Skip to content

fix: correct nosemgrep rule IDs for sagemaker-ai and tools#121

Merged
mayakost merged 1 commit intomainfrom
fix/nosemgrep-rule-ids
Apr 7, 2026
Merged

fix: correct nosemgrep rule IDs for sagemaker-ai and tools#121
mayakost merged 1 commit intomainfrom
fix/nosemgrep-rule-ids

Conversation

@scottschreckengaust
Copy link
Copy Markdown
Member

@scottschreckengaust scottschreckengaust commented Apr 7, 2026

Summary

  • Fix nosemgrep inline comments that used truncated rule IDs, causing suppressions to be silently ignored by semgrep
  • All 7 findings are false positives with explanatory comments preserved:
    • format_detector.py (3 findings): is_valid is a @dataclass bool field, not a method — -- dataclass field, not a method
    • validate-cross-refs.cjs (4 findings): marketplacePath parameter is only ever called with hardcoded string constants — -- callers pass hardcoded constants, not user input

Test plan

  • Run mise run security:semgrep — should show 0 findings (down from 7 in these files)
  • Run mise run build — passes cleanly

Generated with Claude Code

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of the project license.

@scottschreckengaust @claude
fix: correct nosemgrep rule IDs for sagemaker-ai and tools
a36d94f 
The nosemgrep inline comments used truncated rule IDs that didn't
match the full IDs reported by semgrep, so suppressions were silently
ignored. All findings are false positives:

- format_detector.py: is_valid is a @DataClass bool field, not a method
- validate-cross-refs.cjs: marketplacePath is only called with hardcoded
  string constants, never user input

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@scottschreckengaust scottschreckengaust requested review from a team, krokoko and theagenticguy April 7, 2026 07:35
@scottschreckengaust scottschreckengaust requested review from a team as code owners April 7, 2026 07:35
mayakost
mayakost approved these changes Apr 7, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@mayakost mayakost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mayakost mayakost added this pull request to the merge queue Apr 7, 2026
Merged via the queue into main with commit b467313 Apr 7, 2026
24 checks passed
@mayakost mayakost deleted the fix/nosemgrep-rule-ids branch April 7, 2026 21:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@krokoko krokoko krokoko approved these changes

@mayakost mayakost mayakost approved these changes

@theagenticguy theagenticguy Awaiting requested review from theagenticguy theagenticguy is a code owner automatically assigned from awslabs/agent-plugins-admins

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@scottschreckengaust @krokoko @mayakost