Add security rules for detecting hard-coded secrets in Swift applications #83

ESS-ENN · 2024-12-05T12:51:01Z

Summary by CodeRabbit

Release Notes

New Features
- Introduced security rules for detecting hard-coded secrets in Swift applications for Blowfish, ChaCha20, and HKDF encryption algorithms, categorized with a warning severity.
- Each rule provides guidance on avoiding hard-coded credentials and encourages the use of secure practices.
Tests
- Added comprehensive test cases for Blowfish, ChaCha20, and HKDF implementations, including valid and invalid scenarios to ensure robust error handling and functionality.

coderabbitai · 2024-12-05T12:51:09Z

Walkthrough

This pull request introduces three new security rules for Swift applications, each targeting the detection of hard-coded secrets associated with different encryption algorithms: Blowfish, ChaCha20, and HKDF. Each rule is classified with a severity level of "warning" and includes pattern matching expressions to identify potential violations in the source code. Additionally, corresponding test cases and snapshot files are created to validate the functionality of these rules and ensure comprehensive coverage of various scenarios involving hard-coded secrets.

Changes

File Path	Change Summary
rules/swift/security/blowfish-hardcoded-secret-swift.yml	- New rule added: `id: blowfish-hardcoded-secret-swift`
	- Severity set: `severity: warning`
	- Language specified: `language: swift`
	- Message added: `message: A secret is hard-coded in the application...`
	- Note added: `note: [CWE-798] Use of Hard-coded Credentials.`
	- Rule structure defined under `rule:`
rules/swift/security/chacha20-hardcoded-secret-swift.yml	- New rule added: `id: chacha20-hardcoded-secret-swift`
	- Severity set: `severity: warning`
	- Language specified: `language: swift`
	- Message added: `message: A secret is hard-coded in the application...`
	- Note added: `note: [CWE-798] Use of Hard-coded Credentials...`
	- Utility patterns defined for various matching scenarios related to ChaCha20 usage.
rules/swift/security/hkdf-hardcoded-secret-swift.yml	- New rule added: `id: hkdf-hardcoded-secret-swift`
	- Severity set: `severity: warning`
	- Language specified: `language: swift`
	- Message added: `message: A secret is hard-coded in the application...`
	- Note added: `note: [CWE-798] Use of Hard-coded Credentials...`
	- Utility patterns defined for matching HKDF expressions and try expressions.
tests/snapshots/blowfish-hardcoded-secret-swift-snapshot.yml	- New snapshot added: `blowfish-hardcoded-secret-swift`
tests/snapshots/chacha20-hardcoded-secret-swift-snapshot.yml	- New snapshot added: `chacha20-hardcoded-secret-swift`
tests/snapshots/hkdf-hardcoded-secret-swift-snapshot.yml	- New snapshot added: `hkdf-hardcoded-secret-swift`
tests/swift/blowfish-hardcoded-secret-swift-test.yml	- New test case added: `id: blowfish-hardcoded-secret-swift`
	- Valid test case defined: `valid: [...]`
	- Invalid test cases defined: `invalid: [...]`
tests/swift/chacha20-hardcoded-secret-swift-test.yml	- New test case added: `id: chacha20-hardcoded-secret-swift`
	- Valid test case added: `try ChaCha20(key: password, iv: "123")`
	- Invalid test cases added: Various incorrect usages of the ChaCha20 constructor.
tests/swift/hkdf-hardcoded-secret-swift-test.yml	- New test case added: `id: hkdf-hardcoded-secret-swift`

Possibly related PRs

New Rules #2 #9: Introduces a rule for detecting hard-coded secrets in Swift applications for the Blowfish algorithm, related to rules for JavaScript and TypeScript.
Rules - Express-jwt-hardcoded-secret in Js/Ts #11: Similar to New Rules #2 #9, this PR introduces rules for detecting hard-coded secrets in JavaScript and TypeScript applications using the express-jwt library.
Rules - One go and one java rule - 11Oct2024 #18: Includes a rule for identifying insufficient key sizes for the Blowfish algorithm in Java, related to the Blowfish focus of this PR.
Add security rules for Java and Swift applications for cookie and secret management #43: Introduces a rule for identifying hard-coded secrets in Java applications, specifically targeting the AES encryption algorithm.

Suggested reviewers

petrisorcoderabbit
rohit121

Poem

In the land of code where secrets hide,
A rabbit hops with rules as guide.
Blowfish, ChaCha, and HKDF,
Guard your keys, keep them deft.
No more hard-coded fears,
Just safe vaults for our dear peers! 🐇✨

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- I pushed a fix in commit <commit_id>, please review it.
- Generate unit testing code for this file.
- Open a follow-up GitHub issue for this discussion.
Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
- @coderabbitai generate unit testing code for this file.
- @coderabbitai modularize this function.
PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
- @coderabbitai read src/utils.ts and generate unit testing code.
- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
- @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

@coderabbitai pause to pause the reviews on a PR.
@coderabbitai resume to resume the paused reviews.
@coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
@coderabbitai full review to do a full review from scratch and review all the files again.
@coderabbitai summary to regenerate the summary of the PR.
@coderabbitai resolve resolve all the CodeRabbit review comments.
@coderabbitai configuration to show the current CodeRabbit configuration for the repository.
@coderabbitai help to get help.

Other keywords and placeholders

Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (`.coderabbit.yaml`)

You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
Please see the configuration documentation for more information.
If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

Visit our Documentation for detailed information on how to use CodeRabbit.
Join our Discord Community to get help, request features, and share feedback.
Follow us on X/Twitter for updates and announcements.

coderabbitai

Actionable comments posted: 5

🧹 Outside diff range and nitpick comments (12)

tests/swift/chacha20-hardcoded-secret-swift-test.yml (2)
1-21: Consider adding edge cases to improve test coverage.

While the current test cases cover common scenarios, consider adding these edge cases:

Empty password/IV

Null values

Very long passwords

Special characters in passwords

🧰 Tools

🪛 yamllint (1.35.1)

[error] 17-17: trailing spaces

(trailing-spaces)

17-17: Fix trailing whitespace.

Remove the trailing whitespace at the end of line 17.
-     try ChaCha20(key: Array("12345".utf8), iv: "initialization") 
+     try ChaCha20(key: Array("12345".utf8), iv: "initialization")
🧰 Tools

🪛 yamllint (1.35.1)

[error] 17-17: trailing spaces

(trailing-spaces)
tests/swift/blowfish-hardcoded-secret-swift-test.yml (2)
10-10: Fix inconsistent indentation.

The indentation is inconsistent with other test cases.
-      try Blowfish(key: "hello", iv: "123")
+     try Blowfish(key: "hello", iv: "123")
17-17: Fix YAML formatting issues.

Remove trailing whitespace on line 17

Add newline at end of file
-     try Blowfish(key: Array("12345".utf8), iv: "initialization") 
+     try Blowfish(key: Array("12345".utf8), iv: "initialization")
Also applies to: 21-21

🧰 Tools

🪛 yamllint (1.35.1)

[error] 17-17: trailing spaces

(trailing-spaces)
tests/swift/hkdf-hardcoded-secret-swift-test.yml (2)
4-4: Consider adding parameter validation tests.

The HKDF function accepts several numeric parameters (N, r, p) that should be validated. Consider adding test cases for:

Invalid/out-of-range values for N, r, p

Edge cases (minimum/maximum allowed values)

Invalid combinations of parameters

18-18: Fix trailing whitespace.

Remove the trailing whitespace at the end of line 18.
-  - | 
+  - |
🧰 Tools

🪛 yamllint (1.35.1)

[error] 18-18: trailing spaces

(trailing-spaces)
tests/__snapshots__/blowfish-hardcoded-secret-swift-snapshot.yml (1)
1-38: Add test case for minimum key length requirement.

The Blowfish algorithm requires a minimum key length of 32 bits (4 bytes). Consider adding a test case that demonstrates detection of hardcoded secrets that don't meet this requirement.

Add a test case like:
+  ? |
+    Blowfish(key: "abc", iv: "123")  // 3-byte key
+  : labels:
+    - source: 'Blowfish(key: "abc", iv: "123")'
+      style: primary
+      start: 0
+      end: 31
tests/__snapshots__/chacha20-hardcoded-secret-swift-snapshot.yml (1)
1-38: Add test case for ChaCha20's key length requirement.

ChaCha20 requires a 32-byte key. Consider adding a test case that demonstrates detection of hardcoded secrets that don't meet this requirement.

Add a test case like:
+  ? |
+    ChaCha20(key: "shortkey", iv: "123")  // Less than 32 bytes
+  : labels:
+    - source: 'ChaCha20(key: "shortkey", iv: "123")'
+      style: primary
+      start: 0
+      end: 37
tests/__snapshots__/hkdf-hardcoded-secret-swift-snapshot.yml (2)
1-38: Add test cases for invalid HKDF parameters.

HKDF has specific requirements for its parameters. Consider adding test cases that demonstrate detection of hardcoded secrets with invalid parameters:

dkLen should be > 0

N should be a power of 2

r and p should be > 0

Add test cases like:
+  ? |
+    HKDF(password: "123", salt: salt, dkLen: 0, N: 16384, r: 8, p: 1)
+  : labels:
+    - source: 'HKDF(password: "123", salt: salt, dkLen: 0, N: 16384, r: 8, p: 1)'
+      style: primary
+      start: 0
+      end: 64
+
+  ? |
+    HKDF(password: "123", salt: salt, dkLen: 64, N: 1000, r: 8, p: 1)
+  : labels:
+    - source: 'HKDF(password: "123", salt: salt, dkLen: 64, N: 1000, r: 8, p: 1)'
+      style: primary
+      start: 0
+      end: 66
106-108: Consider adding test case for salt validation.

The test cases use an undefined salt variable. Consider adding test cases that demonstrate detection of hardcoded salts as well.

Add a test case like:
+  ? |
+    let hardcodedSalt = Array("static_salt".utf8)
+    HKDF(password: password, salt: hardcodedSalt, dkLen: 64, N: 16384, r: 8, p: 1)
+  : labels:
+    - source: 'HKDF(password: password, salt: hardcodedSalt, dkLen: 64, N: 16384, r: 8, p: 1)'
+      style: primary
+      start: 37
+      end: 116
Also applies to: 158-160
rules/swift/security/chacha20-hardcoded-secret-swift.yml (2)

1-13: Enhance documentation with additional security references.

The rule's documentation is good but could be strengthened with:

Link to NIST guidelines for ChaCha20

Reference to secure key management best practices

Examples of secure alternatives (e.g., Azure Key Vault, AWS KMS)

283-295: Improve rule organization for better maintainability.

Consider grouping related patterns and adding comments to explain the purpose of each pattern group. This will make the rules easier to maintain and extend.

🧰 Tools

🪛 yamllint (1.35.1)

[warning] 288-288: too many spaces after colon

(colons)

[error] 290-290: trailing spaces

(trailing-spaces)

[warning] 293-293: wrong indentation: expected 14 but found 12

(indentation)

[error] 295-295: no new line character at the end of file

(new-line-at-end-of-file)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 2f95a8e and 87c8d48.

📒 Files selected for processing (9)

rules/swift/security/blowfish-hardcoded-secret-swift.yml (1 hunks)
rules/swift/security/chacha20-hardcoded-secret-swift.yml (1 hunks)
rules/swift/security/hkdf-hardcoded-secret-swift.yml (1 hunks)
tests/__snapshots__/blowfish-hardcoded-secret-swift-snapshot.yml (1 hunks)
tests/__snapshots__/chacha20-hardcoded-secret-swift-snapshot.yml (1 hunks)
tests/__snapshots__/hkdf-hardcoded-secret-swift-snapshot.yml (1 hunks)
tests/swift/blowfish-hardcoded-secret-swift-test.yml (1 hunks)
tests/swift/chacha20-hardcoded-secret-swift-test.yml (1 hunks)
tests/swift/hkdf-hardcoded-secret-swift-test.yml (1 hunks)

🧰 Additional context used

🪛 yamllint (1.35.1)

tests/swift/hkdf-hardcoded-secret-swift-test.yml

[error] 18-18: trailing spaces

(trailing-spaces)

tests/swift/blowfish-hardcoded-secret-swift-test.yml

[error] 17-17: trailing spaces

(trailing-spaces)

[error] 21-21: no new line character at the end of file

(new-line-at-end-of-file)

tests/swift/chacha20-hardcoded-secret-swift-test.yml

[error] 17-17: trailing spaces

(trailing-spaces)

rules/swift/security/chacha20-hardcoded-secret-swift.yml

[warning] 47-47: wrong indentation: expected 8 but found 5

(indentation)

[warning] 49-49: wrong indentation: expected 9 but found 16

(indentation)

[warning] 79-79: wrong indentation: expected 8 but found 6

(indentation)

[warning] 81-81: wrong indentation: expected 10 but found 16

(indentation)

[warning] 125-125: wrong indentation: expected 8 but found 5

(indentation)

[warning] 127-127: wrong indentation: expected 9 but found 6

(indentation)

[warning] 128-128: wrong indentation: expected 12 but found 9

(indentation)

[warning] 131-131: wrong indentation: expected 13 but found 16

(indentation)

[warning] 155-155: wrong indentation: expected 12 but found 22

(indentation)

[error] 168-168: trailing spaces

(trailing-spaces)

[error] 169-169: trailing spaces

(trailing-spaces)

[warning] 171-171: wrong indentation: expected 8 but found 6

(indentation)

[warning] 176-176: wrong indentation: expected 14 but found 12

(indentation)

[warning] 177-177: wrong indentation: expected 18 but found 20

(indentation)

[warning] 181-181: wrong indentation: expected 18 but found 20

(indentation)

[warning] 184-184: wrong indentation: expected 24 but found 26

(indentation)

[warning] 187-187: wrong indentation: expected 30 but found 32

(indentation)

[warning] 188-188: wrong indentation: expected 38 but found 40

(indentation)

[warning] 192-192: wrong indentation: expected 38 but found 40

(indentation)

[warning] 195-195: wrong indentation: expected 44 but found 46

(indentation)

[warning] 196-196: wrong indentation: expected 52 but found 54

(indentation)

[warning] 200-200: wrong indentation: expected 52 but found 54

(indentation)

[warning] 203-203: wrong indentation: expected 58 but found 60

(indentation)

[warning] 206-206: wrong indentation: expected 64 but found 62

(indentation)

[warning] 209-209: wrong indentation: expected 66 but found 64

(indentation)

[warning] 210-210: wrong indentation: expected 70 but found 72

(indentation)

[warning] 213-213: wrong indentation: expected 76 but found 78

(indentation)

[warning] 216-216: wrong indentation: expected 70 but found 72

(indentation)

[warning] 219-219: wrong indentation: expected 76 but found 78

(indentation)

[warning] 224-224: wrong indentation: expected 8 but found 6

(indentation)

[warning] 226-226: wrong indentation: expected 10 but found 7

(indentation)

[warning] 227-227: wrong indentation: expected 13 but found 20

(indentation)

[warning] 228-228: wrong indentation: expected 24 but found 26

(indentation)

[warning] 231-231: wrong indentation: expected 13 but found 15

(indentation)

[warning] 235-235: wrong indentation: expected 13 but found 15

(indentation)

[warning] 238-238: wrong indentation: expected 19 but found 21

(indentation)

[warning] 241-241: wrong indentation: expected 25 but found 27

(indentation)

[warning] 244-244: wrong indentation: expected 31 but found 33

(indentation)

[warning] 245-245: wrong indentation: expected 39 but found 41

(indentation)

[warning] 249-249: wrong indentation: expected 39 but found 41

(indentation)

[warning] 252-252: wrong indentation: expected 45 but found 47

(indentation)

[warning] 253-253: wrong indentation: expected 53 but found 55

(indentation)

[warning] 257-257: wrong indentation: expected 53 but found 55

(indentation)

[warning] 260-260: wrong indentation: expected 59 but found 61

(indentation)

[warning] 263-263: wrong indentation: expected 65 but found 67

(indentation)

[warning] 266-266: wrong indentation: expected 71 but found 68

(indentation)

[warning] 269-269: wrong indentation: expected 72 but found 73

(indentation)

[warning] 270-270: wrong indentation: expected 79 but found 81

(indentation)

[warning] 273-273: wrong indentation: expected 85 but found 87

(indentation)

[warning] 276-276: wrong indentation: expected 79 but found 81

(indentation)

[warning] 279-279: wrong indentation: expected 85 but found 87

(indentation)

[warning] 288-288: too many spaces after colon

(colons)

[error] 290-290: trailing spaces

(trailing-spaces)

[warning] 293-293: wrong indentation: expected 14 but found 12

(indentation)

[error] 295-295: no new line character at the end of file

(new-line-at-end-of-file)

rules/swift/security/hkdf-hardcoded-secret-swift.yml

[error] 15-15: trailing spaces

(trailing-spaces)

[warning] 17-17: wrong indentation: expected 8 but found 6

(indentation)

[warning] 19-19: wrong indentation: expected 10 but found 16

(indentation)

[warning] 47-47: wrong indentation: expected 22 but found 24

(indentation)

[warning] 50-50: wrong indentation: expected 28 but found 25

(indentation)

[warning] 53-53: wrong indentation: expected 29 but found 26

(indentation)

[warning] 66-66: wrong indentation: expected 8 but found 5

(indentation)

[warning] 68-68: wrong indentation: expected 9 but found 6

(indentation)

[warning] 69-69: wrong indentation: expected 12 but found 9

(indentation)

[warning] 72-72: wrong indentation: expected 13 but found 16

(indentation)

[warning] 96-96: wrong indentation: expected 12 but found 14

(indentation)

[warning] 99-99: wrong indentation: expected 18 but found 22

(indentation)

[error] 112-112: trailing spaces

(trailing-spaces)

[error] 113-113: trailing spaces

(trailing-spaces)

[warning] 115-115: wrong indentation: expected 8 but found 5

(indentation)

[warning] 117-117: wrong indentation: expected 9 but found 11

(indentation)

[warning] 118-118: wrong indentation: expected 17 but found 19

(indentation)

[warning] 122-122: wrong indentation: expected 17 but found 19

(indentation)

[warning] 125-125: wrong indentation: expected 23 but found 25

(indentation)

[warning] 126-126: wrong indentation: expected 31 but found 33

(indentation)

[warning] 129-129: wrong indentation: expected 37 but found 39

(indentation)

[warning] 132-132: wrong indentation: expected 43 but found 45

(indentation)

[warning] 133-133: wrong indentation: expected 51 but found 53

(indentation)

[warning] 137-137: wrong indentation: expected 51 but found 53

(indentation)

[warning] 140-140: wrong indentation: expected 57 but found 59

(indentation)

[warning] 143-143: wrong indentation: expected 17 but found 19

(indentation)

[warning] 144-144: wrong indentation: expected 23 but found 25

(indentation)

[warning] 148-148: wrong indentation: expected 8 but found 6

(indentation)

[warning] 150-150: wrong indentation: expected 10 but found 7

(indentation)

[warning] 154-154: wrong indentation: expected 17 but found 19

(indentation)

[warning] 158-158: wrong indentation: expected 17 but found 19

(indentation)

[warning] 161-161: wrong indentation: expected 23 but found 25

(indentation)

[warning] 162-162: wrong indentation: expected 31 but found 33

(indentation)

[warning] 165-165: wrong indentation: expected 37 but found 39

(indentation)

[warning] 168-168: wrong indentation: expected 43 but found 45

(indentation)

[warning] 169-169: wrong indentation: expected 51 but found 53

(indentation)

[warning] 173-173: wrong indentation: expected 51 but found 53

(indentation)

[warning] 176-176: wrong indentation: expected 57 but found 59

(indentation)

[warning] 180-180: wrong indentation: expected 8 but found 6

(indentation)

[warning] 182-182: wrong indentation: expected 10 but found 7

(indentation)

[warning] 183-183: wrong indentation: expected 13 but found 15

(indentation)

[warning] 187-187: wrong indentation: expected 13 but found 15

(indentation)

[warning] 190-190: wrong indentation: expected 19 but found 21

(indentation)

[warning] 193-193: wrong indentation: expected 25 but found 27

(indentation)

[warning] 196-196: wrong indentation: expected 31 but found 33

(indentation)

[warning] 197-197: wrong indentation: expected 39 but found 41

(indentation)

[warning] 201-201: wrong indentation: expected 39 but found 41

(indentation)

[warning] 204-204: wrong indentation: expected 45 but found 47

(indentation)

[warning] 205-205: wrong indentation: expected 53 but found 55

(indentation)

[warning] 209-209: wrong indentation: expected 53 but found 55

(indentation)

[warning] 212-212: wrong indentation: expected 59 but found 61

(indentation)

[warning] 215-215: wrong indentation: expected 65 but found 67

(indentation)

[warning] 218-218: wrong indentation: expected 71 but found 81

(indentation)

[warning] 221-221: wrong indentation: expected 85 but found 87

(indentation)

[warning] 222-222: wrong indentation: expected 93 but found 95

(indentation)

[warning] 225-225: wrong indentation: expected 99 but found 101

(indentation)

[warning] 228-228: wrong indentation: expected 93 but found 95

(indentation)

[warning] 231-231: wrong indentation: expected 99 but found 101

(indentation)

[warning] 235-235: wrong indentation: expected 13 but found 15

(indentation)

[warning] 236-236: wrong indentation: expected 19 but found 21

(indentation)

[error] 237-237: trailing spaces

(trailing-spaces)

[warning] 240-240: wrong indentation: expected 8 but found 5

(indentation)

[warning] 242-242: wrong indentation: expected 9 but found 6

(indentation)

[warning] 245-245: wrong indentation: expected 10 but found 7

(indentation)

[warning] 246-246: wrong indentation: expected 13 but found 15

(indentation)

[warning] 250-250: wrong indentation: expected 13 but found 15

(indentation)

[warning] 253-253: wrong indentation: expected 19 but found 21

(indentation)

[warning] 256-256: wrong indentation: expected 25 but found 27

(indentation)

[warning] 259-259: wrong indentation: expected 31 but found 33

(indentation)

[warning] 260-260: wrong indentation: expected 39 but found 41

(indentation)

[warning] 264-264: wrong indentation: expected 39 but found 41

(indentation)

[warning] 267-267: wrong indentation: expected 45 but found 47

(indentation)

[warning] 268-268: wrong indentation: expected 53 but found 55

(indentation)

[warning] 272-272: wrong indentation: expected 53 but found 55

(indentation)

[warning] 275-275: wrong indentation: expected 59 but found 61

(indentation)

[warning] 278-278: wrong indentation: expected 65 but found 67

(indentation)

[warning] 281-281: wrong indentation: expected 71 but found 81

(indentation)

[warning] 284-284: wrong indentation: expected 85 but found 87

(indentation)

[warning] 285-285: wrong indentation: expected 93 but found 95

(indentation)

[warning] 288-288: wrong indentation: expected 99 but found 101

(indentation)

[warning] 291-291: wrong indentation: expected 93 but found 95

(indentation)

[warning] 294-294: wrong indentation: expected 99 but found 101

(indentation)

[error] 297-297: trailing spaces

(trailing-spaces)

[error] 304-304: trailing spaces

(trailing-spaces)

[warning] 307-307: wrong indentation: expected 14 but found 12

(indentation)

rules/swift/security/blowfish-hardcoded-secret-swift.yml

[warning] 47-47: wrong indentation: expected 8 but found 5

(indentation)

[warning] 49-49: wrong indentation: expected 9 but found 16

(indentation)

[warning] 79-79: wrong indentation: expected 8 but found 6

(indentation)

[warning] 81-81: wrong indentation: expected 10 but found 16

(indentation)

[warning] 125-125: wrong indentation: expected 8 but found 5

(indentation)

[warning] 127-127: wrong indentation: expected 9 but found 6

(indentation)

[warning] 128-128: wrong indentation: expected 12 but found 9

(indentation)

[warning] 131-131: wrong indentation: expected 13 but found 16

(indentation)

[warning] 155-155: wrong indentation: expected 12 but found 22

(indentation)

[error] 168-168: trailing spaces

(trailing-spaces)

[error] 169-169: trailing spaces

(trailing-spaces)

[warning] 171-171: wrong indentation: expected 8 but found 6

(indentation)

[warning] 176-176: wrong indentation: expected 14 but found 12

(indentation)

[warning] 177-177: wrong indentation: expected 18 but found 20

(indentation)

[warning] 181-181: wrong indentation: expected 18 but found 20

(indentation)

[warning] 184-184: wrong indentation: expected 24 but found 26

(indentation)

[warning] 187-187: wrong indentation: expected 30 but found 32

(indentation)

[warning] 188-188: wrong indentation: expected 38 but found 40

(indentation)

[warning] 192-192: wrong indentation: expected 38 but found 40

(indentation)

[warning] 195-195: wrong indentation: expected 44 but found 46

(indentation)

[warning] 196-196: wrong indentation: expected 52 but found 54

(indentation)

[warning] 200-200: wrong indentation: expected 52 but found 54

(indentation)

[warning] 203-203: wrong indentation: expected 58 but found 60

(indentation)

[warning] 206-206: wrong indentation: expected 64 but found 62

(indentation)

[warning] 209-209: wrong indentation: expected 66 but found 64

(indentation)

[warning] 210-210: wrong indentation: expected 70 but found 72

(indentation)

[warning] 213-213: wrong indentation: expected 76 but found 78

(indentation)

[warning] 216-216: wrong indentation: expected 70 but found 72

(indentation)

[warning] 219-219: wrong indentation: expected 76 but found 78

(indentation)

[warning] 224-224: wrong indentation: expected 8 but found 6

(indentation)

[warning] 226-226: wrong indentation: expected 10 but found 7

(indentation)

[warning] 227-227: wrong indentation: expected 13 but found 20

(indentation)

[warning] 228-228: wrong indentation: expected 24 but found 26

(indentation)

[warning] 231-231: wrong indentation: expected 13 but found 15

(indentation)

[warning] 235-235: wrong indentation: expected 13 but found 15

(indentation)

[warning] 238-238: wrong indentation: expected 19 but found 21

(indentation)

[warning] 241-241: wrong indentation: expected 25 but found 27

(indentation)

[warning] 244-244: wrong indentation: expected 31 but found 33

(indentation)

[warning] 245-245: wrong indentation: expected 39 but found 41

(indentation)

[warning] 249-249: wrong indentation: expected 39 but found 41

(indentation)

[warning] 252-252: wrong indentation: expected 45 but found 47

(indentation)

[warning] 253-253: wrong indentation: expected 53 but found 55

(indentation)

[warning] 257-257: wrong indentation: expected 53 but found 55

(indentation)

[warning] 260-260: wrong indentation: expected 59 but found 61

(indentation)

[warning] 263-263: wrong indentation: expected 65 but found 67

(indentation)

[warning] 266-266: wrong indentation: expected 71 but found 68

(indentation)

[warning] 269-269: wrong indentation: expected 72 but found 73

(indentation)

[warning] 270-270: wrong indentation: expected 79 but found 81

(indentation)

[warning] 273-273: wrong indentation: expected 85 but found 87

(indentation)

[warning] 276-276: wrong indentation: expected 79 but found 81

(indentation)

[warning] 279-279: wrong indentation: expected 85 but found 87

(indentation)

[warning] 288-288: too many spaces after colon

(colons)

[error] 290-290: trailing spaces

(trailing-spaces)

[warning] 293-293: wrong indentation: expected 14 but found 12

(indentation)

[error] 295-295: no new line character at the end of file

(new-line-at-end-of-file)

🔇 Additional comments (2)

rules/swift/security/blowfish-hardcoded-secret-swift.yml (1)

14-295: Same improvements needed as in ChaCha20 rule file.

The same formatting and structural improvements suggested for the ChaCha20 rule file apply here.

🧰 Tools

🪛 yamllint (1.35.1)

[warning] 47-47: wrong indentation: expected 8 but found 5

(indentation)

[warning] 49-49: wrong indentation: expected 9 but found 16

(indentation)

[warning] 79-79: wrong indentation: expected 8 but found 6

(indentation)

[warning] 81-81: wrong indentation: expected 10 but found 16

(indentation)

[warning] 125-125: wrong indentation: expected 8 but found 5

(indentation)

[warning] 127-127: wrong indentation: expected 9 but found 6

(indentation)

[warning] 128-128: wrong indentation: expected 12 but found 9

(indentation)

[warning] 131-131: wrong indentation: expected 13 but found 16

(indentation)

[warning] 155-155: wrong indentation: expected 12 but found 22

(indentation)

[error] 168-168: trailing spaces

(trailing-spaces)

[error] 169-169: trailing spaces

(trailing-spaces)

[warning] 171-171: wrong indentation: expected 8 but found 6

(indentation)

[warning] 176-176: wrong indentation: expected 14 but found 12

(indentation)

[warning] 177-177: wrong indentation: expected 18 but found 20

(indentation)

[warning] 181-181: wrong indentation: expected 18 but found 20

(indentation)

[warning] 184-184: wrong indentation: expected 24 but found 26

(indentation)

[warning] 187-187: wrong indentation: expected 30 but found 32

(indentation)

[warning] 188-188: wrong indentation: expected 38 but found 40

(indentation)

[warning] 192-192: wrong indentation: expected 38 but found 40

(indentation)

[warning] 195-195: wrong indentation: expected 44 but found 46

(indentation)

[warning] 196-196: wrong indentation: expected 52 but found 54

(indentation)

[warning] 200-200: wrong indentation: expected 52 but found 54

(indentation)

[warning] 203-203: wrong indentation: expected 58 but found 60

(indentation)

[warning] 206-206: wrong indentation: expected 64 but found 62

(indentation)

[warning] 209-209: wrong indentation: expected 66 but found 64

(indentation)

[warning] 210-210: wrong indentation: expected 70 but found 72

(indentation)

[warning] 213-213: wrong indentation: expected 76 but found 78

(indentation)

[warning] 216-216: wrong indentation: expected 70 but found 72

(indentation)

[warning] 219-219: wrong indentation: expected 76 but found 78

(indentation)

[warning] 224-224: wrong indentation: expected 8 but found 6

(indentation)

[warning] 226-226: wrong indentation: expected 10 but found 7

(indentation)

[warning] 227-227: wrong indentation: expected 13 but found 20

(indentation)

[warning] 228-228: wrong indentation: expected 24 but found 26

(indentation)

[warning] 231-231: wrong indentation: expected 13 but found 15

(indentation)

[warning] 235-235: wrong indentation: expected 13 but found 15

(indentation)

[warning] 238-238: wrong indentation: expected 19 but found 21

(indentation)

[warning] 241-241: wrong indentation: expected 25 but found 27

(indentation)

[warning] 244-244: wrong indentation: expected 31 but found 33

(indentation)

[warning] 245-245: wrong indentation: expected 39 but found 41

(indentation)

[warning] 249-249: wrong indentation: expected 39 but found 41

(indentation)

[warning] 252-252: wrong indentation: expected 45 but found 47

(indentation)

[warning] 253-253: wrong indentation: expected 53 but found 55

(indentation)

[warning] 257-257: wrong indentation: expected 53 but found 55

(indentation)

[warning] 260-260: wrong indentation: expected 59 but found 61

(indentation)

[warning] 263-263: wrong indentation: expected 65 but found 67

(indentation)

[warning] 266-266: wrong indentation: expected 71 but found 68

(indentation)

[warning] 269-269: wrong indentation: expected 72 but found 73

(indentation)

[warning] 270-270: wrong indentation: expected 79 but found 81

(indentation)

[warning] 273-273: wrong indentation: expected 85 but found 87

(indentation)

[warning] 276-276: wrong indentation: expected 79 but found 81

(indentation)

[warning] 279-279: wrong indentation: expected 85 but found 87

(indentation)

[warning] 288-288: too many spaces after colon

(colons)

[error] 290-290: trailing spaces

(trailing-spaces)

[warning] 293-293: wrong indentation: expected 14 but found 12

(indentation)

[error] 295-295: no new line character at the end of file

(new-line-at-end-of-file)

rules/swift/security/hkdf-hardcoded-secret-swift.yml (1)

298-309: Same structural improvements needed as other rule files.

The same formatting and organizational improvements suggested for other rule files apply here.

🧰 Tools

🪛 yamllint (1.35.1)

[error] 304-304: trailing spaces

(trailing-spaces)

[warning] 307-307: wrong indentation: expected 14 but found 12

(indentation)

rules/swift/security/chacha20-hardcoded-secret-swift.yml

rules/swift/security/blowfish-hardcoded-secret-swift.yml

rules/swift/security/hkdf-hardcoded-secret-swift.yml

ESS-ENN added 3 commits December 5, 2024 18:14

blowfish-hardcoded-secret-swift

0a8cdfb

chacha20-hardcoded-secret-swift

0be8d6c

hkdf-hardcoded-secret-swift

87c8d48

coderabbitai bot changed the title ~~@coderabbitai~~ Add security rules for detecting hard-coded secrets in Swift applications Dec 5, 2024

coderabbitai bot requested changes Dec 5, 2024

View reviewed changes

coderabbitai bot approved these changes Dec 5, 2024

View reviewed changes

ESS-ENN closed this Jan 8, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add security rules for detecting hard-coded secrets in Swift applications #83

Add security rules for detecting hard-coded secrets in Swift applications #83

Uh oh!

ESS-ENN commented Dec 5, 2024 •

edited by coderabbitai bot

Loading

Uh oh!

coderabbitai bot commented Dec 5, 2024 •

edited

Loading

Chat

CodeRabbit Commands (Invoked using PR comments)

Other keywords and placeholders

CodeRabbit Configuration File (`.coderabbit.yaml`)

Documentation and Community

Uh oh!

coderabbitai bot left a comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Add security rules for detecting hard-coded secrets in Swift applications #83

Add security rules for detecting hard-coded secrets in Swift applications #83

Uh oh!

Conversation

ESS-ENN commented Dec 5, 2024 • edited by coderabbitai bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary by CodeRabbit

Release Notes

Uh oh!

coderabbitai bot commented Dec 5, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Walkthrough

Changes

Possibly related PRs

Suggested reviewers

Poem

Chat

CodeRabbit Commands (Invoked using PR comments)

Other keywords and placeholders

CodeRabbit Configuration File (.coderabbit.yaml)

Documentation and Community

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

ESS-ENN commented Dec 5, 2024 •

edited by coderabbitai bot

Loading

coderabbitai bot commented Dec 5, 2024 •

edited

Loading

CodeRabbit Configuration File (`.coderabbit.yaml`)