search

pixee / codemodder-python

Python implementation of the Codemodder framework
GNU Affero General Public License v3.0
38 stars 10 forks source link

Update dependency semgrep to >=1.95,<1.96 #902

Closed renovate[bot] closed 3 weeks ago

renovate[bot] commented 3 weeks ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
semgrep >=1.93,<1.94 -> >=1.95,<1.96 age adoption passing confidence

Release Notes

returntocorp/semgrep (semgrep) ### [`v1.95.0`](https://redirect.github.com/returntocorp/semgrep/blob/HEAD/CHANGELOG.md#1950---2024-10-31) [Compare Source](https://redirect.github.com/returntocorp/semgrep/compare/v1.94.0...v1.95.0) ##### Changed - Remove deprecated `--enable-experimental-requirements` flag. Functionality has been always enabled since Semgrep 1.93.0. (ssc-1903) ##### Fixed - osemgrep: Running `osemgrep` with the Pro Engine now correctly runs rules with proprietary languages (saf-1686) - Fixed bug where semgrep would crash if --trace was passed (saf-tracing) ### [`v1.94.0`](https://redirect.github.com/returntocorp/semgrep/blob/HEAD/CHANGELOG.md#1940---2024-10-30) [Compare Source](https://redirect.github.com/returntocorp/semgrep/compare/v1.93.0...v1.94.0) ##### Fixed - pro: taint-mode: Semgrep should no longer confuse a `return` in a lambda with a `return` in its enclosing function. E.g. In the example below the return value of `foo` is NOT tainted: function foo() { bar(() => taint); return ok; } (code-7657) - OCaml: matching will now recognized "local open" so that a pattern like `Foo.bar ...` will now correctly match code such as `let open Foo in bar 1` or `Foo.(bar 1)` in addition to the classic `Foo.bar 1`. (local_open) - Project files lacking sufficient read permissions are now skipped gracefully by semgrep. (saf-1598) - Semgrep will now print stderr and additional debugging info when semgrep-core exits with a fatal error code but still returns a json repsonse (finishes scanning) (saf-1672) - semgrep ci should parse correctly git logs to compute the set of contributors even if some authors have special characters in their names. (saf-1681)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR was generated by Mend Renovate. View the repository job log.

sonarcloud[bot] commented 3 weeks ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud