Skip to content

elixir: fix map destructuring in function parameters#637

Merged
dimitris-m merged 4 commits into
mainfrom
dm/elixir-param-pattern
Apr 3, 2026
Merged

elixir: fix map destructuring in function parameters#637
dimitris-m merged 4 commits into
mainfrom
dm/elixir-param-pattern

Conversation

@dimitris-m
Copy link
Copy Markdown
Collaborator

@dimitris-m dimitris-m commented Apr 3, 2026

Summary

  • Replace OtherParam with ParamPattern for Elixir map-destructured function parameters, enabling taint analysis to track data flow through %{"key" => val} and %{key: val} patterns.
  • Translate => as keyval (Container(Tuple, ...)) instead of Call(Id("=>"), ...), matching the existing keyword pair representation.
  • Wrap map items in OtherExpr("MapPairArrow")/OtherExpr("MapPairKeyword") so search patterns can distinguish the two syntactic forms.
  • Add Container(Dict) and OtherExpr cases to expr_to_pattern; unwrap the map pair tags in AST_to_IL for Elixir.

Test plan

  • All 5491 core tests pass (1 pre-existing unrelated fetch failure).
  • New dots_arrow_map test: arrow-syntax map patterns match arrow maps, reject keyword maps.
  • Updated dots_kw_map test: keyword-syntax map patterns match keyword maps, reject arrow maps.

@dimitris-m
elixir: use ParamPattern for map destructuring in function params
eca4656 
Replace G.OtherParam with G.ParamPattern for OtherParamExpr and
OtherParamPair in the Elixir-to-generic translation. Add
Container(Dict) handling in expr_to_pattern so map patterns convert
to PatList rather than falling through to opaque OtherPat.
@dimitris-m
elixir: distinguish arrow vs keyword map pairs, translate => as keyval
0e4b472 
Translate the => operator as keyval (Container(Tuple, ...)) instead of
Call(Id("=>"), ...) so arrow pairs share the same structure as keyword
pairs. Wrap map items in OtherExpr("MapPairArrow")/OtherExpr("MapPairKeyword")
to preserve syntax distinction for pattern matching. Add OtherExpr-to-OtherPat
conversion in expr_to_pattern, and unwrap the tags in AST_to_IL for Elixir.
@dimitris-m
tests: arrow vs keyword map pattern distinction in Elixir
1ccb7a5 
Add dots_arrow_map test for arrow-syntax map patterns. Both tests
include negative cases proving the two forms do not cross-match.
@dimitris-m
Copy link
Copy Markdown
Collaborator Author

dimitris-m commented Apr 3, 2026

I will add a taint test before merging

@corneliuhoffman
Copy link
Copy Markdown
Contributor

corneliuhoffman commented Apr 3, 2026

I will add a taint test before merging

That was my only suggestion here

corneliuhoffman
corneliuhoffman approved these changes Apr 3, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@corneliuhoffman corneliuhoffman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will add a taint test before merging

That was my only suggestion here

@dimitris-m dimitris-m merged commit d469287 into main Apr 3, 2026
3 checks passed
@dimitris-m dimitris-m deleted the dm/elixir-param-pattern branch April 3, 2026 14:29
This was referenced Apr 3, 2026
Merged
Merged
Merged
tmeijn pushed a commit to tmeijn/dotfiles that referenced this pull request Apr 8, 2026
build(deps): update opengrep/opengrep to v1.18.0
edf1a90 
This MR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [opengrep/opengrep](https://github.com/opengrep/opengrep) | minor | `v1.16.5` → `v1.18.0` |

MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot).

**Proposed changes to behavior should be submitted there as MRs.**

---

### Release Notes

<details>
<summary>opengrep/opengrep (opengrep/opengrep)</summary>

### [`v1.18.0`](https://github.com/opengrep/opengrep/releases/tag/v1.18.0): Opengrep 1.18.0

[Compare Source](opengrep/opengrep@v1.17.0...v1.18.0)

#### Improvements

- Elixir: Updates to syntax (part 1) by [@&#8203;maciejpirog](https://github.com/maciejpirog) in [#&#8203;642](opengrep/opengrep#642)
- Elixir: Updates to syntax (part 2) by [@&#8203;maciejpirog](https://github.com/maciejpirog) in [#&#8203;646](opengrep/opengrep#646)

**Full Changelog**: <opengrep/opengrep@v1.17.0...v1.18.0>

### [`v1.17.0`](https://github.com/opengrep/opengrep/releases/tag/v1.17.0): Opengrep 1.17.0

[Compare Source](opengrep/opengrep@v1.16.5...v1.17.0)

#### Improvements

- Treat nested functions as lambdas by [@&#8203;dimitris-m](https://github.com/dimitris-m) in [#&#8203;621](opengrep/opengrep#621)
- Tainting: per-arity signature extraction for Clojure and Elixir by [@&#8203;dimitris-m](https://github.com/dimitris-m) in [#&#8203;582](opengrep/opengrep#582)
- Dockerfile: Preprocess for better line continuations and comments by [@&#8203;maciejpirog](https://github.com/maciejpirog) in [#&#8203;633](opengrep/opengrep#633)
- Elixir: fix map destructuring in function parameters by [@&#8203;dimitris-m](https://github.com/dimitris-m) in [#&#8203;637](opengrep/opengrep#637)
- Elixir: fix taint propagation through map value expressions by [@&#8203;dimitris-m](https://github.com/dimitris-m) in [#&#8203;640](opengrep/opengrep#640)
- Support chained method calls on constructor results with --taint-intrafile by [@&#8203;corneliuhoffman](https://github.com/corneliuhoffman) in [#&#8203;638](opengrep/opengrep#638)

#### Bug fixes

- Fix(Ruby): zero argument method call syntax by [@&#8203;corneliuhoffman](https://github.com/corneliuhoffman) in [#&#8203;626](opengrep/opengrep#626)
- Fix: proper constructor taint analysis by [@&#8203;corneliuhoffman](https://github.com/corneliuhoffman) in [#&#8203;628](opengrep/opengrep#628)
- Fix: Elixir scanner CRLF handling by [@&#8203;dimitris-m](https://github.com/dimitris-m) in [#&#8203;639](opengrep/opengrep#639)

#### Refactoring

- Refactoring of AST-to-IL, Step 1 by [@&#8203;maciejpirog](https://github.com/maciejpirog) in [#&#8203;622](opengrep/opengrep#622)

#### Developer tooling

- Pretty-print IL in C-style syntax by [@&#8203;maciejpirog](https://github.com/maciejpirog) in [#&#8203;623](opengrep/opengrep#623)

#### Installation

- Improve error reporting in install.sh by [@&#8203;dimitris-m](https://github.com/dimitris-m) in [#&#8203;620](opengrep/opengrep#620)

#### Security

- \[Aikido] AI Fix for Template Injection in GitHub Workflows Action by [@&#8203;aikido-autofix](https://github.com/aikido-autofix)\[bot] in [#&#8203;624](opengrep/opengrep#624)
- \[Aikido] AI Fix for 3rd party Github Actions should be pinned by [@&#8203;aikido-autofix](https://github.com/aikido-autofix)\[bot] in [#&#8203;625](opengrep/opengrep#625)

**Full Changelog**: <opengrep/opengrep@v1.16.5...v1.17.0>

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this MR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDQuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEwNC44IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiLCJhdXRvbWF0aW9uOmJvdC1hdXRob3JlZCIsImRlcGVuZGVuY3ktdHlwZTo6bWlub3IiXX0=-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@corneliuhoffman corneliuhoffman corneliuhoffman approved these changes

@maciejpirog maciejpirog maciejpirog approved these changes

@willem-delbare willem-delbare Awaiting requested review from willem-delbare willem-delbare is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dimitris-m @corneliuhoffman @maciejpirog