Conversation
Used by: semgrep/semgrep-proprietary#3437. Won't merge until the PR that uses it also is approved. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
I don't like polymorphic variants (`Xxx) and prefer classic variants. Also rename transitivity to dependency_kind test plan: see related PR in semgrep - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
pattern-sinks:
- patterns:
- pattern: $OBJ.foo($SINK, $ARG1)
- focus-metavariable: $SINK
requires:
- $SINK: TAINT
- $OBJ: OBJ
- $ARG1: ARG1
Required-by: semgrep/semgrep-proprietary#3414
Previously, TR assumed that all source code for a dependency was contained in a single folder. However, pip unpacks packages into potentially multiple folders. To support `uv` and other python package managers, we need to allow specifying source files directly. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
test plan: see related PR in semgrep - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
This is to support the new `--semgrepignore-filename` option: semgrep/semgrep-proprietary#3680 - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
Context at: semgrep/semgrep-proprietary#3898 - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
I'm adding a Bun lockfile matcher, which needed an update to `semgrep-interfaces`. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
…(#381) this adds a new parameter to control whether the transitive reachability scan uses the cache since we haven't rolled out the transitive reachability logic yet, I don't *think* we need to worry about backwards compatibility; if we do, we can presumably just give the new parameter a default value of `true` - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
Adds another checkbox to remind people to ensure that their accompanying semgrep-pro PRs are ready to merge before merging the semgrep-interfaces PR. This will hopefully help avoid situations where later changes to semgrep-interfaces cannot be used in semgrep-pro. - [ ] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [ ] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
…(#382) This adds a lot of ppx_deriving.ord annotations allowing us to sort results deterministically as opposed to the lazy approach where we'd omit fields when sorting a list of results. No types have changed. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
Adds information about subprojects and dependency resolution to the scan JSON output. This is intended to be available only for logged-in users. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [x] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged --------- Co-authored-by: Claude <noreply@anthropic.com>
Adds a feature to allow enabling TR from the app. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [ ] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
As discussed in SAF-2057, semgrep_app will use this flag to indicate to the CLIs when FIPS-compliant hashing is required for, in particular, match-based IDs. test plan: this has been run locally with semgrep-app and semgrep-core (details [here](semgrep/semgrep-proprietary#4080).) Since the change to the IDL files is only an optional field, we should be backward-compatible with previous versions. The accompanying changes for [semgrep-proprietary](https://github.com/semgrep/semgrep-proprietary/actions/runs/15693843980/job/44214806689?pr=4080) and [semgrep-app](semgrep/semgrep-app#21648) will not be merged until this PR is merged. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [x] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
The original implementation of SAF-2057 tracked `fips_mode` in `core_match_extra`, but this was removed during the review process; the interfaces submodule was only updated locally but the change was never pushed up. This patch does so. This flag was never used by any semgrep releases so is safe to remove. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [x] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
…ring (#375) The ppath of a target file is its path relative to the project root identified on the OCaml side during target discovery (`Find_targets` module). It is now returned to pysemgrep so that rule filtering based on the paths.include/exclude patterns can take place correctly (as per the Semgrepignore/Gitignore spec) on the ppaths in Python and then again in OCaml when the targets are sent to semgrep-core. Goes with semgrep/semgrep-proprietary#3859 - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
We want to calculate the merge base via the app (and SCM connections), when doing a diff scan, if possilbe. This PR adds two fields, one to send what the head commit of the base branch is, and one to optionally receive the merge base from the app.
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check)
- [x] I made sure we're still backward compatible with old versions of the CLI.
For example, the Semgrep backend need to still be able to *consume* data
generated by Semgrep 1.50.0.
See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades
Note that the types related to the semgrep-core JSON output or the
semgrep-core RPC do not need to be backward compatible!
- [x] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
…395) Copy of semgrep/semgrep-interfaces#393 since it seems permissions are needed to post the comment. This will unblock the PR, and we can figure out how to fix it for next time - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [x] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
### Description To reduce CLI scan startup times, we are going to compress the scan config before sending it from the backend to the CLI. In order to be backwards compatible, we are adding an optional `compress_config` parameter so the CLI clients can opt in to response compression when they upgrade. ### Testing Working on a local semgrep CLI -> local Semgrep app test for this change. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [ ] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
Off by one on the comment. - [ ] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [ ] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [ ] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
Adds statistics about prefiltering to the quick profiling stats Iago recently added.
### Description Reverting semgrep/semgrep-interfaces#397 because we have a better solution that does not need this parameter. I talked with @salolivares and we think this might be fine even though it's not backwards compatible because neither the server nor the CLI ever actually started using this parameter. But I'm actually not 100% on if it's ok to make a non backwards compatible change even if the parameter was never set or read by anyone so I'd be interested to hear from someone who could confirm that. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [ ] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged - semgrep/semgrep-app#23008 - semgrep/semgrep-proprietary#4481
…ontributor processing (#401) # Description To support processing contributors, we want to associate each contribution with the driving scan for billing. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [N/A] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
…ace (#402) We were previously relying on the caller of this RPC to only call it when `allow-local-builds` was enabled. But as we start to do more non-dynamic lockfile parsing in OCaml, this becomes less feasible and more prone to mistakes. This PR passes the flag through the RPC call so that the OCaml code can decide itself which resolution method to use. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [x] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
- [x] I ran `make setup && make`to update the generated code after editing a `.atd`file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to _consume_data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [x] Any accompanying changes in `semgrep-proprietary`are approved and ready to merge once this PR is merged
- [X] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [X] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [X] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged SAF-1953
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check)
- [x] I made sure we're still backward compatible with old versions of the CLI.
For example, the Semgrep backend need to still be able to *consume* data
generated by Semgrep 1.50.0.
See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades
Note that the types related to the semgrep-core JSON output or the
semgrep-core RPC do not need to be backward compatible!
- [ ] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [x] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [ ] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
### Description Working on improving performance of scans that include SCA rules by allowing the CLI to pre-scan a repo to determine what packages and ecosystems are in use and providing those as filter options to dramatically reduce the number of rules returned. ### Testing Working E2E locally with `semgrep-app` and `semgrep-proprietary` pointing at this branch - `semgrep-app` PR semgrep/semgrep-app#23424 - `semgrep-proprietary` PR semgrep/semgrep-proprietary#4623
I couldn't revert this normally through github for some reason 🤷 - [X] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [X] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [X] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to _consume_ data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [ ] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [x] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to _consume_ data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [ ] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged PR in `semgrep-proprietary`: semgrep/semgrep-proprietary#4810
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to _consume_ data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [ ] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged PR in `semgrep-proprietary`: semgrep/semgrep-proprietary#4823
- [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check)
- [x] I made sure we're still backward compatible with old versions of the CLI.
For example, the Semgrep backend need to still be able to *consume* data
generated by Semgrep 1.50.0.
See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades
Note that the types related to the semgrep-core JSON output or the
semgrep-core RPC do not need to be backward compatible!
- [ ] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
…ep (#419) This is for supporting the `--x-simple-profiling` [option in pysemgrep](https://app.graphite.com/github/pr/semgrep/semgrep-proprietary/4941/Add---simple-profiling-option-to-pysemgrep) which collects and aggregates profiling results from semgrep-core. - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! - [x] Any accompanying changes in `semgrep-proprietary` are approved and ready to merge once this PR is merged
Update main branch with latest changes from semgrep/semgrep-interfaces
mtmvu
approved these changes
Nov 18, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
make setup && maketo update the generated code after editing a.atdfile (TODO: have a CI check)For example, the Semgrep backend need to still be able to consume data
generated by Semgrep 1.50.0.
See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades
Note that the types related to the semgrep-core JSON output or the
semgrep-core RPC do not need to be backward compatible!