Deep Semgrep is needed to propagate values through function calls. An example of this is found in the exfiltrate-sensitive-data tests (ctx). It can also be seen here: https://semgrep.dev/s/enelli:exfiltrate-sensitive-data. The first case is not detected, but the second case that has only one function is caught.
Deep Semgrep is needed to propagate values through function calls. An example of this is found in the exfiltrate-sensitive-data tests (ctx). It can also be seen here: https://semgrep.dev/s/enelli:exfiltrate-sensitive-data. The first case is not detected, but the second case that has only one function is caught.