yaml.semgrep.metadata-references.metadata-references
semgrepAuthor
672
Download Count*
License
The references in rule metadata should always be a list, even if there's only one.
Run Locally
Run in CI
Defintion
rules:
- id: metadata-references
message: The references in rule metadata should always be a list, even if
there's only one.
severity: ERROR
languages:
- json
- yaml
patterns:
- pattern-inside: |
rules: ...
- pattern-inside: |
metadata: ...
- pattern: |
references: ...
- pattern-not: |
references: [...]
metadata:
category: correctness
technology:
- semgrep
license: Commons Clause License Condition v1.0[LGPL-2.1-only]
Examples
metadata-references.test.yaml
rules:
- id: example-1
message: Example
severity: ERROR
languages: [json, yaml]
pattern: "..."
metadata:
# ok: metadata-references
references:
- https://google.com
- id: example-2
message: Example
severity: ERROR
languages: [json, yaml]
pattern: "..."
metadata:
# ruleid: metadata-references
references: https://google.com
Short Link: https://sg.run/dgbX