, `**mock**`
2. `semgrep.scan.configuration` 👉 `auto`, `/path_to_this_repo/rules`
## ⭐ Credits
Contribute, share! 🤗❤️
- [@tintinweb](https://github.com/tintinweb)
- [decurity/semgrep-smart-contracts](https://github.com/Decurity/semgrep-smart-contracts)
- [you? 🥹](https://github.com/tintinweb)