diff --git a/semgrep_output_v1.atd b/semgrep_output_v1.atd index e395526b..e7b2470c 100644 --- a/semgrep_output_v1.atd +++ b/semgrep_output_v1.atd @@ -1472,6 +1472,9 @@ type engine_configuration = { ~generic_slow_rollout: bool; (* from 1.63.0 *) ?historical_config: historical_configuration option; + (* from 1.93 *) + (* sent by the app to indicate that fail open should always be enabled, overriding the CLI flag. coupling: server/semgrep_app/saas/models/deployment_products_mixin.py *) + ~always_suppress_errors: bool; } (* ----------------------------- *) diff --git a/semgrep_output_v1.jsonschema b/semgrep_output_v1.jsonschema index c1647710..8c6f01c1 100644 --- a/semgrep_output_v1.jsonschema +++ b/semgrep_output_v1.jsonschema @@ -1191,7 +1191,8 @@ "generic_slow_rollout": { "type": "boolean" }, "historical_config": { "$ref": "#/definitions/historical_configuration" - } + }, + "always_suppress_errors": { "type": "boolean" } } }, "finding": { diff --git a/semgrep_output_v1.proto b/semgrep_output_v1.proto index 64b870b9..a971b37b 100644 --- a/semgrep_output_v1.proto +++ b/semgrep_output_v1.proto @@ -1,6 +1,6 @@ // Generated by jsonschema2protobuf. DO NOT EDIT! // Source file: semgrep_output_v1.jsonschema -// Source file sha256 digest: 186f2f8aa40bd01a89141e935a2a039b09ebcee089cc379fd421b87ef5b1b201 +// Source file sha256 digest: 3128533ce4295e9cf749fad9537838337aaeb44a78a3384f95e7f43238ca0562 syntax = "proto3"; @@ -470,6 +470,7 @@ message EngineConfiguration { repeated google.protobuf.Any product_ignored_files = 298217262; bool generic_slow_rollout = 78139686; HistoricalConfiguration historical_config = 66628402; + bool always_suppress_errors = 432871568; } message Finding { diff --git a/semgrep_output_v1.py b/semgrep_output_v1.py index 397e2700..f9778363 100644 --- a/semgrep_output_v1.py +++ b/semgrep_output_v1.py @@ -3196,6 +3196,7 @@ class EngineConfiguration: product_ignored_files: Optional[ProductIgnoredFiles] = None generic_slow_rollout: bool = field(default_factory=lambda: False) historical_config: Optional[HistoricalConfiguration] = None + always_suppress_errors: bool = field(default_factory=lambda: False) @classmethod def from_json(cls, x: Any) -> 'EngineConfiguration': @@ -3208,6 +3209,7 @@ def from_json(cls, x: Any) -> 'EngineConfiguration': product_ignored_files=ProductIgnoredFiles.from_json(x['product_ignored_files']) if 'product_ignored_files' in x else None, generic_slow_rollout=_atd_read_bool(x['generic_slow_rollout']) if 'generic_slow_rollout' in x else False, historical_config=HistoricalConfiguration.from_json(x['historical_config']) if 'historical_config' in x else None, + always_suppress_errors=_atd_read_bool(x['always_suppress_errors']) if 'always_suppress_errors' in x else False, ) else: _atd_bad_json('EngineConfiguration', x) @@ -3223,6 +3225,7 @@ def to_json(self) -> Any: res['generic_slow_rollout'] = _atd_write_bool(self.generic_slow_rollout) if self.historical_config is not None: res['historical_config'] = (lambda x: x.to_json())(self.historical_config) + res['always_suppress_errors'] = _atd_write_bool(self.always_suppress_errors) return res @classmethod diff --git a/semgrep_output_v1.ts b/semgrep_output_v1.ts index 5d6ac55f..606cd073 100644 --- a/semgrep_output_v1.ts +++ b/semgrep_output_v1.ts @@ -669,6 +669,7 @@ export type EngineConfiguration = { product_ignored_files?: ProductIgnoredFiles; generic_slow_rollout: boolean; historical_config?: HistoricalConfiguration; + always_suppress_errors: boolean; } export type Finding = { @@ -2940,6 +2941,7 @@ export function writeEngineConfiguration(x: EngineConfiguration, context: any = 'product_ignored_files': _atd_write_optional_field(writeProductIgnoredFiles, x.product_ignored_files, x), 'generic_slow_rollout': _atd_write_field_with_default(_atd_write_bool, false, x.generic_slow_rollout, x), 'historical_config': _atd_write_optional_field(writeHistoricalConfiguration, x.historical_config, x), + 'always_suppress_errors': _atd_write_field_with_default(_atd_write_bool, false, x.always_suppress_errors, x), }; } @@ -2952,6 +2954,7 @@ export function readEngineConfiguration(x: any, context: any = x): EngineConfigu product_ignored_files: _atd_read_optional_field(readProductIgnoredFiles, x['product_ignored_files'], x), generic_slow_rollout: _atd_read_field_with_default(_atd_read_bool, false, x['generic_slow_rollout'], x), historical_config: _atd_read_optional_field(readHistoricalConfiguration, x['historical_config'], x), + always_suppress_errors: _atd_read_field_with_default(_atd_read_bool, false, x['always_suppress_errors'], x), }; } diff --git a/semgrep_output_v1_j.ml b/semgrep_output_v1_j.ml index 4980cbf8..85b3d2f3 100644 --- a/semgrep_output_v1_j.ml +++ b/semgrep_output_v1_j.ml @@ -287,7 +287,8 @@ type engine_configuration = Semgrep_output_v1_t.engine_configuration = { ignored_files: string list; product_ignored_files: product_ignored_files option; generic_slow_rollout: bool; - historical_config: historical_configuration option + historical_config: historical_configuration option; + always_suppress_errors: bool } type scan_response = Semgrep_output_v1_t.scan_response = { @@ -10432,6 +10433,15 @@ let write_engine_configuration : _ -> engine_configuration -> _ = ( ) ob x; ); + if !is_first then + is_first := false + else + Buffer.add_char ob ','; + Buffer.add_string ob "\"always_suppress_errors\":"; + ( + Yojson.Safe.write_bool + ) + ob x.always_suppress_errors; Buffer.add_char ob '}'; ) let string_of_engine_configuration ?(len = 1024) x = @@ -10449,6 +10459,7 @@ let read_engine_configuration = ( let field_product_ignored_files = ref (None) in let field_generic_slow_rollout = ref (false) in let field_historical_config = ref (None) in + let field_always_suppress_errors = ref (false) in try Yojson.Safe.read_space p lb; Yojson.Safe.read_object_end lb; @@ -10514,6 +10525,14 @@ let read_engine_configuration = ( -1 ) ) + | 22 -> ( + if String.unsafe_get s pos = 'a' && String.unsafe_get s (pos+1) = 'l' && String.unsafe_get s (pos+2) = 'w' && String.unsafe_get s (pos+3) = 'a' && String.unsafe_get s (pos+4) = 'y' && String.unsafe_get s (pos+5) = 's' && String.unsafe_get s (pos+6) = '_' && String.unsafe_get s (pos+7) = 's' && String.unsafe_get s (pos+8) = 'u' && String.unsafe_get s (pos+9) = 'p' && String.unsafe_get s (pos+10) = 'p' && String.unsafe_get s (pos+11) = 'r' && String.unsafe_get s (pos+12) = 'e' && String.unsafe_get s (pos+13) = 's' && String.unsafe_get s (pos+14) = 's' && String.unsafe_get s (pos+15) = '_' && String.unsafe_get s (pos+16) = 'e' && String.unsafe_get s (pos+17) = 'r' && String.unsafe_get s (pos+18) = 'r' && String.unsafe_get s (pos+19) = 'o' && String.unsafe_get s (pos+20) = 'r' && String.unsafe_get s (pos+21) = 's' then ( + 7 + ) + else ( + -1 + ) + ) | _ -> ( -1 ) @@ -10582,6 +10601,14 @@ let read_engine_configuration = ( ) ); ) + | 7 -> + if not (Yojson.Safe.read_null_if_possible p lb) then ( + field_always_suppress_errors := ( + ( + Atdgen_runtime.Oj_run.read_bool + ) p lb + ); + ) | _ -> ( Yojson.Safe.skip_json p lb ) @@ -10651,6 +10678,14 @@ let read_engine_configuration = ( -1 ) ) + | 22 -> ( + if String.unsafe_get s pos = 'a' && String.unsafe_get s (pos+1) = 'l' && String.unsafe_get s (pos+2) = 'w' && String.unsafe_get s (pos+3) = 'a' && String.unsafe_get s (pos+4) = 'y' && String.unsafe_get s (pos+5) = 's' && String.unsafe_get s (pos+6) = '_' && String.unsafe_get s (pos+7) = 's' && String.unsafe_get s (pos+8) = 'u' && String.unsafe_get s (pos+9) = 'p' && String.unsafe_get s (pos+10) = 'p' && String.unsafe_get s (pos+11) = 'r' && String.unsafe_get s (pos+12) = 'e' && String.unsafe_get s (pos+13) = 's' && String.unsafe_get s (pos+14) = 's' && String.unsafe_get s (pos+15) = '_' && String.unsafe_get s (pos+16) = 'e' && String.unsafe_get s (pos+17) = 'r' && String.unsafe_get s (pos+18) = 'r' && String.unsafe_get s (pos+19) = 'o' && String.unsafe_get s (pos+20) = 'r' && String.unsafe_get s (pos+21) = 's' then ( + 7 + ) + else ( + -1 + ) + ) | _ -> ( -1 ) @@ -10719,6 +10754,14 @@ let read_engine_configuration = ( ) ); ) + | 7 -> + if not (Yojson.Safe.read_null_if_possible p lb) then ( + field_always_suppress_errors := ( + ( + Atdgen_runtime.Oj_run.read_bool + ) p lb + ); + ) | _ -> ( Yojson.Safe.skip_json p lb ) @@ -10735,6 +10778,7 @@ let read_engine_configuration = ( product_ignored_files = !field_product_ignored_files; generic_slow_rollout = !field_generic_slow_rollout; historical_config = !field_historical_config; + always_suppress_errors = !field_always_suppress_errors; } : engine_configuration) ) diff --git a/semgrep_output_v1_j.mli b/semgrep_output_v1_j.mli index e7102ccd..1bf81594 100644 --- a/semgrep_output_v1_j.mli +++ b/semgrep_output_v1_j.mli @@ -287,7 +287,8 @@ type engine_configuration = Semgrep_output_v1_t.engine_configuration = { ignored_files: string list; product_ignored_files: product_ignored_files option; generic_slow_rollout: bool; - historical_config: historical_configuration option + historical_config: historical_configuration option; + always_suppress_errors: bool } type scan_response = Semgrep_output_v1_t.scan_response = {