| """Semgrep rule packs. Each constant is the absolute path to a YAML file."""
|
| from pathlib import Path
|
|
|
| _ROOT = Path(__file__).parent.parent
|
|
|
| CORE = _ROOT / "core.yaml"
|
| WEB = _ROOT / "web.yaml"
|
| CRYPTO = _ROOT / "crypto.yaml"
|
| ML = _ROOT / "ml.yaml"
|
| SECRETS = _ROOT / "secrets.yaml"
|
| PERF = _ROOT / "perf.yaml"
|
|
|
|
|
| ML_PRETRAINED = _ROOT / "rules" / "ml_pretrained.yaml"
|
| ML_GRADIO_DOS = _ROOT / "rules" / "ml_gradio_dos.yaml"
|
| ML_GRADIO_SSRF = _ROOT / "rules" / "ml_gradio_ssrf.yaml"
|
| ML_REDOS = _ROOT / "rules" / "ml_redos.yaml"
|
| ML_PICKLE_GADGET = _ROOT / "rules" / "ml_pickle_gadget.yaml"
|
| ML_MCP = _ROOT / "rules" / "ml_mcp.yaml"
|
| ML_CHAT_TEMPLATE = _ROOT / "rules" / "ml_chat_template.yaml"
|
|
|
| ALL_SECURITY = [
|
| ("Semgrep:Core", CORE, "security"),
|
| ("Semgrep:Web", WEB, "security"),
|
| ("Semgrep:Crypto", CRYPTO, "security"),
|
| ("Semgrep:ML", ML, "security"),
|
| ("Semgrep:Secrets", SECRETS, "security"),
|
| ("Semgrep:ML-Pretrained", ML_PRETRAINED, "ml-security"),
|
| ("Semgrep:ML-GradioDoS", ML_GRADIO_DOS, "ml-security"),
|
| ("Semgrep:ML-GradioSSRF", ML_GRADIO_SSRF, "ml-security"),
|
| ("Semgrep:ML-ReDoS", ML_REDOS, "security"),
|
| ("Semgrep:ML-PickleGadget", ML_PICKLE_GADGET, "ml-security"),
|
| ]
|
|
|
| ALL_PERFORMANCE = [
|
| ("Semgrep:Perf", PERF, "performance"),
|
| ]
|
|
|
| LLM = _ROOT / "llm.yaml"
|
|
|
| ALL_LLM = [
|
| ("Semgrep:LLM", LLM, "security"),
|
| ("Semgrep:ML-MCP", ML_MCP, "llm"),
|
| ("Semgrep:ML-ChatTemplate", ML_CHAT_TEMPLATE, "llm"),
|
| ]
|
|
|
|
|
| ML_SUPPLY_CHAIN = _ROOT / "rules" / "ml_supply_chain.yaml"
|
|
|
| ALL_SUPPLY_CHAIN = [
|
| ("Semgrep:ML-SupplyChain", ML_SUPPLY_CHAIN, "supply-chain"),
|
| ]
|
|
|
