semgrep · semgrep-dev-pr-bot · Sep 8, 2025 · Sep 8, 2025
diff --git a/princenchiba_demo/no-eval-prince-demo.jsx b/princenchiba_demo/no-eval-prince-demo.jsx
@@ -0,0 +1,14 @@
+print("Welcome to Semgrep!" + "Use our Run button to start experimenting -->")
+
+
+print("...")
+
+# To detect ALL calls to the print() function, change the Semgrep Rule from print("...") to print(...)
+
+print(not_a_string)
+
+print(first_var, second_var)
+
+print()
+
+# print("This is commented out so it will never be found")
diff --git a/princenchiba_demo/no-eval-prince-demo.yaml b/princenchiba_demo/no-eval-prince-demo.yaml
@@ -0,0 +1,30 @@
+rules:
+- id: no-eval-prince-demo
+  languages:
+  - javascript
+  severity: ERROR
+  message: Semgrep found a match
+  pattern: eval("...")
+  metadata:
+    category: security
+    subcategory:
+    - vuln
+    cwe:
+    - 'CWE-749: Exposed Dangerous Method or Function'
+    confidence: HIGH
+    likelihood: LOW
+    impact: MEDIUM
+    owasp:
+    - A3:2021 Injection
+    references:
+    - ''
+    technology:
+    - django
+    - docker
+    - dockerfile
+    - flask
+    - gorilla
+    - kubernetes
+    - nginx
+    - terraform
+    - react