Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improved documentation #3

Merged
merged 3 commits into from
Oct 18, 2023
Merged

Improved documentation #3

merged 3 commits into from
Oct 18, 2023

Conversation

samspills
Copy link
Collaborator

No description provided.

zan-preston
zan-preston approved these changes Oct 17, 2023
View reviewed changes
Copy link

@zan-preston zan-preston left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just the question on which scala versions it's published for. Otherwise, I think this looks great!

docs/index.md Outdated Show resolved Hide resolved
docs/index.md
Comment on lines +14 to +38
```

Once enabled, configure which rules scalafix will run by adding them to your `.scalafix.conf` file like so:
```
//.scalafix.conf
rules = [
NoRsaWithoutPadding
]
```


### Available Rules

#### NoRsaWithoutPadding
Relevant semgrep rule: [scala.lang.security.audit.rsa-padding-set.rsa-padding-set](https://semgrep.dev/r?q=scala.lang.security.audit.rsa-padding-set.rsa-padding-set).

This scalafix rule will raise an error if a `javax.crypto.Cipher` is instantiated using RSA, any mode, with no padding. For example:

```scala
import javax.crypto.Cipher

val badCipher = Cipher.getInstance("RSA/None/NoPadding") // will raise scalafix error
val alsoBad = Cipher.getInstance("RSA/ECB/NoPadding") // will raise scalafix error

val goodCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this. Very simple and clear

@samspills samspills marked this pull request as ready for review October 17, 2023 21:22
@samspills samspills requested a review from a team as a code owner October 17, 2023 21:23
@samspills samspills self-assigned this Oct 17, 2023
@samspills samspills merged commit 0a1f48f into main Oct 18, 2023
11 checks passed
@samspills samspills deleted the sam/docs branch October 18, 2023 13:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zan-preston zan-preston zan-preston approved these changes

@rossabaker rossabaker rossabaker approved these changes

Assignees

@samspills samspills

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@samspills @rossabaker @zan-preston