Kurt Boberg
Kurt Boberg
**Describe the bug** Semgrep does not appear to handle metavariables in Python decorators correctly. I would expect to be able to capture e.g. a Flask route as such: ``` $F...
**Describe the bug** YAML parser doesn't completely capture literal metavariables For a pattern: ```yaml pattern: | cwe: - "$A" ``` with a target ```yaml cwe: - 'CWE-94: Improper Control of...
**Describe the bug** #9598 introduced a regression where pre-commit configs were not being ignored by `semgrep --validate --config` **To Reproduce** Run `semgrep --validate --config .` in the root of https://github.com/semgrep/semgrep-rules...
**Describe the bug** Semgrep's Java parser does not treat e.g. 999L as a numerical value when doing comparisons. This is the "correct" way to express a Java long as an...
**Describe the bug** Test annotations with inline PHP: `` appear to parse with the terminating `?>` expression. Playground results don't seem to reproduce this error: https://semgrep.dev/playground/s/wdLW0 However, the CLI is...
## Pull Request (PR) Checklist **Short Description**: Refactor the Postgres datastore delete implementation to use parameterized queries. **Issue(s) Linked**: N/A **Branch**: Branch in fork: https://github.com/kurt-r2c/chatgpt-retrieval-plugin/tree/kb/postgres-delete-parameterized-query **Code Changes & Tests**: Minimal...
### Describe the bug On OS X Ventura (13.0) or later, the Courier font is missing its `OS/2` table, probably due to licensing decisions made by Apple. This causes the...
**Describe the bug** Semgrep throws an error when parsing (valid) python 3.11 patterns using error groups. Additionally, it throws a non-blocking error parsing 3.11 *targets* using error groups. https://peps.python.org/pep-0654/ **To...
**Describe the bug** Parser engine throws up when parsing patterns with explicit private attributes, e.g. ```yaml rules: - id: parser-doesnt-like-private-attributes pattern: | #$ATTR(...) { ... } message: Semgrep found a...
**Describe the bug** When running a rule with a `languages` list with `generic` and at least one other language causes a parser error with: `invalid language unsupported language: generic` **To...