Merge pull request #422 from Privado-Inc/dev

Release PR

config/exclusions/go.yaml

@@ -2,4 +2,4 @@ exclusions:
   - id: Exclusions.Test
     name: Exclude test source code
     patterns:
-      - '.*_test\(s\)?.*'
+      - '.*_test(s)?.*'

rules/collections/annotations/java.yaml

@@ -29,8 +29,8 @@ collections:
       - "RemoteServiceRelativePath"
     tags:
 
-  - id: Collections.Annotation.Retrofit
-    name: Retrofit Interface Annotation
+  - id: Collections.Annotation.JAX-RS
+    name: JAX-RS Annotation
     patterns:
-      - "GET|POST"
+      - ".*(GET|PUT|POST|DELETE|HEAD|OPTIONS).*"
     tags:

rules/sinks/leakages/logs/go.yaml

@@ -64,7 +64,7 @@ sinks:
   - id: Leakages.Log.Console
     name: Log Console
     patterns:
-      - "(?i)(fmt)[.](F|S)?(Println|Print)(f?)"
+      - "(?i)(fmt)[.](F)?(Println|Print)(f?)"
     tags:
 
   - id: Leakages.Log.Trace

rules/sinks/storages/cookiemanager/javascript.yaml

@@ -9,7 +9,7 @@ sinks:
   - id: Storages.Web.Cookie.Write
     name: Web Storage Cookie(Write)
     patterns:
-      - "(?i)(.*cookie[^{}()]*set.*)|(.*:setcookie)"
+      - "(?i)(.*cookie[^{}()]*set(?!(ting)).*)|(.*:setcookie)"
     tags:
 
   - id: Storages.Web.Cookie.Delete

rules/sinks/storages/jdbi/java.yaml

@@ -0,0 +1,19 @@
+# Sink Rules for storage database JDBC Driver - https://www.oracle.com/in/database/technologies/appdev/jdbc.html
+
+sinks:
+
+  - id: Storages.JDBI.Jdbi.Write
+    name: Java Database Interface(Write)
+    domains:
+      - jdbi.org
+    patterns:
+      - "(?i)((org[.]jdbi[.]v3[.]core[.].*)[.](createUpdate|bind)).*"
+    tags:
+
+  - id: Storages.JDBI.Jdbi.Read
+    name: Java Database Interface(Read)
+    domains:
+      - jdbi.org
+    patterns:
+      - "(?i)((org[.]jdbi[.]v3[.]core[.].*)[.]createQuery).*"
+    tags:

rules/sinks/storages/kinesis/go.yaml

@@ -1,7 +1,7 @@
 sinks:
 
   - id: Storages.AmazonKinesis.Read
-    name: Amazon Kinesis(Read)
+    name: Amazon AWS Kinesis(Read)
     domains:
       - aws.amazon.com
       - amazon.com
@@ -10,7 +10,7 @@ sinks:
     tags:
 
   - id: Storages.AmazonKinesis.Write
-    name: Amazon Kinesis(Read)
+    name: Amazon AWS Kinesis(Read)
     domains:
       - aws.amazon.com
       - amazon.com

rules/sinks/storages/kinesis/java.yaml

@@ -4,7 +4,7 @@
 sinks:
 
   - id: Storages.AmazonKinesis.Read
-    name: Amazon Kinesis(Read)
+    name: Amazon AWS Kinesis(Read)
     domains:
       - aws.amazon.com
       - amazon.com
@@ -13,7 +13,7 @@ sinks:
     tags:
 
   - id: Storages.AmazonKinesis.Write
-    name: Amazon Kinesis(Write)
+    name: Amazon AWS Kinesis(Write)
     domains:
       - aws.amazon.com
       - amazon.com

rules/sinks/storages/kinesis/javascript.yaml

@@ -1,7 +1,7 @@
 sinks:
 
   - id: Storages.AmazonKinesis.ReadAndWrite
-    name: Amazon Kinesis
+    name: Amazon AWS Kinesis
     domains:
       - aws.amazon.com/kinesis
     patterns:

rules/sinks/storages/kinesis/python.yaml

@@ -4,7 +4,7 @@
 sinks:
 
   - id: Storages.AmazonKinesis.Read
-    name: Amazon Kinesis(Read)
+    name: Amazon AWS Kinesis(Read)
     domains:
       - aws.amazon.com
       - amazon.com
@@ -13,7 +13,7 @@ sinks:
     tags:
 
   - id: Storages.AmazonKinesis.Write
-    name: Amazon Kinesis(Write)
+    name: Amazon AWS Kinesis(Write)
     domains:
       - aws.amazon.com
       - amazon.com

rules/sinks/storages/mongodb/java.yaml

@@ -27,14 +27,17 @@ sinks:
       - mongodb.com
     patterns: 
       - "(?i)(.*[.]morphia[.]Datastore)[.]((find|get|getByKey|getByKeys|getCount|createAggregation|createQuery|queryByExample|exists).*[:].*)"
+      - "(?i)(.*[.]morphia[.]query[.].Query[.](asList|countAll|count|get).*)"
     tags:
 
   - id: Storages.MongoDB.Morphia.Write
     name: MongoDB(Write)
     domains:
       - mongodb.com
     patterns:
-      - "(?i)(.*[.]morphia[.]Datastore)[.]((save|update|updateFirst|createUpdateOperations|delete|findAnd(Delete|Modify)|merge).*[:].*)|(.*[.]morphia[.]query[.]FieldEnd.*)"
+      - "(?i)(.*[.]morphia[.]Datastore)[.]((save|update|updateFirst|createUpdateOperations|delete|findAnd(Delete|Modify)|merge).*[:].*)"
+      - "(?i)(.*[.]morphia[.]query[.](FieldEnd).*)"
+      - "(?i)(.*[.]morphia[.]query[.].Query[.](modify|execute|delete).*)"
     tags:
 
   - id: Storages.MongoDB.SpringRepository.Read

rules/sinks/storages/redis/java.yaml

@@ -42,3 +42,11 @@ sinks:
       - (?i)(redis.clients.jedis.CommandObjects.getset:)(.*)
       - (?i)(redis.clients.jedis.CommandObjects[.])(m|h|p)?(set)(one|user|range|nx|ex)?(:)(.*)
     tags:
+
+  - id: Storages.Redis.Lettuce
+    name: Redis
+    domains:
+      - redis.io
+    patterns:
+      - (?i)(io.lettuce.core.RedisClient.*[:])(.*)
+    tags:

rules/sinks/third_parties/sdk/activecampaign/javascript.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.ActiveCampaign
+    name: ActiveCampaign
+    domains:
+      - "activecampaign.com"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?vgo[(].*"

rules/sinks/third_parties/sdk/adroll/javascript.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Adroll
+    name: Adroll
+    domains:
+      - "adroll.com"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?(__adroll)([.](record_adroll_email|record_user))?[(].*"

rules/sinks/third_parties/sdk/amazon/javascript.yaml

@@ -227,7 +227,7 @@ sinks:
     tags:
 
   - id: ThirdParties.SDK.Amazon.Aws.Kinesis
-    name: Amazon Aws Kinesis
+    name: Amazon AWS Kinesis
     domains:
       - "aws.amazon.com/kinesis"
     patterns:
@@ -507,7 +507,7 @@ sinks:
     tags:
 
   - id: ThirdParties.SDK.Amazon.Aws.KinesisFirehose
-    name: Amazon Aws Kinesis Firehose
+    name: Amazon AWS Kinesis Firehose
     domains:
       - "aws.amazon.com/kinesis/data-firehose"
     patterns:

rules/sinks/third_parties/sdk/amazon/python.yaml

@@ -179,7 +179,7 @@ sinks:
     tags:
 
   - id: ThirdParties.SDK.Amazonaws.Kinesis
-    name: Amazonaws Kinesis
+    name: Amazon AWS Kinesis
     domains:
       - "aws.amazon.com/kinesis"
     patterns:
@@ -303,7 +303,7 @@ sinks:
     tags:
 
   - id: ThirdParties.SDK.Amazonaws.KinesisDataFirehose
-    name: Amazonaws Kinesis Data Firehose
+    name: Amazon AWS Kinesis Firehose
     domains:
       - "aws.amazon.com/kinesis/data-firehose"
     patterns:

rules/sinks/third_parties/sdk/amazonaws/java.yaml

@@ -21,7 +21,7 @@ sinks:
     tags:
 
   - id: ThirdParties.SDK.Amazonaws.Kinesis
-    name: Amazonaws Kinesis
+    name: Amazon AWS Kinesis
     domains:
       - "aws.amazon.com/kinesis"
     patterns:
@@ -301,7 +301,7 @@ sinks:
     tags:
 
   - id: ThirdParties.SDK.Amazonaws.KinesisDataFirehose
-    name: Amazonaws Kinesis Data Firehose
+    name: Amazon AWS Kinesis Firehose
     domains:
       - "aws.amazon.com/kinesis/data-firehose"
     patterns:

rules/sinks/third_parties/sdk/amplitude/javascript.yaml

@@ -11,3 +11,11 @@ sinks:
     patterns:
       - "@amplitude\\/(analytics-browser|analytics-node|core)|react-amplitude-hooks|amplitude|read-audio|react-native-amplitude-analytics|@analytics\\/amplitude|@itly\\/plugin-amplitude-node|vue-amplitude|@segment\\/analytics.js-integration-amplitude|gatsby-plugin-amplitude-analytics|@amplitude\\/react-amplitude|vue-amplitude-js|react-amplitude|gatsby-plugin-amplitude|@mntm\\/stats|@uptechworks\\/analytics-service-angular|@suttj\\/amplitude-js|@csod-oss\\/tracker-vendor-amplitude|node-amplitude|@rudderstack\\/rudder-integration-amplitude-react-native|@shawacademynpm\\/gatsby-plugin-amplitude-analytics|djipav|react-native-amplitude-sdk|@jtran\\/amplitude-js|@exiasr\\/gatsby-plugin-amplitude-analytics|amplitude-vue|@quintoandar\\/storybook-amplitude|@amplitude\\/analytics-connector"
     tags:
+
+  - id: ThirdParties.SDK.Pixel.Amplitude
+    name: Amplitude
+    domains:
+      - "amplitude.com"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?(amplitude)([.](init|record_user|Identify|setUserId|track|setGroup|setDeviceId|revenue))?[(].*"

rules/sinks/third_parties/sdk/appcues/javascript.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Appcues
+    name: Appcues
+    domains:
+      - "appcues.com"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?(Appcues)(\\.(identify|track|page))?[(].*"

rules/sinks/third_parties/sdk/axeptio/javascript.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Axeptio
+    name: Axeptio
+    domains:
+      - "axeptio.io"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?(__axcb|__axeptioSDK)([.](push|on))?[(].*"

rules/sinks/third_parties/sdk/braze/javascript.yaml

@@ -11,3 +11,12 @@ sinks:
     patterns:
       - "@braze\\/web-sdk-no-amd|@rudderstack\\/rudder-integration-braze-react-native|@segment\\/analytics.js-integration-appboy|@vivianhealth\\/braze-segment-debounce|@itly\\/plugin-braze-node|@braze\\/service-worker|react-native-appboy-sdk|appboy-web-sdk|@braze\\/web-sdk|@braze\\/web-sdk-core|brazejs"
     tags:
+
+  - id: ThirdParties.SDK.Pixel.Braze
+    name: Braze
+    domains:
+      - "braze.com"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?(braze)([.](changeUser|logCustomEvent|([getuser().](setGender|setEmail|setFirstName|setLastName|setPhoneNumber|setCustomUserAttribute|setCountry|setHomeCity))))?[(].*"
+

rules/sinks/third_parties/sdk/bugsnag/javascript.yaml

@@ -11,3 +11,12 @@ sinks:
     patterns:
       - "ah-bugsnag-plugin|contactsnag|graphql-middleware-bugsnag|cabin|@bugsnag\\/expo|epic-logger|vite-plugin-bugsnag|bunyan-bugsnag|bugsnag-roku|nest-bugsnag|@wizbii\\/nest-bugsnag|winston-bugsnag|@ssut\\/nest-bugsnag|bugsnag-browser-lite|@werkspot\\/decrypterror|nest-bugsnag-remade|paperplane-bugsnag|@articulate\\/paperplane-bugsnag|@keyrock\\/winston-bugsnag-transport|adonis-bugsnag|@bugsnag\\/js|@bugsnag\\/source-maps|@bugsnag\\/react-native|axe|sensitive-fields|@nkaurelien\\/nest-bugsnag|winston-3-bugsnag-transport"
     tags:
+
+  - id: ThirdParties.SDK.Pixel.Bugsnag
+    name: Bugsnag
+    domains:
+      - "bugsnag.com"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?(budsnag|bugsnagClient)([.](notify))?[(].*"
+

rules/sinks/third_parties/sdk/chartbeat/javascript.yaml

@@ -11,3 +11,12 @@ sinks:
     patterns:
       - "angulartics-chartbeat|react-native-chartbeat-cs"
     tags:
+
+  - id: ThirdParties.SDK.Pixel.Chartbeat
+    name: Chartbeat
+    domains:
+      - "chartbeat.com"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?(braze)([.](changeUser|logCustomEvent|([getuser().](setGender|setEmail|setFirstName|setLastName|setPhoneNumber|setCustomUserAttribute|setCountry|setHomeCity))))?[(].*"
+

rules/sinks/third_parties/sdk/clevertap/javascript.yaml

@@ -11,3 +11,11 @@ sinks:
     patterns:
       - "clevertap-react|react-native-clevertap-inbox|clevertap|clevertap-react-native|clevertap-cordova|leads-clevertap|@segment\\/analytics.js-integration-clevertap|flaviocopes-clevertap-cordova|clevertap-web-sdk|sda-clevertap|@ionic-native\\/clevertap"
     tags:
+
+  - id: ThirdParties.SDK.Pixel.Clevertap
+    name: Clevertap
+    domains:
+      - "clevertap.com"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?clevertap([.]event[.]push)?[(].*"

rules/sinks/third_parties/sdk/comscore/javascript.yaml

@@ -11,3 +11,13 @@ sinks:
     patterns:
       - "@segment\\/analytics.js-integration-comscore|react-native-comscore"
     tags:
+
+
+  - id: ThirdParties.SDK.Pixel.Comscore
+    name: Comscore
+    domains:
+      - "comscore.com"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?_comscore([.]push)?[(].*"
+    tags:

rules/sinks/third_parties/sdk/convertFlow/javascript.yaml

@@ -0,0 +1,14 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Pixel.ConvertFlow
+    name: ConvertFlow
+    domains:
+      - "convertflow.com"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?convertFlow([.]identify)?[(].*"
+    tags:

rules/sinks/third_parties/sdk/criteo/javascript.yaml

@@ -11,3 +11,12 @@ sinks:
     patterns:
       - "node-criteo-api|criteo-api"
     tags:
+
+  - id: ThirdParties.SDK.Pixel.Criteo
+    name: Criteo
+    domains:
+      - "criteo.com"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?criteo_q([.]push)?[(].*"
+    tags:

rules/sinks/third_parties/sdk/customerio/javascript.yaml

@@ -0,0 +1,14 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Pixel.CustomerIO
+    name: CustomerIO
+    domains:
+      - "customer.io"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?_cio([.](identify|track|page|))?[(].*"
+    tags:

rules/sinks/third_parties/sdk/drip/javascript.yaml

@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+sinks:
+
+  - id: ThirdParties.SDK.Pixel.Drip
+    name: Drip
+    domains:
+      - "drip.com"
+    filterProperty: "code"
+    patterns:
+      - "(?i)(.*[.])?_dcq([.]push)?[(].*"
+    tags: