pypi semgrep 1.66.0
Release v1.66.0

latest releases: 1.95.0, 1.94.0, 1.93.0...
7 months ago

1.66.0 - 2024-03-19

Added

  • Added information about interfile pre-processing to --max-memory help. (gh-9932)
  • We've implemented basic support for the yield keyword in Python. The Pro
    engine now detects taint findings from taint sources returned by the yield
    keyword. (saf-281)

Changed

  • osemgrep --remote will no longer clone into a tmp folder, but instead the CWD (cdx-remote)

  • [IMPORTANT] Inter-file differential scanning is now enabled for all Pro users.

    Inter-file differential scanning is now enabled for all Pro users. While it may
    take longer than intra-file differential scanning, which is the current default
    for pro users, it offers deeper analysis of dataflow paths compared to
    intra-file differential scanning. Additionally, it is significantly faster
    than non-differential inter-file scanning, with scan times reduced to
    approximately 1/10 of the non-differential inter-file scan. Users who
    enable the pro engine and engage in differential PR scans on GitHub or
    GitLab may experience the impact of this update. If needed, users can
    revert to the previous intra-file differential scan behavior by configuring
    the --no-interfile-diff-scan command-line option. (saf-268)

Fixed

  • The official semgrep docker image does not contain anymore the
    bash, jq, and curl utilities, to reduce its attack surface. (saf-861)

Don't miss a new semgrep release

NewReleases is sending notifications on new releases.