-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrules.yml
39 lines (29 loc) · 1.39 KB
/
rules.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
rules:
# based on priority levels
- name: block_priority_medium
query: .[] | select(.verdicts[]?.priority == "medium")
- name: ignore_priority_medium
query: .[] | select(.verdicts[]?.priority == "medium")
behavior: ignore
- name: block_priority_critical
query: .[] | select(.verdicts[]?.priority == "critical")
# based on activity
- name: block_network_connection
query: .[] | .verdicts[]? | select(.message == "unexpected outbound connection destination")
- name: ignore_network_connection
query: .[] | .verdicts[]? | select(.message == "unexpected outbound connection destination")
behavior: ignore
- name: block_process_spawn
query: .[] | .verdicts[]? | select(.message == "npm install spawned a process")
- name: ignore_process_spawn
query: .[] | .verdicts[]? | select(.message == "npm install spawned a process")
behavior: ignore
- name: ignore_node_gyp_execution
query: .[] | .verdicts[]? | select(.metadata.commandline | contains("node-gyp"))
behavior: ignore
- name: block_node_gyp_execution
query: .[] | .verdicts[]? | select(.metadata.commandline | contains("node-gyp"))
# based on specified packages (replace package name and version with desired condition)
- name: ignore_specific_package_and_version
query: .[] | select(.name == "<package-name>" and .version == "<package-version>")
behavior: ignore