yaml.semgrep.missing-message-field.missing-message-field
returntocorpAuthor
670
Download Count*
License
This rule does not have a message. Semgrep requires that rules have a message. Include a message to explain what the rule does. Consider writing a message that explains why this is an issue and how to fix it.
Run Locally
Run in CI
Defintion
rules:
- id: missing-message-field
message: This rule does not have a message. Semgrep requires that rules have a
message. Include a message to explain what the rule does. Consider writing
a message that explains why this is an issue and how to fix it.
languages:
- yaml
patterns:
- pattern-inside: "rules: [..., $RULE, ...]"
- pattern: "id: $RULEID"
- pattern-not-inside: |
- ...
message: ...
- pattern-not-inside: |
- ...
mode: extract
severity: WARNING
metadata:
category: correctness
technology:
- semgrep
references:
- https://semgrep.dev/docs/writing-rules/rule-syntax/
license: Commons Clause License Condition v1.0[LGPL-2.1-only]
Examples
missing-message-field.test.yaml
rules:
# ruleid: missing-message-field
- id: unchecked-subprocess-call
patterns:
- pattern: |
subprocess.call(...)
- pattern-not-inside: |
$S = subprocess.call(...)
- pattern-not-inside: |
subprocess.call(...) == $X
severity: WARNING
fix: subprocess.check_call(...)
# ok: missing-message-field
- id: other-rule
pattern: <div>hello</div>
languages: [generic]
severity: INFO
message: ""
# ok: missing-message-field
- message: ""
id: other-rule-2
pattern: <div>hello</div>
languages: [generic]
severity: INFO
Short Link: https://sg.run/nqEg