You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Java: Add partial support for synchronized blocks in the dataflow IL (#4150)
Dataflow: Add partial support for await, yield, &, and other expressions
Field-definition-as-assignemnt equivalence that allows matching expression
patterns against field definitions. It is disabled by default but can be
enabled via rule options: with flddef_assign: true (#4187)
Arrows (a.k.a short lambdas) patterns used to match also regular function
definitions. This can now be disabled via rule options: with arrow_is_function: false (#4187)
Javascript variable patterns using the 'var' keyword used to also
match variable declarations using 'let' or 'const'. This can now be
disabled via rule options: with let_is_var: false
Fixed
Constant propagation: In a method call x.f(y), if x is a constant then
it will be recognized as such
Go: match correctly braces in composite literals for autofix (#4210)
Go: match correctly parens in cast for autofix (#3387)
Go: support ellipsis in return type parameters (#2746)
Scala: parse case object within blocks
Scala: parse typed patterns with variables that begin with an underscore: case _x : Int => ...
Scala: parse unicode identifiers
semgrep-core accepts sh as an alias for bash
pattern-regex: Hexadecimal notation of Unicode code points is now
supported and assumes UTF-8 (#4240)
pattern-regex: Update documentation, specifying we use PCRE (#3974)
Scala: parse nullary constructors with no arguments in more positions
Scala: parse infix type operators with tuple arguments
Scala: parse nested comments
Scala: parse case class within blocks
metavariable-comparison: if a metavariable binds to a code variable that
is known to be constant, then we use that constant value in the comparison (#3727)
Expand ~ when resolving config paths
Changed
C# support is now GA
cli: Only suggest increasing stack size when semgrep-core segfaults
Semgrep now scans executable scripts whose shebang interpreter matches the
rule's language