Remove semgrep_version from project_metadata and meta from scan_reque…

…st (#333) The backend should not use those fields anymore so we can remove them. Note that even if old versions of semgrep are still producing those fields, it is fine because when the backend is consuming the JSON, any unknown field is skipped and those fields should not be used anymore. test plan: see related PR in semgrep - [x] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [x] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible! Co-authored-by: pad <[email protected]>
semgrep · Jan 16, 2025 · 41bdd7f · 41bdd7f
1 parent 147dcde
commit 41bdd7f
Show file tree

Hide file tree

Showing 7 changed files with 141 additions and 258 deletions.
diff --git a/semgrep_output_v1.atd b/semgrep_output_v1.atd
@@ -100,6 +100,8 @@ type uuid = string wrap <ocaml module="ATD_string_wrap.Uuidm">
 (* RFC 3339 format *)
 type datetime = string wrap <ocaml module="ATD_string_wrap.Datetime">
 
+type glob = string
+
 (*****************************************************************************)
 (* Versioning *)
 (*****************************************************************************)
@@ -494,6 +496,7 @@ type match_intermediate_var <python decorator="dataclass(frozen=True)"> = {
 (* both ecosystem and transitivity below have frozen=True so the generated
  * classes can be hashed and put in sets (see calls to reachable_deps.add()
  * in semgrep SCA code)
+ * TODO: use <ocaml repr="classic">, and do the same for manifest
  *)
 type ecosystem
     <python decorator="dataclass(frozen=True)">
@@ -595,6 +598,7 @@ type dependency_child <python decorator="dataclass(frozen=True)"> = {
  * the validity of a finding. No_validator is currently also used when no
  * validation has yet occurred, which if that becomes confusing we
  * could adjust that, by adding another state.
+ * TODO: use <ocaml repr="classic">
 *)
 type validation_state
     <ocaml attr="deriving show, eq">
@@ -948,7 +952,7 @@ type cli_output_extra = {
 
 type config_error_reason = [
   | UnparsableRule <json name="unparsable_rule">
-]
+] <ocaml repr="classic">
 
 type config_error = {
   file: fpath;
@@ -1291,8 +1295,6 @@ type engine_configuration = {
     ~always_suppress_errors: bool;
 }
 
-type glob = string
-
 type product_ignored_files = (product * glob list) list
   (* We omit the usual <json repr="object"> otherwise we get a
    * "keys must be strings" error *)
@@ -1319,18 +1321,9 @@ type deployment_response = {
 
 (* Sent by the CLI to the POST /api/cli/scans to create a scan. *)
 type scan_request = {
-    (* added in 1.43 as options, and mandatory since 1.100.0 (replacing meta) *)
     project_metadata: project_metadata;
     scan_metadata: scan_metadata;
-
-    (* added in 1.43 *)
     ?project_config: ci_config_from_repo option;
-
-    (* deprecated: moved as an option in 1.100.0 and was duplicative of
-     * information in project_metadata and scan_metadata since 1.43.0
-     * old: 'meta: project_metadata;' before 1.43
-     *)
-    ?meta: raw_json option;
 }
 
 (* Collect information about a project from the environment, filesystem,
@@ -1340,9 +1333,6 @@ type scan_request = {
  * clearer (while still being backward compatible)
  *)
 type project_metadata = {
-    (* TODO: deprecate in favor of scan_metadata.cli_version *)
-    semgrep_version: version;
-
     (* TODO: use enum with <json name="..."> *)
     (* "git" | "github-actions" | "gitlab-ci" | "circleci"
      * "jenkins" | "bitbucket" | "azure-pipelines" | "buildkite" | "travis-ci"
@@ -1657,6 +1647,7 @@ type dependency_parser_error = {
 
 (* json names are to maintain backwards compatibility with the python enum it
  * is replacing
+ * TODO: use <ocaml repr="classic">
  *)
 type sca_parser_name = [
   | Gemfile_lock <json name="gemfile_lock">
@@ -2015,6 +2006,7 @@ type lockfile_kind
     | ConanLock
 ] <ocaml repr="classic">
 
+(* TODO: use <ocaml repr="classic"> *)
 type manifest_kind 
   <ocaml attr="deriving show, eq">
   <python decorator="dataclass(frozen=True)"> =

diff --git a/semgrep_output_v1.jsonschema b/semgrep_output_v1.jsonschema
diff --git a/semgrep_output_v1.proto b/semgrep_output_v1.proto
diff --git a/semgrep_output_v1.py b/semgrep_output_v1.py
diff --git a/semgrep_output_v1.ts b/semgrep_output_v1.ts