semgrep output #2
Description
better response? hide some internal stack traces...
$ semgrep scan --config auto
┌──── ○○○ ────┐
│ Semgrep CLI │
└─────────────┘
Scanning 100 files (only git-tracked) with:
✔ Semgrep OSS
✔ Basic security coverage for first-party code vulnerabilities.
✔ Semgrep Code (SAST)
✔ Find and fix vulnerabilities in the code you write with advanced scanning and expert security rules.
✘ Semgrep Supply Chain (SCA)
✘ Find and fix the reachable vulnerabilities in your OSS dependencies.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 100% 0:00:00
┌─────────────────┐
│ 8 Code Findings │
└─────────────────┘
src/main/java/ch/weetech/network/HttpClientApp.java
java.lang.security.audit.active-debug-code-printstacktrace.active-debug-code-printstacktrace
Possible active debug code detected. Deploying an application with debug code can create
unintended entry points or expose sensitive information.
Details: https://sg.run/4K8z
67┆ e.printStackTrace(new PrintWriter(sw));
⋮┆----------------------------------------
72┆ e.printStackTrace(new PrintWriter(sw));
⋮┆----------------------------------------
77┆ e.printStackTrace(new PrintWriter(sw));
⋮┆----------------------------------------
82┆ e.printStackTrace(new PrintWriter(sw));
⋮┆----------------------------------------
126┆ e.printStackTrace(new PrintWriter(sw));
⋮┆----------------------------------------
131┆ e.printStackTrace(new PrintWriter(sw));
⋮┆----------------------------------------
136┆ e.printStackTrace(new PrintWriter(sw));
⋮┆----------------------------------------
141┆ e.printStackTrace(new PrintWriter(sw));
┌──────────────┐
│ Scan Summary │
└──────────────┘
Some files were skipped or only partially analyzed.
Scan was limited to files tracked by git.
Partially scanned: 1 files only partially analyzed due to parsing or internal Semgrep errors
Scan skipped: 36 files matching .semgrepignore patterns
For a full list of skipped files, run semgrep with the --verbose flag.
Ran 291 rules on 64 files: 8 findings.