You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
New iteration of taint-mode that allows to specify sources/sanitizers/sinks
using arbitrary pattern formulas. This provides plenty of flexibility. Note
that we breaks compatibility with the previous taint-mode format, e.g. - source(...) must now be written as - pattern: source(...).
HTML experimental support. This does not rely on the "generic" mode
but instead really parses the HTML using tree-sitter-html. This allows
some semantic matching (e.g., matching attributes in any order).
New matching option implicit_ellipsis that allows disabling the implicit ... that are added to record patterns, plus allow matching "spread fields"
(JS ...x) at any position (#3120)
Support globstar (**) syntax in path include/exclude (#3173)
Fixed
Apple M1: Semgrep installed from HomeBrew no longer hangs (#2432)
Ruby command shells are distinguished from strings (#3343)