Module: Rules

Defined in:

lib/rules/base.rb,
lib/rules/cache_poisoning.rb,
lib/rules/curl_pipe_shell.rb,
lib/rules/missing_timeouts.rb,
lib/rules/unpinned_actions.rb,
lib/rules/credential_window.rb,
lib/rules/git_config_global.rb,
lib/rules/hardcoded_secrets.rb,
lib/rules/unpinned_artifact.rb,
lib/rules/dangerous_triggers.rb,
lib/rules/shell_injection_jq.rb,
lib/rules/unscoped_app_token.rb,
lib/rules/missing_permissions.rb,
lib/rules/allow_forks_artifact.rb,
lib/rules/shell_injection_expr.rb,
lib/rules/excessive_permissions.rb,
lib/rules/missing_persist_creds.rb,
lib/rules/overly_broad_triggers.rb,
lib/rules/unpinned_docker_image.rb,
lib/rules/build_publish_same_job.rb,
lib/rules/missing_env_protection.rb,
lib/rules/static_aws_credentials.rb,
lib/rules/github_script_injection.rb,
lib/rules/missing_frozen_lockfile.rb,
lib/rules/self_hosted_runner_fork.rb,
lib/rules/docker_build_arg_secrets.rb,
lib/rules/workflow_dispatch_injection.rb

Defined Under Namespace

Classes: AllowForksArtifact, Base, BuildPublishSameJob, CachePoisoning, CredentialWindow, CurlPipeShell, DangerousTriggers, DockerBuildArgSecrets, ExcessivePermissions, GitConfigGlobal, GithubScriptInjection, HardcodedSecrets, MissingEnvProtection, MissingFrozenLockfile, MissingPermissions, MissingPersistCreds, MissingTimeouts, OverlyBroadTriggers, SelfHostedRunnerFork, ShellInjectionExpr, ShellInjectionJq, StaticAwsCredentials, UnpinnedActions, UnpinnedArtifact, UnpinnedDockerImage, UnscopedAppToken, WorkflowDispatchInjection