Skip to content

Unexpected error "Rule parse error dart-dynamic-system-commands" #25

Open
@ericcornelissen

Description

@ericcornelissen

I'm running this ruleset in CI as:

git clone https://github.com/apiiro/malicious-code-ruleset.git ../malicious-code-ruleset
semgrep --config ../malicious-code-ruleset

which worked fine until today when I started getting the following error (note that this project has no Dart source code):


METRICS: Using configs from the Registry (like --config=p/ci) reports pseudonymous rule metrics to semgrep.dev.
To disable Registry rule metrics, use "--metrics=off".
When using configs only from local files (like --config=xyz.yml) metrics are sent only when the user is logged in.

More information: https://semgrep.dev/docs/metrics

               
               
┌─────────────┐
│ Scan Status │
└─────────────┘
  Scanning 94 files tracked by git with 101 Code rules:
                                                                                                                        
  Language   Rules   Files          Origin   Rules                                                                      
 ──────────────────────────        ────────────────                                                                     
  js            14      32          Custom     101                                                                      
  ts            14       3                                                                                              
  bash           6       3                                                                                              
                                                                                                                        
Error: [ERROR] Rule parse error in rule malicious-code-ruleset.dynamic_execution.dart.dart-dynamic-system-commands:
 Invalid pattern for Dart: Stdlib.Parsing.Parse_error
----- pattern -----
$P = Process;
...
$P.$RUN('dart', ['-e', ...]);

----- end pattern -----

                
                
┌──────────────┐
│ Scan Summary │
└──────────────┘
✅ Scan completed successfully.
 • Findings: 0 (0 blocking)
 • Rules run: 17
 • Targets scanned: 38
 • Parsed lines: ~100.0%
 • Scan skipped: 
   ◦ Files matching .semgrepignore patterns: 184
 • Scan was limited to files tracked by git
 • For a detailed list of skipped files and lines, run semgrep with the --verbose flag
Ran 17 rules on 38 files: 0 findings.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions