Merged
Conversation
corneliuhoffman
approved these changes
Dec 10, 2025
Contributor
corneliuhoffman
left a comment
There was a problem hiding this comment.
Happy with it, maybe just add a let with another pattern to the test and call this G.faske "pattern" or something
| | Some (rules, target, xlang) -> ( | ||
| (* expected *) | ||
| (* not tororuleid! not ok:! not todook: | ||
| (* not todoruleid! not ok:! not todook: |
src/analyzing/AST_to_IL.ml
Outdated
| (* Convert to switch(e) { pat -> if_branch, _ -> else_branch }. *) | ||
| let cond_opt = Some (G.Cond e) in | ||
| let if_case_and_body = | ||
| G.CasesAndBody ([ G.Case (G.fake "some", pat) ], st1) |
Contributor
There was a problem hiding this comment.
seems to me this is specially for a Some pattern no? what if it is a different pattern?
Contributor
There was a problem hiding this comment.
In fact I just realised that these are fine bc of Naming ... I only object to the "some" here :)
Collaborator
Author
There was a problem hiding this comment.
I just call it "case" now, it does not matter what name it has, and there is a function in Generic AST that uses that name.
For tainting to work, we treat Rust's LetCond, for example in
code like `if let Some(x) = e {if_branch} else {else_branch}`,
similarly to a LetPattern.
Specifically, the above `If` becomes a `G.Switch` with a condition on
`e`, then a pattern `Some(x) => if_branch` and `G.PatWilcard =>
else_branch`.
The tainting_rules test were not running.
ae7369b to
184a394
Compare
Merged
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this pull request
Dec 18, 2025
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [opengrep/opengrep](https://github.com/opengrep/opengrep) | minor | `v1.12.1` -> `v1.13.2` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>opengrep/opengrep (opengrep/opengrep)</summary> ### [`v1.13.2`](https://github.com/opengrep/opengrep/releases/tag/v1.13.2): Opengrep 1.13.2 [Compare Source](opengrep/opengrep@v1.13.1...v1.13.2) #### Improvements - C#: Add matching on function argument modifiers (ref, in, scoped, etc.) by [@​maciejpirog](https://github.com/maciejpirog) in [#​494](opengrep/opengrep#494) - C#: Support extension blocks by [@​maciejpirog](https://github.com/maciejpirog) in [#​496](opengrep/opengrep#496) #### Release process - Validate tag input on release by [@​lae](https://github.com/lae) in [#​493](opengrep/opengrep#493) **Full Changelog**: <opengrep/opengrep@v1.13.1...v1.13.2> ### [`v1.13.1`](https://github.com/opengrep/opengrep/releases/tag/v1.13.1): Opengrep 1.13.1 [Compare Source](opengrep/opengrep@v1.12.1...v1.13.1) #### Improvements - Improve handling of patterns and `AST_to_IL` translation by [@​dimitris-m](https://github.com/dimitris-m) in [#​483](opengrep/opengrep#483) - Improve rust tainting by [@​dimitris-m](https://github.com/dimitris-m) in [#​485](opengrep/opengrep#485) - Dump generic AST to HTML by [@​maciejpirog](https://github.com/maciejpirog) in [#​484](opengrep/opengrep#484) - Modernise C# by [@​maciejpirog](https://github.com/maciejpirog) in [#​487](opengrep/opengrep#487) #### Bug fixes - Fix for kotlin double-annotation bug by [@​maciejpirog](https://github.com/maciejpirog) in [#​480](opengrep/opengrep#480) - Fix PCRE2 test making OSX build fail by [@​dimitris-m](https://github.com/dimitris-m) in [#​486](opengrep/opengrep#486) - Fix: in `LetPattern(pat, e)`, `e` should be visited first by [@​dimitris-m](https://github.com/dimitris-m) in [#​488](opengrep/opengrep#488) #### CI fixes - Force python 3.13 for osx binary workflow by [@​dimitris-m](https://github.com/dimitris-m) in [#​490](opengrep/opengrep#490) ##### Notes - Version 1.13.0 ([#​489](opengrep/opengrep#489)) intentionally skipped due to CI errors, fixed in [#​490](opengrep/opengrep#490). **Full Changelog**: <opengrep/opengrep@v1.12.1...v1.13.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41Ny4xIiwidXBkYXRlZEluVmVyIjoiNDIuNTcuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiUmVub3ZhdGUgQm90Il19-->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
We now correctly propagate taint when using
if letFor example this target:
will test as expected with this rule:
Other fixes
tainting_tests/were not running.