Add weggli to the linter for c

[Pierre-Gronau-ndaal]

Is your feature request related to a problem?
nope

Describe the solution you'd like
Enrich security detection capabilities

Describe alternatives you've considered
semgrep

Additional context

• https://github.com/LordCasser/weggli-enhance
• https://security.humanativaspa.it/a-collection-of-weggli-patterns-for-c-cpp-vulnerability-research/

[nvuillam]

@Pierre-Gronau-ndaal semgrep is already integrated within MegaLinter, but activated only when a semgrep rules config var is defined in the analyzed repository

Example: REPOSITORY_SEMGREP_RULESETS: ["p/docker-compose","p/owasp-top-ten"]

Are there SemGrep rulesets similar to weggli rules ?

[Pierre-Gronau-ndaal]

In principle and for sure there is a overlapping

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity.
It will be closed in 14 days if no further activity occurs.
Thank you for your contributions.

If you think this issue should stay open, please remove the O: stale 🤖 label or comment on the issue.

[nvuillam]

@Pierre-Gronau-ndaal > weggli seems dedicated to c & c++ so has probably more capabilities than SemGrep, & probably better performances

Would you like to add it in a PR ? :)

[Pierre-Gronau-ndaal]

I will do a PR If it is wished

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity.
It will be closed in 14 days if no further activity occurs.
Thank you for your contributions.

If you think this issue should stay open, please remove the O: stale 🤖 label or comment on the issue.

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity.
It will be closed in 14 days if no further activity occurs.
Thank you for your contributions.

If you think this issue should stay open, please remove the O: stale 🤖 label or comment on the issue.

[nvuillam]

@Pierre-Gronau-ndaal do you still wish to make the PR ? :)