Grayson H minusworld

## sgrep-cookie-test.yml
rules:
  - id: set-cookie-samesite-none-secure-false
    pattern: set_cookie(..., samesite=None, secure=False, ...)
    message: "Found set_cookie with samesite=None and secure=False. Chrome 80 will not send this cookie."
    languages: [python]
    severity: ERROR
  - id: set-cookie-samesite-none-secure-false-w-module
    pattern: $F.set_cookie(..., samesite=None, secure=False, ...)
    message: "Found set_cookie with samesite=None and secure=False. Chrome 80 will not send this cookie."
    languages: [python]

## wtf-python.yml
rules:
  - id: identical-is-comparison
    pattern: $S is $S
    message: "Found identical comparison using is"
    languages: [python]
    severity: ERROR
  - id: none-comparison-ok
    pattern: $S is None
    message: "is None is OK"
    languages: [python]

## wtf-python-return-finally.yml
rules:
  - id: return-inside-finally
    pattern: |
      try:
        $A
      except $B:
        $C
      finally:
        $X
        return $Y

## django-number-fields.yml
  rules:
  - id: django-number-fields
    patterns:
      - pattern-inside: |
          class $M(...):
            ...
      - pattern-either:
        - pattern: $F = django.db.models.DecimalField(...)
        - pattern: $F = django.db.models.FloatField(...)
    message: "Found a fractional number field. Variable name: $F"

## use-decimalfield-for-money.yml
rules:
  - id: use-decimalfield-for-money
    patterns:
      - pattern-inside: |
          class $M(...):
            ...
      - pattern: $F = django.db.models.FloatField(...)
      - pattern-where-python: "'price' in vars['$F'] or 'amount' in vars['$F'] or 'subtotal' in vars['$F'] or 'donation' in vars['$F'] or 'fee' in vars['$F'] or 'salaray' in vars['$F'] or 'precio' in vars['$F']"
    message: "Found a FloatField used for variable $F. Use DecimalField for currency fields to avoid float-rounding errors."
    languages: [python]

## django-validated-rules-20200304.yml
rules:
  - id: avoid-raw-sql
    patterns:
      - pattern-either:
        - pattern: $MODEL.objects.raw($QUERY, ...)
        - pattern: django.db.models.expressions.RawSQL(...)
    message: "You should be very careful whenever you write raw SQL. Consider using Django ORM before raw SQL. See https://docs.djangoproject.com/en/3.0/topics/db/sql/#passing-parameters-into-raw"
    languages: [python]
    severity: ERROR
  - id: no-null-string-field

## go-attribute-read-test.yml
rules:
  - id: handler-assignment-from-multiple-sources
    patterns:
      - pattern-inside: |
          func $HANDLER(..., $R *http.Request, ...) {
            ...
          }
      - pattern-not: |
          $VAR = true
          ...

## password-empty-string.yml
rules:
  - id: password-empty-string
    patterns:
      - pattern-either:
         - pattern: |
             $MODEL.set_password($EMPTY)
             ...
             $MODEL.save()
         - pattern: |
             $VAR = $EMPTY

## go-antipatterns.yaml
rules:
  - id: hidden-goroutine
    patterns:
      - pattern-not: |
          func $FUNC(...) {
            go func() {
              ...
            }(...)
            $MORE
          }

## django-sinks-blah.yaml
rules:
  - id: django-request-sink-attribute
    patterns:
      - pattern-inside: |
          def $F(...):
            ...
      - pattern-either:
          - pattern: |
              $V = request.$X
              ...
	rules:
	- id: identical-is-comparison
	pattern: $S is $S
	message: "Found identical comparison using is"
	languages: [python]
	severity: ERROR
	- id: none-comparison-ok
	pattern: $S is None
	message: "is None is OK"
	languages: [python]
	rules:
	- id: return-inside-finally
	pattern: \|
	try:
	$A
	except $B:
	$C
	finally:
	$X
	return $Y
	rules:
	- id: django-number-fields
	patterns:
	- pattern-inside: \|
	class $M(...):
	...
	- pattern-either:
	- pattern: $F = django.db.models.DecimalField(...)
	- pattern: $F = django.db.models.FloatField(...)
	message: "Found a fractional number field. Variable name: $F"
	rules:
	- id: use-decimalfield-for-money
	patterns:
	- pattern-inside: \|
	class $M(...):
	...
	- pattern: $F = django.db.models.FloatField(...)
	- pattern-where-python: "'price' in vars['$F'] or 'amount' in vars['$F'] or 'subtotal' in vars['$F'] or 'donation' in vars['$F'] or 'fee' in vars['$F'] or 'salaray' in vars['$F'] or 'precio' in vars['$F']"
	message: "Found a FloatField used for variable $F. Use DecimalField for currency fields to avoid float-rounding errors."
	languages: [python]
	rules:
	- id: avoid-raw-sql
	patterns:
	- pattern-either:
	- pattern: $MODEL.objects.raw($QUERY, ...)
	- pattern: django.db.models.expressions.RawSQL(...)
	message: "You should be very careful whenever you write raw SQL. Consider using Django ORM before raw SQL. See https://docs.djangoproject.com/en/3.0/topics/db/sql/#passing-parameters-into-raw"
	languages: [python]
	severity: ERROR
	- id: no-null-string-field
	rules:
	- id: handler-assignment-from-multiple-sources
	patterns:
	- pattern-inside: \|
	func $HANDLER(..., $R *http.Request, ...) {
	...
	}
	- pattern-not: \|
	$VAR = true
	...
	rules:
	- id: password-empty-string
	patterns:
	- pattern-either:
	- pattern: \|
	$MODEL.set_password($EMPTY)
	...
	$MODEL.save()
	- pattern: \|
	$VAR = $EMPTY
	rules:
	- id: hidden-goroutine
	patterns:
	- pattern-not: \|
	func $FUNC(...) {
	go func() {
	...
	}(...)
	$MORE
	}
	rules:
	- id: django-request-sink-attribute
	patterns:
	- pattern-inside: \|
	def $F(...):
	...
	- pattern-either:
	- pattern: \|
	$V = request.$X
	...