UNCLASSIFIED - NO CUI

Update dependency semgrep to v1.32.0

renovaterequested to merge
renovate/semgrep-1.x into development

This MR contains the following updates:

Package Update Change
semgrep minor 1.31.0 -> 1.32.0
semgrep minor ==1.31.0 -> ==1.32.0

Release Notes

returntocorp/semgrep

v1.32.0

Compare Source

1.32.0 - 2023-07-13
Added

  • feat(docker): Create a semgrep user for our docker container so that people can run it as a non-root user (gh-8116)

  • feat(typed metavar): Typed metavariable support for Rust

    Users can create TypedMetavar using Rust's type annotation syntax :. For example, the following rule works for matching HttpResponseBuilder type of variables:

    rules:
- id: no-direct-response-write
  patterns:
  - pattern: '($BUILDER : HttpResponseBuilder).body(...)'
  - pattern-not: '($BUILDER : HttpResponseBuilder).body("...".to_string())'
  message: find dangerous codes
  severity: WARNING
  languages: [rust]
``` (gh-8200)
Fixed
  • baseline scans reporting on existing findings (baseline-supply-chain)
  • Fixed an issue leading to incorrect autofix results involving JS/TS async arrow functions (e.g. async () => {}, etc.). (gh-7353)
  • Workaround for rootless containers as git operations may fail due to dubious ownership of /src (gh-8267)

v1.31.2

Compare Source

No significant changes.

v1.31.1

Compare Source

No significant changes.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about these updates again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Edited by renovate

Merge request reports

UNCLASSIFIED - NO CUI