semgrep rule to detect undesirable package imports in adapter code (#…

…2911)

.semgrep/adapter/package-import.go

@@ -0,0 +1,47 @@
+import (
+ // ok: package-import-check
+ "fmt"
+ // ok: package-import-check
+ "os"
+ // ruleid: package-import-check
+ "github.com/mitchellh/copystructure"
+ // ruleid: package-import-check
+ "github.com/golang/glog"
+)
+
+import (
+ // ok: package-import-check
+ "fmt"
+ // ruleid: package-import-check
+ cs "github.com/mitchellh/copystructure"
+ // ok: package-import-check
+ "os"
+ // ruleid: package-import-check
+ log "github.com/golang/glog"
+)
+
+import (
+ // ok: package-import-check
+ "fmt"
+ // ruleid: package-import-check
+ cs "github.com/mitchellh/copystructure/subpackage"
+ // ok: package-import-check
+ "os"
+ // ruleid: package-import-check
+ log "github.com/golang/glog/subpackage"
+)
+
+// ruleid: package-import-check
+import "github.com/golang/glog"
+
+// ruleid: package-import-check
+import "github.com/mitchellh/copystructure"
+
+// ruleid: package-import-check
+import log "github.com/golang/glog"
+
+// ruleid: package-import-check
+import copy "github.com/mitchellh/copystructure"
+
+// ok: package-import-check
+import "fmt" 

.semgrep/adapter/package-import.yml

@@ -0,0 +1,13 @@
+rules:
+ - id: package-import-check
+ message: Importing "$PKG" package is not recommended in adapter code
+ languages:
+ - go
+ severity: ERROR
+ pattern-either:
+ - patterns:
+ - pattern: import "$PKG"
+ - focus-metavariable: $PKG
+ - metavariable-regex:
+ metavariable: $PKG
+ regex: (^github\.com/mitchellh/copystructure(/.*)?$|^github\.com/golang/glog(/.*)?$)