You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
taint-mode: Sanitizers that match exactly a source or a sink are filtered out,
making it possible to use - pattern: $F(...) for declaring that any other
function is a sanitizer
taint-mode: Remove built-in source source(...) and built-in sanitizer sanitize(...) used for convenience during early development, this was causing
some unexpected behavior in real code that e.g. had a function called source!
Improved Kotlin parsing from 77% to 90% on our Kotlin corpus.
Resolution of rulesets (i.e. p/ci) use new rule cdn and do client-side hydration
Set pcre recursion limit so it will not vary with different installations of pcre
Better pcre error handling in semgrep-core
Fixed
taint-mode: Fixed bug where a tainted sink could go unreported when the sink is
a specific argument in a function call
PHP: allows more keywords as valid field names (#3954)