Added
- Experimental support for Typescript (with -lang ts). You can currently
mainly use the Javascript subset of Typescript in patterns, as well
as type annotations in variable declarations or parameters. - Ability to read target contents from stdin by specifying "-" target.
Changed
- You can now specify timeouts using floats instead of integers
(e.g., semgrep -timeout 0.5 will timeout after half a second)
Fixed
- We now respect the -timeout when analyzing languages which have
both a Tree-sitter and pfff parser (e.g., Javascript, Go).