'Semgrep not finding two lines of code with a 'patterns' section

I have a Semgrep rule:

rules:
  - id: create-chat-client
    patterns:
      - pattern: var $X = GrpcChannel.ForAddress(...); 
      - pattern: var $Y = new ChatService.ChatServiceClient($X);
    languages: 
      - csharp
    message: <pass>
    severity: INFO

And I am trying to match this code:

using Grpc.Net.Client;
using GrpcChat.ProtoBuf;

var channel = GrpcChannel.ForAddress("https://localhost:8888");
var client = new ChatService.ChatServiceClient(channel);

These match separately, but the 'patterns' should be a "AND" match and it fails. I must be missing something obvious. Anyone see anything?

c++sharpsemgrep


Solution 1:[1]

Using pattern-inside works:

rules:
  - id: chat
    patterns:
      - pattern-inside: |
          var $X = GrpcChannel.ForAddress(...); 
          ...
      - pattern: var $Y = new ChatService.ChatServiceClient($X);
    languages: 
      - csharp
    message: <pass>
    severity: INFO

with this test case:

using Grpc.Net.Client;
using GrpcChat.ProtoBuf;

var channel = GrpcChannel.ForAddress("https://localhost:8888");
// ruleid: chat
var client = new ChatService.ChatServiceClient(channel);

when I run a test:

% semgrep --test rules/
? All tests passed!

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1

Related Questions