Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update returntocorp/semgrep docker tag to v1.46.0 #709

Merged
merged 1 commit into from
Oct 24, 2023
Merged

chore(deps): update returntocorp/semgrep docker tag to v1.46.0 #709

merged 1 commit into from
Oct 24, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 24, 2023

Mend Renovate

This PR contains the following updates:

Package Type Update Change
returntocorp/semgrep container minor 1.45.0 -> 1.46.0

Release Notes

returntocorp/semgrep (returntocorp/semgrep)

v1.46.0

Compare Source

Added
  • semgrep install-semgrep-pro now takes an optional --custom-binary flag to install the specified semgrep-core-proprietary binary rather than downloading it. (custom-pro-binary)
Fixed

  • pyproject.toml parser now handles optional newlines right after section headers. (gh-10879)

  • Updated the parsers for poetry.lock, pipfile.lock, and requirements.txt to ignore case sensitivity from package names.
    This matches their respective specifications. Test cases were added to account for this change. (gh-8984)

  • Reduced the limits for the prefilter optimization so that rules that cause
    computing the prefilter to blow up will abort more quickly. This improves
    performance by 2-3 seconds for each of the slowest rules. May cause a
    slowdown if a rule that previously could be filtered out no longer will be,
    but based on testing this is unlikely. (gh-9040)

  • Fixed issue where conditional expressions aren't handled properly in expression based language.

    Rust example:

    Before:

    fn expr_stmt_if(c) {
  y = 0;
  x = if c { y = 1 };

  // Before: this matches when it shouldn't because y is not always 1.
  // After: this does not match, which is the correct behavior.
  y == 1;
}
``` (pa-3205)

  • Fixed type error in creation of DependencyParserError object in the pnpm-lock.yaml parser (sc-1115)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot enabled auto-merge October 24, 2023 20:17
@github-actions
Copy link
Contributor

Test results

16 tests  ±0   16 ✔️ ±0   0s ⏱️ ±0s
  2 suites ±0     0 💤 ±0 
  1 files   ±0     0 ±0 

Results for commit 232eb35. ± Comparison against base commit 5a690b4.

@github-actions
Copy link
Contributor

Pull Request Test Coverage Report for Build 6632097587

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 43.064%
Totals Coverage Status
Change from base Build 6630747851: 0.0%
Covered Lines: 298
Relevant Lines: 692
💛 - Coveralls

@renovate renovate bot merged commit 7c91948 into main Oct 24, 2023
17 checks passed
@renovate renovate bot deleted the renovate/returntocorp-semgrep-1.x branch October 24, 2023 20:22
@kristof-mattei
Copy link
Owner

🎉 This PR is included in version 1.2.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@kristof-mattei