Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| server: | ||
| port: 8080 | ||
| host: "localhost" | ||
| region: us-west |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| # This should trigger the rule (unquoted strings) | ||
|
|
||
| config: | ||
| name: production |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
|
|
||
| config: | ||
| name: production | ||
| type: database |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| config: | ||
| name: production | ||
| type: database | ||
| environment: staging |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| @@ -0,0 +1,33 @@ | |||
| rules: | |||
| - id: yaml-unquoted-string | |||
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
There was a problem hiding this comment.
Remaining comments which cannot be posted as a review comment to avoid GitHub Rate Limit
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|31| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|33| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|35| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|37| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|38| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|39| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|4| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|40| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|42| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|44| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|45| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|46| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|47| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|48| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|49| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|5| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|51| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|6| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|8| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|9| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| environment: staging | ||
|
|
||
| server: | ||
| port: 8080 |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
|
|
||
| server: | ||
| port: 8080 | ||
| host: "localhost" |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| region: us-west | ||
|
|
||
| # Test array items | ||
| languages: |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
|
|
||
| # Test array items | ||
| languages: | ||
| - yaml |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| # Test array items | ||
| languages: | ||
| - yaml | ||
| - json |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| - pattern: | | ||
| - $VALUE | ||
| - metavariable-regex: | ||
| metavariable: $VALUE |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| - $VALUE | ||
| - metavariable-regex: | ||
| metavariable: $VALUE | ||
| regex: '^[a-zA-Z][a-zA-Z0-9_.-]*$' |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| - metavariable-regex: | ||
| metavariable: $VALUE | ||
| regex: '^[a-zA-Z][a-zA-Z0-9_.-]*$' | ||
| - pattern-not: | |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| regex: '^[a-zA-Z][a-zA-Z0-9_.-]*$' | ||
| - pattern-not: | | ||
| - "$VALUE" | ||
| - pattern-not: | |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| @@ -0,0 +1,51 @@ | |||
| rules: | |||
| - id: yaml-unquoted-string | |||
| patterns: | |||
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
Added test cases to verify that strings with spaces, hyphens, and underscores should not be flagged as requiring quotes, while version strings like 1.2.3 and 802.11.x should be flagged. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
There was a problem hiding this comment.
Remaining comments which cannot be posted as a review comment to avoid GitHub Rate Limit
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|8| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
assets/semgrep_rules/services/yaml-unquoted-strings.yaml|9| [semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| # Additional test cases for modified rule | ||
|
|
||
| # These should NOT trigger the rule (should not require quotes): | ||
| new_config: |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
|
|
||
| # These should NOT trigger the rule (should not require quotes): | ||
| new_config: | ||
| phrase: rule-of-thumb # has hyphen - should not match |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| # These should NOT trigger the rule (should not require quotes): | ||
| new_config: | ||
| phrase: rule-of-thumb # has hyphen - should not match | ||
| description: Alice and bob # has spaces - should not match |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| new_config: | ||
| phrase: rule-of-thumb # has hyphen - should not match | ||
| description: Alice and bob # has spaces - should not match | ||
| float_version: 1.0 # simple numeric - should not match |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| phrase: rule-of-thumb # has hyphen - should not match | ||
| description: Alice and bob # has spaces - should not match | ||
| float_version: 1.0 # simple numeric - should not match | ||
| setting_name: some_value # has underscore - should not match |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| impact: "LOW" | ||
| confidence: "MEDIUM" | ||
| license: "MPL-2.0" | ||
| source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| confidence: "MEDIUM" | ||
| license: "MPL-2.0" | ||
| source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml | ||
| languages: |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| - id: yaml-unquoted-string | ||
| patterns: | ||
| - pattern-either: | ||
| - patterns: |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml | ||
| languages: | ||
| - "yaml" | ||
| severity: "INFO" |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
| patterns: | ||
| - pattern-either: | ||
| - patterns: | ||
| - pattern: | |
There was a problem hiding this comment.
reported by reviewdog 🐶
[semgrep] Found unquoted string value in YAML file. Consider quoting string values to avoid parsing ambiguity.
Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/services/yaml-unquoted-string.yaml
Cc @thypon @kdenhartog
thypon
force-pushed
the
main
branch
4 times, most recently
from
c9cb82f to
df38488
Compare
3 participants
https://hitchdev.com/strictyaml/why/implicit-typing-removed/