You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Experimental baseline scanning. Run with --baseline-commit GIT_COMMIT to only
show findings that currently exist but did not exist in GIT_COMMIT
Changed
Performance: send all rules directly to semgrep-core instead of invoking semgrep-core
Scans now report a breakdown of how many target paths were skipped for what reason.
--verbose mode will list all skipped paths along with the reason they were skipped
Performance: send all rules directly to semgrep-core instead of invoking semgrep-core
for each rule, reducing the overhead significantly. Other changes resulting from this:
Sarif output now includes all rules run. Error messages use full path of rules.
Progress bar reports by file instead of by rule
Required minimum version of python to run semgrep now 3.7 instead of EOL 3.6
Bloom filter optimization now considers import module file names, thus
speeding up matching of patterns like import { $X } from 'foo'
Indentation is now removed from matches to conserve horizontal space
Fixed
Typescript: Patterns E as T will be matched correctly. E.g. previously
a pattern like v as $T would match v but not v as any, now it
correctly matches v as any but not v. (#4515)
Highlighting has been restored for matching code fragments within a finding