From 2343238df501d4f655131cc9281ce44e0bd7c8bb Mon Sep 17 00:00:00 2001
From: Julien Doutre <julien.doutre@datadoghq.com>
Date: Wed, 5 Feb 2025 14:21:20 +0100
Subject: [PATCH] Remove masking logic

---
 guarddog/analyzer/sourcecode/__init__.py | 45 ++++++++++++------------
 1 file changed, 22 insertions(+), 23 deletions(-)

diff --git a/guarddog/analyzer/sourcecode/__init__.py b/guarddog/analyzer/sourcecode/__init__.py
index 44a46673..0c47b630 100644
--- a/guarddog/analyzer/sourcecode/__init__.py
+++ b/guarddog/analyzer/sourcecode/__init__.py
@@ -51,9 +51,6 @@ def get_sourcecode_rules(
         ecosystem: The ecosystem to filter for if rules are ecosystem specific
         kind: The kind of rule to filter for
     """
-    if ecosystem == ECOSYSTEM.GITHUB_ACTION:
-        ecosystem = ECOSYSTEM.NPM
-
     for rule in SOURCECODE_RULES:
         if kind and not isinstance(rule, kind):
             continue
@@ -74,34 +71,36 @@ def get_sourcecode_rules(
         data = yaml.load(fd, Loader=SafeLoader)
         for rule in data["rules"]:
             for lang in rule["languages"]:
-                ecosystem = None
+                ecosystems = set()
                 match lang:
                     case "python":
-                        ecosystem = ECOSYSTEM.PYPI
+                        ecosystems.add(ECOSYSTEM.PYPI)
                     case "javascript" | "typescript" | "json":
-                        ecosystem = ECOSYSTEM.NPM
+                        ecosystems.add(ECOSYSTEM.NPM)
+                        ecosystems.add(ECOSYSTEM.GITHUB_ACTION)
                     case "go":
-                        ecosystem = ECOSYSTEM.GO
+                        ecosystems.add(ECOSYSTEM.GO)
                     case _:
                         continue
 
-                # avoids duplicates when multiple languages are supported by a rule
-                if not next(
-                    filter(
-                        lambda r: r.id == rule["id"],
-                        get_sourcecode_rules(ecosystem, SempgrepRule),
-                    ),
-                    None,
-                ):
-                    SOURCECODE_RULES.append(
-                        SempgrepRule(
-                            id=rule["id"],
-                            ecosystem=ecosystem,
-                            description=rule.get("metadata", {}).get("description", ""),
-                            file=file_name,
-                            rule_content=rule,
+                for ecosystem in ecosystems:
+                    # avoids duplicates when multiple languages are supported by a rule
+                    if not next(
+                        filter(
+                            lambda r: r.id == rule["id"],
+                            get_sourcecode_rules(ecosystem, SempgrepRule),
+                        ),
+                        None,
+                    ):
+                        SOURCECODE_RULES.append(
+                            SempgrepRule(
+                                id=rule["id"],
+                                ecosystem=ecosystem,
+                                description=rule.get("metadata", {}).get("description", ""),
+                                file=file_name,
+                                rule_content=rule,
+                            )
                         )
-                    )
 
 yara_rule_file_names = list(
     filter(lambda x: x.endswith("yar"), os.listdir(current_dir))