Merge pull request #224 from Privado-Inc/dev

Rules/third party java (#223)

config/sinkSkipList/python.yaml

@@ -2,11 +2,11 @@ sinkSkipList:
   - id: SinkSkipList.ThirdParties
     name: Skip Third Party Sinks
     patterns:
-      - "(dict|list|str|tuple|int)\\.__.*"
+      - "(typing.){0,1}(dict|list|str|tuple|int)\\.__.*"
       - "(django.*\\.py|selenium).*"
       - "\\/.*[.]py.*"
       - "(__builtin|cls|ModelClass|assoc|result)\\..*"
-      - "(?i)(builtins|stringio|operator|functools|ast|jwt|cookielib|hashlib|urlparse|hmac|six|glob|json|html2text|yaml|re|copy|argparse|datetime|time|decimal|collections|asyncio|subprocess|pytest|logging|traceback|sys|os|oss2|unittest|base64|dateutil|importlib|socket|urllib3|urllib|io|uuid|gzip|math|bson|random|xmltodict|shutil|tempfile).*"
+      - "(?i)(builtins|stringio|operator|functools|pathlib|ast|jwt|cookielib|hashlib|urlparse|hmac|six|glob|json|html2text|yaml|re|copy|argparse|datetime|time|decimal|collections|asyncio|subprocess|pytest|logging|traceback|sys|os|oss2|unittest|base64|dateutil|importlib|socket|urllib3|urllib|io|uuid|gzip|math|bson|random|xmltodict|shutil|tempfile).*"
 
   - id: SinkSkipList.BuiltInLib
     name: Skip built in language libraries

config/systemConfig/python.yaml

@@ -6,4 +6,4 @@ systemConfig:
     value: (?i)(?:url(?!(open|encode))|client|get|set|post|put|patch|delete|head|options|request|feed|trigger|init|find|send|receive|redirect|fetch|execute|response|pool|client|http|load|list|trace|remove|write|provider|host|access|info_read|select|perform).*
 
   - key: apiIdentifier
-    value: (?i).*((hook|base|auth|prov|endp|install|cloud|host|request|service|gateway|route|resource)(.){0,12}url|(slack|web)(.){0,4}hook|(rest|api|host|cloud|request|service)(.){0,4}(endpoint|gateway|route)).*
+    value: (?i).*((hook|base|auth|prov|endp|install|cloud|host|request|service|gateway|route|resource|upload)(.){0,12}url|(slack|web)(.){0,4}hook|(rest|api|host|cloud|request|service)(.){0,4}(endpoint|gateway|route)).*

rules/sinks/storages/amazonS3/python.yaml

@@ -6,6 +6,7 @@ sinks:
       - s3.amazon.com
     patterns:
       - "(?i).*(aws_cdk.*(aws_s3|assets)).*"
+      - "(?i).*(get_s3_bucket).*"
       - "(?i).*(aws_helper|s3transfer|templates_s3|s3util|s3url|url_for_s3|s3_parse_url|ctodd_python_lib_aws|awss3lib|s3file|mypy_boto3_s3|s3_encryption|mypy_boto3_s3|pip_services3_aws|bits3).py.*"
       - "(?i).*boto.*(?:get|bucket|put|download.{0,1}file|delete|bucket|object|list.{0,1}obj|upload.{0,1}file|download.{0,1}fileobj|presigned.{0,1}url).*"
     tags:

rules/sinks/third_parties/sdk/amplitude/java.yaml

@@ -17,7 +17,7 @@ sinks:
     domains:
       - "amplitude.com/amplitude-analytics"
     patterns:
-      - "(?i)(com[.]amplitude[.]analytics).*"
+      - "(?i)(com[.]amplitude[.]analytics|com[.]amplitude[.]android[.]Amplitude[.]track).*"
     tags:
 
   - id: ThirdParties.SDK.Amplitude.CustomerDataPlatform

rules/sinks/third_parties/sdk/facebook/java.yaml

@@ -9,5 +9,5 @@ sinks:
     domains:
       - "facebook.com"
     patterns:
-      - "(?i)(cn[.]sharesdk[.]facebook|com[.]facebook[.]ads[.]sdk|com[.]facebook[.]airlift|com[.]facebook[.]android|com[.]facebook[.]api|com[.]facebook[.]drift|com[.]facebook[.]fresco[.]custom|com[.]facebook[.]fresco|com[.]facebook[.]infer[.]annotation|com[.]facebook[.]presto|com[.]facebook[.]rebound|com[.]facebook[.]shimmer|com[.]facebook[.]soloader|com[.]facebook[.]stetho|com[.]github[.]asne[.]facebook|com[.]google[.]code[.]facebookapi).*"
+      - "(?i)(com[.]facebook[.]login|com[.]facebook[.]appevents|com[.]facebook[.]FacebookSdk|cn[.]sharesdk[.]facebook|com[.]facebook[.]ads[.]sdk|com[.]facebook[.]airlift|com[.]facebook[.]android|com[.]facebook[.]api|com[.]facebook[.]drift|com[.]facebook[.]fresco[.]custom|com[.]facebook[.]fresco|com[.]facebook[.]infer[.]annotation|com[.]facebook[.]presto|com[.]facebook[.]rebound|com[.]facebook[.]shimmer|com[.]facebook[.]soloader|com[.]facebook[.]stetho|com[.]github[.]asne[.]facebook|com[.]google[.]code[.]facebookapi).*"
     tags: