[!WARNING]
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
returntocorp/semgrep (semgrep)
### [`v1.78.0`](https://togithub.com/semgrep/semgrep/releases/tag/v1.78.0)
[Compare Source](https://togithub.com/returntocorp/semgrep/compare/v1.77.0...v1.78.0)
#### [1.78.0](https://togithub.com/returntocorp/semgrep/releases/tag/v1.78.0) - 2024-06-27
##### Added
- Matching of fully qualified type names in the metavariable-type operator has
been improved. For example:
from a.b import C
x = C()
The type of `x` will match both `a.b.C` and `C`.
- pattern: $X = $Y()
- metavariable-type:
metavariable: $X
types:
- a.b.C # or C
``` (code-7269)
##### Fixed
- Symbolic propagation now works on decorator functions, for example:
x = foo
@x() # this is now matched by pattern `@foo()`
def test():
pass (code-6634)
- Fixed an issue where Python functions with annotations ending in `endpoint`,
`route`, `get`, `patch`, `post`, `put`, `delete`, `before_request` or
`after_request` (i.e., ones we associate with Flask) were incorrectly analyzed
with the Code product in addition to the Secrets product when present in a file
being ignored for Code analysis but included for Secrets. (scrt-609)
Configuration
đ Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
đŠ Automerge: Enabled.
â» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
đ Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
1.77.0->1.78.0Release Notes
returntocorp/semgrep (semgrep)
### [`v1.78.0`](https://togithub.com/semgrep/semgrep/releases/tag/v1.78.0) [Compare Source](https://togithub.com/returntocorp/semgrep/compare/v1.77.0...v1.78.0) #### [1.78.0](https://togithub.com/returntocorp/semgrep/releases/tag/v1.78.0) - 2024-06-27 ##### Added - Matching of fully qualified type names in the metavariable-type operator has been improved. For example: from a.b import C x = C() The type of `x` will match both `a.b.C` and `C`. - pattern: $X = $Y() - metavariable-type: metavariable: $X types: - a.b.C # or C ``` (code-7269) ##### Fixed - Symbolic propagation now works on decorator functions, for example: x = foo @x() # this is now matched by pattern `@foo()` def test(): pass (code-6634) - Fixed an issue where Python functions with annotations ending in `endpoint`, `route`, `get`, `patch`, `post`, `put`, `delete`, `before_request` or `after_request` (i.e., ones we associate with Flask) were incorrectly analyzed with the Code product in addition to the Secrets product when present in a file being ignored for Code analysis but included for Secrets. (scrt-609)Configuration
đ Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
đŠ Automerge: Enabled.
â» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
đ Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.