Initial commit

2026-04-25 23:09:31 +01:00
commit 3325436017
92 changed files with 18397 additions and 0 deletions
--- a/semgrep.yml
+++ b/semgrep.yml
@@ -0,0 +1,12 @@
+# Run: semgrep --config semgrep.yml applepy
+# Or: semgrep --config=p/python applepy
+
+rules:
+  - id: subprocess-with-shell-true
+    languages: [python]
+    severity: ERROR
+    message: Avoid subprocess with shell=True (injection risk).
+    pattern-either:
+      - pattern: subprocess.run(..., shell=True, ...)
+      - pattern: subprocess.Popen(..., shell=True, ...)
+      - pattern: subprocess.call(..., shell=True, ...)