semgrep{,-core}: Update to 0.107.0

[Leonardo Taccari <leot%NetBSD.org@localhost>]

Module Name:	pkgsrc-wip
Committed By:	Leonardo Taccari <leot%NetBSD.org@localhost>
Pushed By:	leot
Date:		Wed Aug 3 17:39:44 2022 +0200
Changeset:	1e61bb44bcd3bf8c49dc3a8f826ad0172740e00b

Modified Files:
	semgrep-core/Makefile
	semgrep/Makefile
	semgrep/PLIST
	semgrep/distinfo

Log Message:
semgrep{,-core}: Update to 0.107.0

Changes:

- Added metadata in App-connected scans to report extensions of
  files that do not match the language of any enabled rules in order
  to enable more effective language prioritization while developing
  new rules.
- Support fail-open in CI: adds --suppress-errors/--no-suppress-errors
  (defaults to --no-suppress-errors)
- New language Elixir with experimental support. (gh-3698)
- Kotlin: support for ellipsis in field access (e.g., `obj. ... .bar()`)
- Changed `semgrep-core` so that it can now be run with `-rules` on `.yaml`
  files which do not have a top-level `rules: ...` key. This means you can now
  copy paste from the playground editor directly into a `.yaml` file for use
  with `semgrep-core`.
- Add experimental support for _taint labels_, that is the ability to attach
  labels to different kinds of taint. Both sources and sinks can retrict what
  labels are present in the data that passes through them in order to apply.
  This allows to write more complex taint rules that previously required ugly
  workarounds. Taint labels are also useful for writing certain classes of
  typestate analyses (e.g., check that a file descriptor is not used after
  being closed).
- Introduced the `--dataflow-traces` flag, which directs the Semgrep CLI to
  explain how non-local values lead to a finding. Currently, this only applies
  to taint mode findings and it will trace the path from the taint source to
  the taint sink.

- Made breaking changes to the dataflow_trace JSON output to make
  it more easily consumable by the App. Added content for taint_source
  and intermediate_vars, and collapsed the multile taint_source
  locations into one.
- Removed the unique_id field from the semgrep (and semgrep-core) JSON output
  for metavariables.

- Fixed format of repository urls so links to findings can be properly
  displayed on semgrep.dev
- Scala: Allow metavariables in `import` patterns
- Rules reported for LSP metrics now are hashed before sending
- `-filter_irrelevant_rules` was incorrectly skipping files when
  the PCRE engine threw an error, while trying to match a regex
  that determines whether a rule is relevant for a file. This has
  been fixed so that, in case of a PCRE error, we assume that the
  rule could be relevant and we do run it on the file.

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=1e61bb44bcd3bf8c49dc3a8f826ad0172740e00b

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 semgrep-core/Makefile | 2 +-
 semgrep/Makefile      | 2 +-
 semgrep/PLIST         | 3 +++
 semgrep/distinfo      | 6 +++---
 4 files changed, 8 insertions(+), 5 deletions(-)

diffs:
diff --git a/semgrep-core/Makefile b/semgrep-core/Makefile
index a058f33a71..a475ede9cf 100644
--- a/semgrep-core/Makefile
+++ b/semgrep-core/Makefile
@@ -1,6 +1,6 @@
 # $NetBSD$
 
-DISTNAME=	semgrep-core-0.106.0
+DISTNAME=	semgrep-core-0.107.0
 PKGREVISION=	0
 CATEGORIES=	devel
 MASTER_SITES=	${MASTER_SITE_GITHUB:=returntocorp/}
diff --git a/semgrep/Makefile b/semgrep/Makefile
index 0c7a9cf48f..5f4314a509 100644
--- a/semgrep/Makefile
+++ b/semgrep/Makefile
@@ -1,6 +1,6 @@
 # $NetBSD$
 
-DISTNAME=	semgrep-0.106.0
+DISTNAME=	semgrep-0.107.0
 CATEGORIES=	devel python
 MASTER_SITES=	${MASTER_SITE_PYPI:=s/semgrep/}
 
diff --git a/semgrep/PLIST b/semgrep/PLIST
index f2d8c5a788..1bcff54034 100644
--- a/semgrep/PLIST
+++ b/semgrep/PLIST
@@ -112,6 +112,9 @@ ${PYSITELIB}/semgrep/env.pyo
 ${PYSITELIB}/semgrep/error.py
 ${PYSITELIB}/semgrep/error.pyc
 ${PYSITELIB}/semgrep/error.pyo
+${PYSITELIB}/semgrep/error_handler.py
+${PYSITELIB}/semgrep/error_handler.pyc
+${PYSITELIB}/semgrep/error_handler.pyo
 ${PYSITELIB}/semgrep/external/__init__.py
 ${PYSITELIB}/semgrep/external/__init__.pyc
 ${PYSITELIB}/semgrep/external/__init__.pyo
diff --git a/semgrep/distinfo b/semgrep/distinfo
index 345f32fff2..4755a3c2ea 100644
--- a/semgrep/distinfo
+++ b/semgrep/distinfo
@@ -1,5 +1,5 @@
 $NetBSD$
 
-BLAKE2s (semgrep-0.106.0.tar.gz) = 25e10c544cf74cf845cbb46a850b385b3b969b5584fb5516f19d2088b5bfcc24
-SHA512 (semgrep-0.106.0.tar.gz) = ea7b6f9678fa4e6c5f03b77db566ba9030327ff2f777aa1de11e5ba5bc7003ba28730b06c2b5f7310ef3f33fdb713d8a881d1aa647c2332a16e4f33ac1927f16
-Size (semgrep-0.106.0.tar.gz) = 180965 bytes
+BLAKE2s (semgrep-0.107.0.tar.gz) = 95bd94d6e76b968f4cd2aa1607feee6781668a934523ecf0086d464667bcfa8b
+SHA512 (semgrep-0.107.0.tar.gz) = 2bfafe68dbae9c8ee87819c7ba5699ccb0d70c6c689f91ce6c97c220ceda2ae3d9c83806e5f6ce6e0f8e49157137b4a4459b6a687b7d303c0931b1d0ace5f2cf
+Size (semgrep-0.107.0.tar.gz) = 183597 bytes