Apply template scans to *.twig files

Sjord · Sjord · commit 67a38cfe8b93 · 2025-10-21T10:50:21.000+02:00
To scan Twig (https://twig.symfony.com/) templates.
diff --git a/generic/html-templates/security/unquoted-attribute-var.yaml b/generic/html-templates/security/unquoted-attribute-var.yaml
@@ -29,6 +29,7 @@ rules:
     - '*.html'
     - '*.mustache'
     - '*.hbs'
+    - '*.twig'
   severity: WARNING
   patterns:
   - pattern-inside: <$TAG ...>
diff --git a/generic/html-templates/security/var-in-href.yaml b/generic/html-templates/security/var-in-href.yaml
@@ -38,6 +38,7 @@ rules:
     - '*.html'
     - '*.mustache'
     - '*.hbs'
+    - '*.twig'
   severity: WARNING
   patterns:
   - pattern-inside: <a ...>
diff --git a/generic/html-templates/security/var-in-script-src.yaml b/generic/html-templates/security/var-in-script-src.yaml
@@ -35,6 +35,7 @@ rules:
     - '*.mustache'
     - '*.hbs'
     - '*.html'
+    - '*.twig'
   severity: WARNING
   patterns:
   - pattern-inside: <script ...>
diff --git a/generic/html-templates/security/var-in-script-tag.yaml b/generic/html-templates/security/var-in-script-tag.yaml
@@ -38,6 +38,7 @@ rules:
     - '*.mustache'
     - '*.hbs'
     - '*.html'
+    - '*.twig'
   severity: WARNING
   patterns:
   - pattern-inside: <script ...> ... </script>
diff --git a/javascript/express/security/audit/xss/mustache/var-in-script-tag.yaml b/javascript/express/security/audit/xss/mustache/var-in-script-tag.yaml
@@ -39,3 +39,4 @@ rules:
     - '*.mustache'
     - '*.hbs'
     - '*.html'
+    - '*.twig'
