Doug/improve default sast ruleset (#13)

* Updated rulesets to reduce false positives

* Updated installation directions

Author: dacoburn

.gitignore

@@ -101,4 +101,6 @@ logs/
 *.log
 
 .python-version
-.socket.fact.json
+.socket.fact.json
+
+custom_rules/

.gitmodules

@@ -25,3 +25,9 @@
 [submodule "app_tests/scala-woof"]
 	path = app_tests/scala-woof
 	url = https://github.com/snyk/scala-woof.git
+[submodule "app_tests/govwa"]
+	path = app_tests/govwa
+	url = https://github.com/0c34/govwa
+[submodule "app_tests/play-webgoat"]
+	path = app_tests/play-webgoat
+	url = https://github.com/playframework/play-webgoat

README.md

@@ -27,7 +27,7 @@ jobs:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Run Socket Basics
-        uses: SocketDev/[email protected].21
+        uses: SocketDev/[email protected].23
         env:
           GITHUB_PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }}
         with:
@@ -112,7 +112,7 @@ Configure scanning policies, notification channels, and rule sets for your entir
 
 **Dashboard-Configured (Enterprise):**
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   env:
     GITHUB_PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }}
   with:
@@ -123,7 +123,7 @@ Configure scanning policies, notification channels, and rule sets for your entir
 
 **CLI-Configured:**
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   env:
     GITHUB_PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }}
   with:
@@ -139,10 +139,10 @@ Configure scanning policies, notification channels, and rule sets for your entir
 
 ```bash
 # Build with version tag
-docker build -t socketdev/socket-basics:1.0.21 .
+docker build -t socketdev/socket-basics:1.0.23 .
 
 # Run scan
-docker run --rm -v "$PWD:/workspace" socketdev/socket-basics:1.0.21 \
+docker run --rm -v "$PWD:/workspace" socketdev/socket-basics:1.0.23 \
   --workspace /workspace \
   --python-sast-enabled \
   --secret-scanning-enabled \

app_tests/govwa

@@ -38,7 +38,7 @@ jobs:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Run Socket Basics
-        uses: SocketDev/[email protected].21
+        uses: SocketDev/[email protected].23
         env:
           GITHUB_PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }}
         with:
@@ -78,7 +78,7 @@ Include these in your workflow's `jobs.<job_id>.permissions` section.
 
 **SAST (Static Analysis):**
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   with:
     github_token: ${{ secrets.GITHUB_TOKEN }}
     # Enable SAST for specific languages
@@ -92,7 +92,7 @@ Include these in your workflow's `jobs.<job_id>.permissions` section.
 
 **Secret Scanning:**
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   with:
     github_token: ${{ secrets.GITHUB_TOKEN }}
     secret_scanning_enabled: 'true'
@@ -104,7 +104,7 @@ Include these in your workflow's `jobs.<job_id>.permissions` section.
 
 **Container Scanning:**
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   with:
     github_token: ${{ secrets.GITHUB_TOKEN }}
     # Scan Docker images (auto-enables container scanning)
@@ -115,7 +115,7 @@ Include these in your workflow's `jobs.<job_id>.permissions` section.
 
 **Socket Tier 1 Reachability:**
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   with:
     github_token: ${{ secrets.GITHUB_TOKEN }}
     socket_tier_1_enabled: 'true'
@@ -124,7 +124,7 @@ Include these in your workflow's `jobs.<job_id>.permissions` section.
 ### Output Configuration
 
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   with:
     github_token: ${{ secrets.GITHUB_TOKEN }}
     python_sast_enabled: 'true'
@@ -154,7 +154,7 @@ Configure Socket Basics centrally from the [Socket Dashboard](https://socket.dev
 
 **Enable in workflow:**
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   env:
     GITHUB_PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }}
   with:
@@ -166,7 +166,7 @@ Configure Socket Basics centrally from the [Socket Dashboard](https://socket.dev
 
 > **Note:** You can also pass credentials using environment variables instead of the `with:` section:
 > ```yaml
-> - uses: SocketDev/[email protected].21
+> - uses: SocketDev/[email protected].23
 >   env:
 >     SOCKET_SECURITY_API_KEY: ${{ secrets.SOCKET_SECURITY_API_KEY }}
 >   with:
@@ -184,7 +184,7 @@ All notification integrations require Socket Enterprise.
 
 **Slack Notifications:**
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   with:
     github_token: ${{ secrets.GITHUB_TOKEN }}
     socket_org: ${{ secrets.SOCKET_ORG }}
@@ -196,7 +196,7 @@ All notification integrations require Socket Enterprise.
 
 **Jira Issue Creation:**
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   with:
     github_token: ${{ secrets.GITHUB_TOKEN }}
     socket_org: ${{ secrets.SOCKET_ORG }}
@@ -211,7 +211,7 @@ All notification integrations require Socket Enterprise.
 
 **Microsoft Teams:**
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   with:
     github_token: ${{ secrets.GITHUB_TOKEN }}
     socket_org: ${{ secrets.SOCKET_ORG }}
@@ -223,7 +223,7 @@ All notification integrations require Socket Enterprise.
 
 **Generic Webhook:**
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   with:
     github_token: ${{ secrets.GITHUB_TOKEN }}
     socket_org: ${{ secrets.SOCKET_ORG }}
@@ -235,7 +235,7 @@ All notification integrations require Socket Enterprise.
 
 **SIEM Integration:**
 ```yaml
-- uses: SocketDev/[email protected].21
+- uses: SocketDev/[email protected].23
   with:
     github_token: ${{ secrets.GITHUB_TOKEN }}
     socket_org: ${{ secrets.SOCKET_ORG }}
@@ -271,7 +271,7 @@ jobs:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       
       - name: Run Socket Basics
-        uses: SocketDev/[email protected].21
+        uses: SocketDev/[email protected].23
         env:
           GITHUB_PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }}
         with:
@@ -317,7 +317,7 @@ jobs:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       
       - name: Run Full Security Scan
-        uses: SocketDev/[email protected].21
+        uses: SocketDev/[email protected].23
         env:
           GITHUB_PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }}
         with:
@@ -368,10 +368,10 @@ jobs:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       
       - name: Build Docker Image
-        run: docker build -t myapp:1.0.21:${{ github.sha }} .
+        run: docker build -t myapp:1.0.23:${{ github.sha }} .
       
       - name: Scan Container
-        uses: SocketDev/[email protected].21
+        uses: SocketDev/[email protected].23
         env:
           GITHUB_PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }}
         with:
@@ -404,7 +404,7 @@ jobs:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       
       - name: Run Socket Basics
-        uses: SocketDev/[email protected].21
+        uses: SocketDev/[email protected].23
         env:
           GITHUB_PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }}
         with:
@@ -497,7 +497,7 @@ env:
 ```yaml
 steps:
   - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - Must be first
-  - uses: SocketDev/[email protected].21
+  - uses: SocketDev/[email protected].23
 ```
 
 ### PR Comments Not Appearing