Add exclusion for modern InternalsVisibleTo in SDK-style projects (#630)

JustinSchneiderPBI · web-flow · commit 7e0834133f1b · 2024-08-26T10:53:32.000-07:00
* Add exclusion for modern InternalsVisibleTo in SDK-style projects

* Update secrets.json test

* Update Changelog.md
diff --git a/Changelog.md b/Changelog.md
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.0.41] - 2024-08-23
+## Rules
+Extend the false positive fix for the issue reported in #548 to Sdk-style msbuild projects.
+
 ## [1.0.40] - 2024-7-08
 ## Fix
 Fixes extraneous printing of git errors when git ignore checking is enabled during analysis.
diff --git a/rules/default/security/privacy/secrets.json b/rules/default/security/privacy/secrets.json
@@ -31,13 +31,26 @@
                 },
                 "negate_finding": true,
                 "search_in": "same-line"
+            },
+            {
+                "pattern" : 
+                {
+                    "pattern": "<InternalsVisibleTo Include=",
+                    "type": "substring",
+                    "scopes": [
+                        "code"
+                    ]
+                },
+                "negate_finding": true,
+                "search_in": "same-line"
             }
         ],
         "must-match": [
             "var hash = \"121212121212121212121212121212\""
         ],
         "must-not-match": [
-            "[assembly: InternalsVisibleTo(\"Application.Tests, PublicKey=1234567890abcd\")]"
+            "[assembly: InternalsVisibleTo(\"Application.Tests, PublicKey=1234567890abcd\")]",
+            "<InternalsVisibleTo Include=\"Application.Tests\" Key=\"1234567890abcd\"/>"
         ]
     },
     {
@@ -69,4 +82,4 @@
         "must-not-match": [
         ]
     }
-]
+]
