Describe the bug
running a scan with version 1.14.0 results in:
[ERROR] Rule parse error in rule clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe:
Invalid pattern for Clojure: Failure: Invalid defn form.
----- pattern -----
(defn ... ... ( ... ))
----- end pattern -----
To Reproduce
wget https://github.com/opengrep/opengrep/releases/download/v1.14.0/opengrep_manylinux_x86
chmod +x opengrep_manylinux_x86
mkdir target
touch target/test
./opengrep_manylinux_x86 scan target
┌──────────────┐
│ Opengrep CLI │
└──────────────┘
Scanning 1 file (only git-tracked) with:
✔ Semgrep OSS
✔ Basic security coverage for first-party code vulnerabilities.
✨ Learn more at https://opengrep.dev.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:00
[ERROR] Rule parse error in rule clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe:
Invalid pattern for Clojure: Failure: Invalid defn form.
----- pattern -----
(defn ... ... ( ... ))
----- end pattern -----
┌──────────────┐
│ Scan Summary │
└──────────────┘
Some files were skipped or only partially analyzed.
Partially scanned: 1 files only partially analyzed due to parsing or internal Opengrep errors
Ran 48 rules on 1 file: 0 findings.
⚡ Contribute to Opengrep at https://github.com/opengrep/opengrep.Expected behavior
the scan completes without errors - as it does with previous versions including 1.13.2.
Screenshots
n/a
What is the priority of the bug to you?
Environment
- localhost with manual download of official binary from github releases page
- same result on ci environment with an
install.sh installation
Use case
the error prevents our ci pipeline from completing successfully, i.e. the opengrep scan jobs always fail.
Describe the bug
running a scan with version 1.14.0 results in:
To Reproduce
wget https://github.com/opengrep/opengrep/releases/download/v1.14.0/opengrep_manylinux_x86 chmod +x opengrep_manylinux_x86 mkdir target touch target/test ./opengrep_manylinux_x86 scan target ┌──────────────┐ │ Opengrep CLI │ └──────────────┘ Scanning 1 file (only git-tracked) with: ✔ Semgrep OSS ✔ Basic security coverage for first-party code vulnerabilities. ✨ Learn more at https://opengrep.dev. ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:00 [ERROR] Rule parse error in rule clojure.lang.security.documentbuilderfactory-xxe.documentbuilderfactory-xxe: Invalid pattern for Clojure: Failure: Invalid defn form. ----- pattern ----- (defn ... ... ( ... )) ----- end pattern ----- ┌──────────────┐ │ Scan Summary │ └──────────────┘ Some files were skipped or only partially analyzed. Partially scanned: 1 files only partially analyzed due to parsing or internal Opengrep errors Ran 48 rules on 1 file: 0 findings. ⚡ Contribute to Opengrep at https://github.com/opengrep/opengrep.Expected behavior
the scan completes without errors - as it does with previous versions including 1.13.2.
Screenshots
n/a
What is the priority of the bug to you?
Environment
install.shinstallationUse case
the error prevents our ci pipeline from completing successfully, i.e. the opengrep scan jobs always fail.