Skip to content

Update dependency semgrep to >=1.124,<1.125 #1067

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update dependency semgrep to >=1.124,<1.125 #1067

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 5, 2025

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
semgrep >=1.123,<1.124 -> >=1.124,<1.125 age adoption passing confidence

Release Notes

returntocorp/semgrep (semgrep)

v1.124.0

Compare Source

Added
  • Parallelizes rule validation to improve performance when scanning with many rule files. (SAF-2061)
  • Semgrep should now respect ALL_PROXY, HTTP_PROXY, HTTPS_PROXY,
    NO_PROXY, PROXY_USERNAME and PROXY_PASSWORD for all networking (including
    that done via the OCaml components). Moreover, the environment variable
    OCAML_EXTRA_CA_CERTS should now allow additional CA certs to be used for
    network operations done by OCaml components. (code-8157)
Fixed
  • Stop attempting to parse build.gradle.kts files as build.gradle. (SC-2209)
  • Taint rules using the experimental feature labels, and specifying sinks
    with a requires: of the form not A, could produce findings with an empty
    list of traces, potentially causing a crash. We now recognize the issue and
    prevent the crash from happening. (code-8531)
  • Fixed inconsistency where the empty Python fstring f"" was not matched by the pattern "...". (gh-10047)
  • Fixed bug where dev depenencies (and their dependencies, and so on) were incorrectly marked as "transitivity: unknown" when parsing package-lock.json projects, specifically v3 lockfiles. (gh-4003)
  • Fixed scenario where a multiplication expression of ints was not considered an int. This will help with metavariable-type. Concretely, "2 * groups" was not considered an int, where groups is an int. Additionally adds type inference for mod, floor division, and pow. (gh-9855)
  • pro: python: Fixed a regression that could (in rare cases) cause naming to take a
    disproportionate amount of time significantly slowing down scans. (saf-1978)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/all-minor-patch branch from d8a0136 to 8fa7250 Compare June 6, 2025 13:05
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Jun 6, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@drdavella drdavella Awaiting requested review from drdavella drdavella is a code owner

@andrecsilva andrecsilva Awaiting requested review from andrecsilva andrecsilva is a code owner

@clavedeluna clavedeluna Awaiting requested review from clavedeluna clavedeluna is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants