Added
- Support for method chaining patterns in Python, Golang, Ruby,
and C# (#4300), so all GA languages now have method chaining - Scala: translate infix operators to generic AST as method calls,
so$X.map($F)matchesxs map f - PHP: support method patterns (#4262)
Changed
- Add
profiling_timesobject in--time --jsonoutput for more fine
grained visibility into slow parts of semgrep - Constant propagation: Any kind of Python string (raw, byte, or unicode) is
now evaluated to a string literal and can be matched by"..."(#3881)
Fixed
- Ruby: blocks are now represented with an extra function call in Generic so that
bothf(...)andf($X)correctly matchf(x)inf(x) { |n| puts n }(#3880) - Apply generic filters excluding large files and binary files to
'generic' and 'regex' targets as it was already done for the other
languages. - Fix some Stack_overflow when using -filter_irrelevant_rules (#4305)
- Dataflow: When a
switchhad no other statement following it, and the last
statement of theswitch'sdefaultcase was a statement, such asthrow,
that can exit the execution of the current function, this causedbreak
statements within theswitchto not be resolved during the construction of
the CFG. This could led to e.g. constant propagation incorrectly flagging
variables as constants. (#4265)