pkgsrc-WIP-changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
semgrep{,-core}: Update to 0.107.0
Module Name: pkgsrc-wip
Committed By: Leonardo Taccari <leot%NetBSD.org@localhost>
Pushed By: leot
Date: Wed Aug 3 17:39:44 2022 +0200
Changeset: 1e61bb44bcd3bf8c49dc3a8f826ad0172740e00b
Modified Files:
semgrep-core/Makefile
semgrep/Makefile
semgrep/PLIST
semgrep/distinfo
Log Message:
semgrep{,-core}: Update to 0.107.0
Changes:
- Added metadata in App-connected scans to report extensions of
files that do not match the language of any enabled rules in order
to enable more effective language prioritization while developing
new rules.
- Support fail-open in CI: adds --suppress-errors/--no-suppress-errors
(defaults to --no-suppress-errors)
- New language Elixir with experimental support. (gh-3698)
- Kotlin: support for ellipsis in field access (e.g., `obj. ... .bar()`)
- Changed `semgrep-core` so that it can now be run with `-rules` on `.yaml`
files which do not have a top-level `rules: ...` key. This means you can now
copy paste from the playground editor directly into a `.yaml` file for use
with `semgrep-core`.
- Add experimental support for _taint labels_, that is the ability to attach
labels to different kinds of taint. Both sources and sinks can retrict what
labels are present in the data that passes through them in order to apply.
This allows to write more complex taint rules that previously required ugly
workarounds. Taint labels are also useful for writing certain classes of
typestate analyses (e.g., check that a file descriptor is not used after
being closed).
- Introduced the `--dataflow-traces` flag, which directs the Semgrep CLI to
explain how non-local values lead to a finding. Currently, this only applies
to taint mode findings and it will trace the path from the taint source to
the taint sink.
- Made breaking changes to the dataflow_trace JSON output to make
it more easily consumable by the App. Added content for taint_source
and intermediate_vars, and collapsed the multile taint_source
locations into one.
- Removed the unique_id field from the semgrep (and semgrep-core) JSON output
for metavariables.
- Fixed format of repository urls so links to findings can be properly
displayed on semgrep.dev
- Scala: Allow metavariables in `import` patterns
- Rules reported for LSP metrics now are hashed before sending
- `-filter_irrelevant_rules` was incorrectly skipping files when
the PCRE engine threw an error, while trying to match a regex
that determines whether a rule is relevant for a file. This has
been fixed so that, in case of a PCRE error, we assume that the
rule could be relevant and we do run it on the file.
To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=1e61bb44bcd3bf8c49dc3a8f826ad0172740e00b
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
semgrep-core/Makefile | 2 +-
semgrep/Makefile | 2 +-
semgrep/PLIST | 3 +++
semgrep/distinfo | 6 +++---
4 files changed, 8 insertions(+), 5 deletions(-)
diffs:
diff --git a/semgrep-core/Makefile b/semgrep-core/Makefile
index a058f33a71..a475ede9cf 100644
--- a/semgrep-core/Makefile
+++ b/semgrep-core/Makefile
@@ -1,6 +1,6 @@
# $NetBSD$
-DISTNAME= semgrep-core-0.106.0
+DISTNAME= semgrep-core-0.107.0
PKGREVISION= 0
CATEGORIES= devel
MASTER_SITES= ${MASTER_SITE_GITHUB:=returntocorp/}
diff --git a/semgrep/Makefile b/semgrep/Makefile
index 0c7a9cf48f..5f4314a509 100644
--- a/semgrep/Makefile
+++ b/semgrep/Makefile
@@ -1,6 +1,6 @@
# $NetBSD$
-DISTNAME= semgrep-0.106.0
+DISTNAME= semgrep-0.107.0
CATEGORIES= devel python
MASTER_SITES= ${MASTER_SITE_PYPI:=s/semgrep/}
diff --git a/semgrep/PLIST b/semgrep/PLIST
index f2d8c5a788..1bcff54034 100644
--- a/semgrep/PLIST
+++ b/semgrep/PLIST
@@ -112,6 +112,9 @@ ${PYSITELIB}/semgrep/env.pyo
${PYSITELIB}/semgrep/error.py
${PYSITELIB}/semgrep/error.pyc
${PYSITELIB}/semgrep/error.pyo
+${PYSITELIB}/semgrep/error_handler.py
+${PYSITELIB}/semgrep/error_handler.pyc
+${PYSITELIB}/semgrep/error_handler.pyo
${PYSITELIB}/semgrep/external/__init__.py
${PYSITELIB}/semgrep/external/__init__.pyc
${PYSITELIB}/semgrep/external/__init__.pyo
diff --git a/semgrep/distinfo b/semgrep/distinfo
index 345f32fff2..4755a3c2ea 100644
--- a/semgrep/distinfo
+++ b/semgrep/distinfo
@@ -1,5 +1,5 @@
$NetBSD$
-BLAKE2s (semgrep-0.106.0.tar.gz) = 25e10c544cf74cf845cbb46a850b385b3b969b5584fb5516f19d2088b5bfcc24
-SHA512 (semgrep-0.106.0.tar.gz) = ea7b6f9678fa4e6c5f03b77db566ba9030327ff2f777aa1de11e5ba5bc7003ba28730b06c2b5f7310ef3f33fdb713d8a881d1aa647c2332a16e4f33ac1927f16
-Size (semgrep-0.106.0.tar.gz) = 180965 bytes
+BLAKE2s (semgrep-0.107.0.tar.gz) = 95bd94d6e76b968f4cd2aa1607feee6781668a934523ecf0086d464667bcfa8b
+SHA512 (semgrep-0.107.0.tar.gz) = 2bfafe68dbae9c8ee87819c7ba5699ccb0d70c6c689f91ce6c97c220ceda2ae3d9c83806e5f6ce6e0f8e49157137b4a4459b6a687b7d303c0931b1d0ace5f2cf
+Size (semgrep-0.107.0.tar.gz) = 183597 bytes
Home |
Main Index |
Thread Index |
Old Index