From b61237f7bc9cb46b6c1049d6e0f62ab288d2b63d Mon Sep 17 00:00:00 2001
From: Hitesh Mahajan <hiteshvm1998@gmail.com>
Date: Thu, 13 Apr 2023 18:15:03 +0530
Subject: [PATCH 1/2] Rules/third party java (#223)

* Python GA support

* fix: more sdks for facebook

* Amplitude android sdk

---------

Co-authored-by: hiteshbedre <32206192+hiteshbedre@users.noreply.github.com>
Co-authored-by: KhemrajSingh Rathore <khemraj.rathore@privado.ai>
---
 README.md                                         | 2 +-
 rules/sinks/third_parties/sdk/amplitude/java.yaml | 2 +-
 rules/sinks/third_parties/sdk/facebook/java.yaml  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 0b1b42af..65ba2ee1 100644
--- a/README.md
+++ b/README.md
@@ -7,7 +7,7 @@ Privado is an open-source static code analysis tool to discover data flows in th
 <img src="https://user-images.githubusercontent.com/80044360/186333819-779bfff5-d7a2-4bba-88e9-0ca866e1ee81.gif" width="600px">
 
 # Supported languages
-We support Java in GA and Python in alpha. Our Enterprise offering covers all programming languages, and we're working on adding support for more languages to OSS. Support for JS/TS is coming soon!
+We support Java and Python in GA. Our Enterprise offering covers all programming languages, and we're working on adding support for more languages to OSS. Support for JS/TS is coming soon!
 
 
 # Quick Start
diff --git a/rules/sinks/third_parties/sdk/amplitude/java.yaml b/rules/sinks/third_parties/sdk/amplitude/java.yaml
index c7ca033f..c9980a8a 100644
--- a/rules/sinks/third_parties/sdk/amplitude/java.yaml
+++ b/rules/sinks/third_parties/sdk/amplitude/java.yaml
@@ -17,7 +17,7 @@ sinks:
     domains:
       - "amplitude.com/amplitude-analytics"
     patterns:
-      - "(?i)(com[.]amplitude[.]analytics).*"
+      - "(?i)(com[.]amplitude[.]analytics|com[.]amplitude[.]android[.]Amplitude[.]track).*"
     tags:
 
   - id: ThirdParties.SDK.Amplitude.CustomerDataPlatform
diff --git a/rules/sinks/third_parties/sdk/facebook/java.yaml b/rules/sinks/third_parties/sdk/facebook/java.yaml
index ac6edea8..f2653ac4 100644
--- a/rules/sinks/third_parties/sdk/facebook/java.yaml
+++ b/rules/sinks/third_parties/sdk/facebook/java.yaml
@@ -9,5 +9,5 @@ sinks:
     domains:
       - "facebook.com"
     patterns:
-      - "(?i)(cn[.]sharesdk[.]facebook|com[.]facebook[.]ads[.]sdk|com[.]facebook[.]airlift|com[.]facebook[.]android|com[.]facebook[.]api|com[.]facebook[.]drift|com[.]facebook[.]fresco[.]custom|com[.]facebook[.]fresco|com[.]facebook[.]infer[.]annotation|com[.]facebook[.]presto|com[.]facebook[.]rebound|com[.]facebook[.]shimmer|com[.]facebook[.]soloader|com[.]facebook[.]stetho|com[.]github[.]asne[.]facebook|com[.]google[.]code[.]facebookapi).*"
+      - "(?i)(com[.]facebook[.]login|com[.]facebook[.]appevents|com[.]facebook[.]FacebookSdk|cn[.]sharesdk[.]facebook|com[.]facebook[.]ads[.]sdk|com[.]facebook[.]airlift|com[.]facebook[.]android|com[.]facebook[.]api|com[.]facebook[.]drift|com[.]facebook[.]fresco[.]custom|com[.]facebook[.]fresco|com[.]facebook[.]infer[.]annotation|com[.]facebook[.]presto|com[.]facebook[.]rebound|com[.]facebook[.]shimmer|com[.]facebook[.]soloader|com[.]facebook[.]stetho|com[.]github[.]asne[.]facebook|com[.]google[.]code[.]facebookapi).*"
     tags:

From b08611a8ba768991f31d8ff26012599dd6f5e5d1 Mon Sep 17 00:00:00 2001
From: Datta Mundada <dbmundada333@gmail.com>
Date: Tue, 18 Apr 2023 11:35:13 +0530
Subject: [PATCH 2/2] Python rule improvements #2 (#227)

* Python rule improvements #2

* Fix code review comment

---------

Co-authored-by: Dattaprasad Mundada <dattaprasadmundada@Dattaprasads-MacBook-Pro.local>
---
 config/sinkSkipList/python.yaml           | 4 ++--
 config/systemConfig/python.yaml           | 2 +-
 rules/sinks/storages/amazonS3/python.yaml | 1 +
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/config/sinkSkipList/python.yaml b/config/sinkSkipList/python.yaml
index f3e43b78..a0d3a4aa 100644
--- a/config/sinkSkipList/python.yaml
+++ b/config/sinkSkipList/python.yaml
@@ -2,11 +2,11 @@ sinkSkipList:
   - id: SinkSkipList.ThirdParties
     name: Skip Third Party Sinks
     patterns:
-      - "(dict|list|str|tuple|int)\\.__.*"
+      - "(typing.){0,1}(dict|list|str|tuple|int)\\.__.*"
       - "(django.*\\.py|selenium).*"
       - "\\/.*[.]py.*"
       - "(__builtin|cls|ModelClass|assoc|result)\\..*"
-      - "(?i)(builtins|stringio|operator|functools|ast|jwt|cookielib|hashlib|urlparse|hmac|six|glob|json|html2text|yaml|re|copy|argparse|datetime|time|decimal|collections|asyncio|subprocess|pytest|logging|traceback|sys|os|oss2|unittest|base64|dateutil|importlib|socket|urllib3|urllib|io|uuid|gzip|math|bson|random|xmltodict|shutil|tempfile).*"
+      - "(?i)(builtins|stringio|operator|functools|pathlib|ast|jwt|cookielib|hashlib|urlparse|hmac|six|glob|json|html2text|yaml|re|copy|argparse|datetime|time|decimal|collections|asyncio|subprocess|pytest|logging|traceback|sys|os|oss2|unittest|base64|dateutil|importlib|socket|urllib3|urllib|io|uuid|gzip|math|bson|random|xmltodict|shutil|tempfile).*"
 
   - id: SinkSkipList.BuiltInLib
     name: Skip built in language libraries
diff --git a/config/systemConfig/python.yaml b/config/systemConfig/python.yaml
index 5331d871..bb8df456 100644
--- a/config/systemConfig/python.yaml
+++ b/config/systemConfig/python.yaml
@@ -6,4 +6,4 @@ systemConfig:
     value: (?i)(?:url(?!(open|encode))|client|get|set|post|put|patch|delete|head|options|request|feed|trigger|init|find|send|receive|redirect|fetch|execute|response|pool|client|http|load|list|trace|remove|write|provider|host|access|info_read|select|perform).*
 
   - key: apiIdentifier
-    value: (?i).*((hook|base|auth|prov|endp|install|cloud|host|request|service|gateway|route|resource)(.){0,12}url|(slack|web)(.){0,4}hook|(rest|api|host|cloud|request|service)(.){0,4}(endpoint|gateway|route)).*
\ No newline at end of file
+    value: (?i).*((hook|base|auth|prov|endp|install|cloud|host|request|service|gateway|route|resource|upload)(.){0,12}url|(slack|web)(.){0,4}hook|(rest|api|host|cloud|request|service)(.){0,4}(endpoint|gateway|route)).*
\ No newline at end of file
diff --git a/rules/sinks/storages/amazonS3/python.yaml b/rules/sinks/storages/amazonS3/python.yaml
index f6820b0c..a7326710 100644
--- a/rules/sinks/storages/amazonS3/python.yaml
+++ b/rules/sinks/storages/amazonS3/python.yaml
@@ -6,6 +6,7 @@ sinks:
       - s3.amazon.com
     patterns:
       - "(?i).*(aws_cdk.*(aws_s3|assets)).*"
+      - "(?i).*(get_s3_bucket).*"
       - "(?i).*(aws_helper|s3transfer|templates_s3|s3util|s3url|url_for_s3|s3_parse_url|ctodd_python_lib_aws|awss3lib|s3file|mypy_boto3_s3|s3_encryption|mypy_boto3_s3|pip_services3_aws|bits3).py.*"
       - "(?i).*boto.*(?:get|bucket|put|download.{0,1}file|delete|bucket|object|list.{0,1}obj|upload.{0,1}file|download.{0,1}fileobj|presigned.{0,1}url).*"
     tags:
\ No newline at end of file