Added
- Support for matching multiple arguments with a metavariable (#3009)
This is done with a 'spread metavariable' operator that looks like
$...ARGS. This used to be available only for JS/TS and is now available
for the other languages (Python, Java, Go, C, Ruby, PHP, and OCaml). - A new
--optimizations [STR]command-line flag to turn on/off some
optimizations. Use 'none' to turn off everything and 'all' to turn on
everything.
Just using--optimizationsis equivalent to--optimizations all, and
not using--optimizationsis equivalent to--optimizations none. - JS/TS: Support '...' inside JSX text to match any text, as in
<a href="foo">...</a>(#2963) - JS/TS: Support metavariables for JSX attribute values, as in
<a href=$X>some text</a>(#2964)
Fixed
- Python: correctly parsing fstring with multiple colons
- Ruby: better matching for interpolated strings (#2826 and #2949)
- Ruby: correctly matching numbers
Changed
- Add required executionSuccessful attribute to SARIF output (#2983)
Thanks to Simon Engledew - Remove jsx and tsx from languages, just use javascript or typescript (#3000)
- Add limit max characters in output line (#2958) and add
flag to control maxmium characters (defaults to 160).
Thanks to Ankush Menat