Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Community-led collection of essential ast-grep rules.

License

NotificationsYou must be signed in to change notification settings

coderabbitai/ast-grep-essentials

Repository files navigation

CodeRabbit Reviews

Overview

ast-grep-essentials is a community-led collection ofast-grep rules to help developers mitigatesecurity vulnerabilities and enforce best practices in their codebases.

Tip

Please read the CodeRabbitdocumentation tounderstand how to useast-grep inCodeRabbitreviews.

Structure

ast-grep-essentials│├── rules│   ├── javascript│   │   ├── jwt│   │   │   ├── rule1.yml│   │   │   ├── rule2.yml│   │   │   └── ...│   │   ├── ...│   │   └── ...│   └── go│       ├── jwt-go│       │   ├── rule1.yml│├── utils│   ├── script1.yml│   ├── script2.yml│   └── ...│└── tests    ├── javascript    │   ├── rule1-test.yml    │   ├── rule2-test.yml    │   └── ...    ├── ...    └── ...

The package is organized into three main directories:

  • rules: Containsast-grep rules categorized by language and securitycategory.
  • utils: Houses utility configs to support rule management.
  • tests: Includes test cases for validating the effectiveness of the rulesacross different languages.

Rules Structure

Within therules directory, you'll find the following structure:

  • language: Each language supported byast-grep (e.g., Python, JavaScript).
  • category: Rules categorized based on security concerns (e.g., InputValidation, Authentication).

Rule file structure

Tip

Read theast-grep > documentation to understand therule configuration and therule object properties.

Each rule file should have the following structure:

# Unique across the package, not just the languageid:rule-id# The language property that the rule is going to get matched againstlanguage:"language"# e.g., javaScript, go# A short description of the rulemessage:"Rule message"# A more detailed explanation of the rulenote:"Rule note"# Severity level of the rule (e.g., hint, warning)severity:"severity"# ast-grep rule property, check documentation for more informationrule:...

Tests Structure

Inside thetests directory, tests are organized by language:

  • language: Test cases specific to the corresponding language's rules.
  • rule-file: each test rule file should have by convention therule-file-name-test.yml format.

Note

Tests should follow theast-grep testing rules format. Please refer to theast-grepdocumentation

Contributing

This project relies on the community to contribute rules. Please open a pullrequest with your rules and tests. Please ensure that the rules are trulyessential and have a low false positive rate.

Community

Join the discussion on ourDiscord server.

About

Community-led collection of essential ast-grep rules.

Resources

License

Code of conduct

Stars

Watchers

Forks

Contributors5

[8]ページ先頭
©2009-2025 Movatter.jp