mirror of
https://github.com/kemko/nomad.git
synced 2026-01-01 16:05:42 +03:00
b6d9424c4b
We have several semgrep rules forbidding imports of packages we don't want. While testing out a new rule I discovered that the rule we have is completely ineffective. Update the rule to detect imports using the Go language plugin, including regex matching on some packages where it's forbidden to import the root but fine to import a subpackage or different version. The go-set import rule is an example of one where our `go-set/v3` imports fails the re-written check unless we use the regex syntax. If you replace the pattern rule with `import "=~/github.com\/hashicorp\/go-set/v3$/"` it would fail.