From 4a9f9a2231e4595f61cef8f86cbbf8ac19fe530e Mon Sep 17 00:00:00 2001
From: Revanthathreya <143704329+Revanthathreya@users.noreply.github.com>
Date: Mon, 22 Jul 2024 11:18:58 +0530
Subject: [PATCH] SC-3121:Create customRule.yml

---
 .semgreprules/customRule.yml | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 .semgreprules/customRule.yml

diff --git a/.semgreprules/customRule.yml b/.semgreprules/customRule.yml
new file mode 100644
index 0000000..b275e28
--- /dev/null
+++ b/.semgreprules/customRule.yml
@@ -0,0 +1,30 @@
+rules:
+- id: check-sensitive-info
+  message: >-
+    Potential sensitive information found: $1
+  severity: ERROR
+  languages:
+    - yaml
+    - go
+    - javascript
+    - java
+    - python
+    - golang
+    - docker
+  patterns:
+  - pattern-regex: (?i)\b(api[_-]key|api[_-]token|api[_-]secret[_-]key|api[_-]password|token|secret[_-]key|password|auth[_-]key|auth[_-]token|AUTH_PASSWORD)\s*[:=]\s*(['"]?)((?!YOUR_EXCLUSION_PATTERN_HERE)[A-Z]+.*?)\2
+
+- id: check-logger-appconfig
+  message: >-
+    Potential Logging configuration found: $1
+  severity: ERROR
+  languages:
+    - yaml
+    - go
+    - javascript
+    - java
+    - python
+    - golang
+    - docker
+  patterns:
+  - pattern-regex: log\.Logger\(\).*(appConfig).*