[gosrc2cpg] - Added third party rules (#335)

* Added go third party rules * Added more GO third parties * Added more rules * added more rules * go rule fix * go third party rule fix * go third party backslash fix * go third parties rule fix
Privado-Inc · Nov 1, 2023 · ed48f2b · ed48f2b
1 parent 03f880a
commit ed48f2b
Show file tree

Hide file tree

Showing 78 changed files with 1,055 additions and 0 deletions.
diff --git a/rules/sinks/leakages/logs/go.yaml b/rules/sinks/leakages/logs/go.yaml
@@ -6,6 +6,7 @@ sinks:
       - "(?i)(github.com/rs/zerolog/log).*[.](Error).*(Msg)"
       - "(?i)(github.com/sirupsen/logrus).*[.](error)(f?)"
       - "(?i)(go.uber.org/zap).*[.](error)(f|ln|w)?"
+      - "(?i)(github.com/go-logr/zapr).*[.](error)(f|ln|w)?"
       - "(?i)(github.com/golang/glog).*[.](error)(depth|depthf|f|ln)?"
       - "(?i)(gopkg.in/inconshreveable/log15).*[.](error)"
     tags:
@@ -16,6 +17,7 @@ sinks:
       - "(?i)(github.com/rs/zerolog/log).*[.](Warn).*(Msg)"
       - "(?i)(github.com/sirupsen/logrus).*[.](warn)(f?)"
       - "(?i)(go.uber.org/zap).*[.](warn)(f|ln|w)?"
+      - "(?i)(github.com/go-logr/zapr).*[.](warn)(f|ln|w)?"
       - "(?i)(github.com/golang/glog).*[.](warn)(depth|depthf|f|ln)?"
       - "(?i)(gopkg.in/inconshreveable/log15).*[.](warn)"
     tags:
@@ -26,6 +28,7 @@ sinks:
       - "(?i)(github.com/rs/zerolog/log).*[.](Debug).*(Msg)"
       - "(?i)(github.com/sirupsen/logrus).*[.](debug)(f?)"
       - "(?i)(go.uber.org/zap).*[.](debug)(f|ln|w)?"
+      - "(?i)(github.com/go-logr/zapr).*[.](debug)(f|ln|w)?"
       - "(?i)(github.com/golang/glog).*[.](debug)(depth|depthf|f|ln)?"
       - "(?i)(gopkg.in/inconshreveable/log15).*[.](debug)"
     tags:
@@ -36,6 +39,7 @@ sinks:
       - "(?i)(github.com/rs/zerolog/log).*[.](Info).*(Msg)"
       - "(?i)(github.com/sirupsen/logrus).*[.](info)(f?)"
       - "(?i)(go.uber.org/zap).*[.](info)(f|ln|w)?"
+      - "(?i)(github.com/go-logr/zapr).*[.](info)(f|ln|w)?"
       - "(?i)(github.com/golang/glog).*[.](info)(depth|depthf|f|ln)?"
       - "(?i)(gopkg.in/inconshreveable/log15).*[.](info)"
     tags:
@@ -45,6 +49,7 @@ sinks:
     patterns:
       - "(?i)(github.com/sirupsen/logrus).*[.](fatal)(f?)"
       - "(?i)(go.uber.org/zap).*[.](fatal)(f|ln|w)?"
+      - "(?i)(github.com/go-logr/zapr).*[.](fatal)(f|ln|w)?"
       - "(?i)(github.com/golang/glog).*[.](fatal)(depth|depthf|f|ln)?"
     tags:
 
@@ -53,6 +58,7 @@ sinks:
     patterns:
       - "(?i)(github.com/sirupsen/logrus).*[.](panic)(f?)"
       - "(?i)(go.uber.org/zap).*[.](panic)(f|ln|w)?"
+      - "(?i)(github.com/go-logr/zapr).*[.](panic)(f|ln|w)?"
     tags:
 
   - id: Leakages.Log.Console

diff --git a/rules/sinks/third_parties/sdk/adyen/go.yaml b/rules/sinks/third_parties/sdk/adyen/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Adyen
+    name: Adyen
+    domains:
+      - "adyen.com"
+    patterns:
+      - "(?i)(github.com)(/)(adyen)(/)(adyen-go-api-library).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/africastalking/go.yaml b/rules/sinks/third_parties/sdk/africastalking/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Africastalking
+    name: Africastalking
+    domains:
+      - "africastalking.com"
+    patterns:
+      - "(?i)(github.com)(/)(kingzbauer)(/)(africastalking-go).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/aftership/go.yaml b/rules/sinks/third_parties/sdk/aftership/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Aftership
+    name: Aftership
+    domains:
+      - "aftership.com"
+    patterns:
+      - "(?i)(github.com)(/)(jackharley7|aftership)(/)(aftership-sdk-go).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/alibabacloud/go.yaml b/rules/sinks/third_parties/sdk/alibabacloud/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Alibabacloud
+    name: Alibabacloud
+    domains:
+      - "alibabacloud.com"
+    patterns:
+      - "(?i)(github.com)(/)(hashicorp|aliyun|nacos-group|alibabacloud-go|cxr29|aliyunmq|tencentyun|huaweicloud|RandolphCYG|likexian)(/)(vault-plugin-auth-alicloud|vault-plugin-secrets-alicloud|alibaba-cloud-sdk-go\\/sdk\\/requests|nacos-sdk-go\\/clients|tea-oss-sdk\\/client|aliyun-oss-go-sdk|aliyun-log-go-sdk|aliyun-openapi-go-sdk|aliyun-datahub-sdk-go\\/datahub|fc-go-sdk|aliyun-mns-go-sdk|mq-http-go-sdk|vod-go-sdk|huaweicloud-sdk-go|hwc-sdk\\/services|tencentcloud-sdk-go).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/amazon/go.yaml b/rules/sinks/third_parties/sdk/amazon/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Amazon.Aws
+    name: Amazon Aws
+    domains:
+      - "aws.amazon.com"
+    patterns:
+      - "(?i)(github.com|go.temporal.io|gitlab.bingosoft.net)(/)(aws|aws-sdk|hashicorp|minio|qor|conku|qorpress|touyu|kisrobot|m-hosoi|aavshr|unicloud-uos|pendo-io|journeymidnight|SaiVishwas|shashank-sachan|jviney|pulumi|skmcgrail|jftuga|IBM|orozery|getlantern|alice02|golang|opentracing-contrib|dtannen|gametimesf|phacops|mattaitchison|peterdeka|euank|uber|rhnvrm)(/)(aws-sdk-go|aws-lambda-go|minio-go|aws-cdk-go|smithy-go|amazon-pay-sdk-go|uos-sdk-go|pulumi-aws|sns_publish|ibm-cos-sdk-go|nifcloud-sdk-go|amazon-ecs-agent|go-firehose|go-kinesis|athenadriver|simples3).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/amplitude/go.yaml b/rules/sinks/third_parties/sdk/amplitude/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Amplitude
+    name: Amplitude
+    domains:
+      - "amplitude.com"
+    patterns:
+      - "(?i)(github.com)(/)(renatoaf|gotokatsuya)(/)(amplitude-go|amplitude-sdk-go).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/atlassian/go.yaml b/rules/sinks/third_parties/sdk/atlassian/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Atlassian
+    name: Atlassian
+    domains:
+      - "atlassian.com"
+    patterns:
+      - "(?i)(github.com/andygrunwald/go-jira).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/auth0/go.yaml b/rules/sinks/third_parties/sdk/auth0/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Auth0
+    name: Auth0
+    domains:
+      - "auth0.com"
+    patterns:
+      - "(?i)(github.com)(/)(auth0-community|pulumi|auth0-lab)(/)(go-auth0|pulumi-auth0/sdk/v2/go/auth0|fga-go-sdk).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/bing/go.yaml b/rules/sinks/third_parties/sdk/bing/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Bing
+    name: Bing
+    domains:
+      - "bing.com"
+    patterns:
+      - "(?i)(github.com)(/)(kritzware|chigley|godofdream)(/)(bing-ads-go-sdk).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/braintreepayments/go.yaml b/rules/sinks/third_parties/sdk/braintreepayments/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Braintreepayments
+    name: Braintreepayments
+    domains:
+      - "braintreepayments.com"
+    patterns:
+      - "(?i)(github.com)(/)(BoltApp)(/)(braintree-go).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/callr/go.yaml b/rules/sinks/third_parties/sdk/callr/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Callr
+    name: Callr
+    domains:
+      - "callr.com"
+    patterns:
+      - "(?i)(github.com)(/)(THECALLR)(/)(sdk-go).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/checkout/go.yaml b/rules/sinks/third_parties/sdk/checkout/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Checkout
+    name: Checkout
+    domains:
+      - "checkout.com"
+    patterns:
+      - "(?i)(github.com)(/)(checkout)(/)(checkout-sdk-go/payments).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/cloudevents/go.yaml b/rules/sinks/third_parties/sdk/cloudevents/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Cloudevents
+    name: Cloudevents
+    domains:
+      - "cloudevents.io"
+    patterns:
+      - "(?i)(github.com)(/)(cloudevents)(/)(sdk-go).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/consul/go.yaml b/rules/sinks/third_parties/sdk/consul/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Consul
+    name: Consul
+    domains:
+      - "consul.io"
+    patterns:
+      - "(?i)(github.com|gopkg.in)(/)(launchdarkly|yingyingtang-brex|hashicorp)(/)(go-server-sdk.v4|go-server-sdk-consul|go-server-sdk/ldconsul|go-client/ldconsul|go-client/ldconsul|packer-plugin-sdk/template|waypoint-plugin-sdk).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/datadog/go.yaml b/rules/sinks/third_parties/sdk/datadog/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Datadog
+    name: Datadog
+    domains:
+      - "datadoghq.com"
+    patterns:
+      - "(?i)(github.com)(/)(DataDog)(/)(datadog-go).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/datadoghq/go.yaml b/rules/sinks/third_parties/sdk/datadoghq/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Datadoghq
+    name: Datadoghq
+    domains:
+      - "datadoghq.com"
+    patterns:
+      - "(?i)(github.com)(/)(DataDog)(/)(opencensus-go-exporter-datadog).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/deepmap/go.yaml b/rules/sinks/third_parties/sdk/deepmap/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Deepmap
+    name: Deepmap
+    domains:
+      - "deepmap.com"
+    patterns:
+      - "(?i)(github.com)(/)(deepmap)(/)(oapi-codegen).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/delinea/go.yaml b/rules/sinks/third_parties/sdk/delinea/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Delinea
+    name: Delinea
+    domains:
+      - "delinea.com/centrify"
+    patterns:
+      - "(?i)(github.com)(/)(centrify)(/)(cloud-golang-sdk).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/dropbox/go.yaml b/rules/sinks/third_parties/sdk/dropbox/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Dropbox
+    name: Dropbox
+    domains:
+      - "dropbox.com"
+    patterns:
+      - "(?i)(github.com)(/)(dropbox|toanqng|henrikcozza|skynet-core|neevaco|herval|ncw|milanaleksic|gwatts|hushed|ga-con|intello-io)(/)(dropbox-sdk-go-unofficial|dropbox-go-sdk).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/ebay/go.yaml b/rules/sinks/third_parties/sdk/ebay/go.yaml
@@ -0,0 +1,12 @@
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Ebay
+    name: Ebay
+    domains:
+      - "ebay.com"
+    patterns:
+      - "(?i)(github.com)(/)(feelinc)(/)(go_ebay_sdk).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/elastic/go.yaml b/rules/sinks/third_parties/sdk/elastic/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Elastic
+    name: Elastic
+    domains:
+      - "elastic.co"
+    patterns:
+      - "(?i)(go.elastic.co|gopkg.in)(/)(apm|olivere/elastic|go-elasticsearch).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/emersion/go.yaml b/rules/sinks/third_parties/sdk/emersion/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Emersion
+    name: Emersion
+    domains:
+      - "emersion.io"
+    patterns:
+      - "(?i)(github.com/emersion/)(go-sasl|smtp).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/evernote/go.yaml b/rules/sinks/third_parties/sdk/evernote/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Evernote
+    name: Evernote
+    domains:
+      - "evernote.com"
+    patterns:
+      - "(?i)(github.com)(/)(TcM1911|dreampuf|quekshuy|aliabdullahcp|double1996|shinofara|tcm1911)(/)(evernote-sdk-golang|evernote-golang-sdk).*"
+    tags:
diff --git a/rules/sinks/third_parties/sdk/expo/go.yaml b/rules/sinks/third_parties/sdk/expo/go.yaml
@@ -0,0 +1,13 @@
+
+#  Sink rule for ThirdParty SDK
+#  The id follows a format : "ThirdParties.SDK.<THIRD_PARTY_ORGANISATION>.<SUB_ORGANISATION_IF_APPLICABLE>"
+
+sinks:
+
+  - id: ThirdParties.SDK.Expo.Docs
+    name: Expo Docs
+    domains:
+      - "docs.expo.dev"
+    patterns:
+      - "(?i)(github.com)(/)(adierkens|Terminux)(/)(expo-server-sdk-go|exponent-server-sdk-go).*"
+    tags: