From 1746c0ca89b46866db4d9ea12f719ce285a513d9 Mon Sep 17 00:00:00 2001 From: Branch Vincent Date: Sun, 7 Jul 2024 14:12:29 -0700 Subject: [PATCH 1/2] semgrep 1.82.0 Brew in linux doesn't seem compatible with opam. I believe opam uses the system's default package manager to check dependencies. So in this case, brew on linux installs dependencies, but opam thinks that they're not installed and gives an error. Worked around this by only checking dependencies on macos. Not ideal for linux, but if it's missing a dependency, the build should fail, and if the build doesn't fail, then brew test should fail. Co-authored-by: Amarin Phaosawasdi --- Formula/s/semgrep.rb | 138 +++++++++++++++++++++++++++++++++++-------- 1 file changed, 114 insertions(+), 24 deletions(-) diff --git a/Formula/s/semgrep.rb b/Formula/s/semgrep.rb index 094337ccdd84f..b655e596de9ed 100644 --- a/Formula/s/semgrep.rb +++ b/Formula/s/semgrep.rb @@ -4,8 +4,8 @@ class Semgrep < Formula desc "Easily detect and prevent bugs and anti-patterns in your codebase" homepage "https://semgrep.dev" url "https://github.com/semgrep/semgrep.git", - tag: "v1.78.0", - revision: "3b7bfaad2d847d9b965f1432d4b76784bc88409b" + tag: "v1.82.0", + revision: "992e4820e315854d89d16cc064c0ac753c858ca3" license "LGPL-2.1-only" head "https://github.com/semgrep/semgrep.git", branch: "develop" @@ -38,7 +38,7 @@ class Semgrep < Formula depends_on "libev" depends_on "pcre" depends_on "pcre2" - depends_on "python@3.11" # Python 3.12 blocked by imp usage in glom < 23.4.0 + depends_on "python@3.12" depends_on "sqlite" depends_on "tree-sitter" @@ -87,9 +87,14 @@ class Semgrep < Formula sha256 "1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69" end + resource "deprecated" do + url "https://files.pythonhosted.org/packages/92/14/1e41f504a246fc224d2ac264c227975427a85caf37c3979979edb9b1b232/Deprecated-1.2.14.tar.gz" + sha256 "e5323eb936458dccc2582dc6f9c322c852a775a27065ff2b0c4970b9d53d01b3" + end + resource "exceptiongroup" do - url "https://files.pythonhosted.org/packages/a0/65/d66b7fbaef021b3c954b3bbb196d21d8a4b97918ea524f82cfae474215af/exceptiongroup-1.2.1.tar.gz" - sha256 "a4785e48b045528f5bfe627b6ad554ff32def154f42372786903b7abcfe1aa16" + url "https://files.pythonhosted.org/packages/09/35/2495c4ac46b980e4ca1f6ad6db102322ef3ad2410b79fdde159a4b0f3b92/exceptiongroup-1.2.2.tar.gz" + sha256 "47c2edf7c6738fafb49fd34290706d1a1a2f4d1c6df275526b62cbb4aa5393cc" end resource "face" do @@ -102,14 +107,24 @@ class Semgrep < Formula sha256 "1510c6587a8f9c64a246641b70033cbc5ebde99f02ad245693678038e821aeb5" end + resource "googleapis-common-protos" do + url "https://files.pythonhosted.org/packages/0b/1a/41723ae380fa9c561cbe7b61c4eef9091d5fe95486465ccfc84845877331/googleapis-common-protos-1.63.2.tar.gz" + sha256 "27c5abdffc4911f28101e635de1533fb4cfd2c37fbaa9174587c799fac90aa87" + end + resource "idna" do url "https://files.pythonhosted.org/packages/21/ed/f86a79a07470cb07819390452f178b3bef1d375f2ec021ecfc709fc7cf07/idna-3.7.tar.gz" sha256 "028ff3aadf0609c1fd278d8ea3089299412a7a8b9bd005dd08b9f8285bcb5cfc" end + resource "importlib-metadata" do + url "https://files.pythonhosted.org/packages/a0/fc/c4e6078d21fc4fa56300a241b87eae76766aa380a23fc450fc85bb7bf547/importlib_metadata-7.1.0.tar.gz" + sha256 "b78938b926ee8d5f020fc4772d487045805a55ddbad2ecf21c6d60938dc7fcd2" + end + resource "jsonschema" do - url "https://files.pythonhosted.org/packages/19/f1/1c1dc0f6b3bf9e76f7526562d29c320fa7d6a2f35b37a1392cc0acd58263/jsonschema-4.22.0.tar.gz" - sha256 "5b22d434a45935119af990552c862e5d6d564e8f6601206b305a61fdf661a2b7" + url "https://files.pythonhosted.org/packages/38/2e/03362ee4034a4c917f697890ccd4aec0800ccf9ded7f511971c75451deec/jsonschema-4.23.0.tar.gz" + sha256 "d71497fef26351a33265337fa77ffeb82423f3ea21283cd9467bb03999266bc4" end resource "jsonschema-specifications" do @@ -127,14 +142,64 @@ class Semgrep < Formula sha256 "bb413d29f5eea38f31dd4754dd7377d4465116fb207585f97bf925588687c1ba" end + resource "opentelemetry-api" do + url "https://files.pythonhosted.org/packages/df/0d/10357006dc10fc65f7c7b46c18232e466e355f9e606ac461cfc7193b4cbe/opentelemetry_api-1.25.0.tar.gz" + sha256 "77c4985f62f2614e42ce77ee4c9da5fa5f0bc1e1821085e9a47533a9323ae869" + end + + resource "opentelemetry-exporter-otlp-proto-common" do + url "https://files.pythonhosted.org/packages/37/a7/85ffaaacd712e4634fa1c56cbf79a02cf90b8a178fe1eee2cabfb0b7f44d/opentelemetry_exporter_otlp_proto_common-1.25.0.tar.gz" + sha256 "c93f4e30da4eee02bacd1e004eb82ce4da143a2f8e15b987a9f603e0a85407d3" + end + + resource "opentelemetry-exporter-otlp-proto-http" do + url "https://files.pythonhosted.org/packages/72/d9/1c3c518853c27d323a46813d3e99d601959ca2c6963d5217fe2110f0d579/opentelemetry_exporter_otlp_proto_http-1.25.0.tar.gz" + sha256 "9f8723859e37c75183ea7afa73a3542f01d0fd274a5b97487ea24cb683d7d684" + end + + resource "opentelemetry-instrumentation" do + url "https://files.pythonhosted.org/packages/0f/20/0a5d980843e048e9516443a91c63a559b40e5d50a730e73e72a5bde727fd/opentelemetry_instrumentation-0.46b0.tar.gz" + sha256 "974e0888fb2a1e01c38fbacc9483d024bb1132aad92d6d24e2e5543887a7adda" + end + + resource "opentelemetry-instrumentation-requests" do + url "https://files.pythonhosted.org/packages/f6/28/5b5e9fb74639e47f026a3fd6550bba965ca18b316a8178907540e711855c/opentelemetry_instrumentation_requests-0.46b0.tar.gz" + sha256 "ef0ad63bfd0d52631daaf7d687e763dbd89b465f5cb052f12a4e67e5e3d181e4" + end + + resource "opentelemetry-proto" do + url "https://files.pythonhosted.org/packages/c9/3c/28c9ce40eb8ab287471af81659089ca98ef4f7ce289669e23b19c29f24a8/opentelemetry_proto-1.25.0.tar.gz" + sha256 "35b6ef9dc4a9f7853ecc5006738ad40443701e52c26099e197895cbda8b815a3" + end + + resource "opentelemetry-sdk" do + url "https://files.pythonhosted.org/packages/05/3c/77076b77f1d73141adc119f62370ec9456ef314ba0b4e7072e3775c36ef7/opentelemetry_sdk-1.25.0.tar.gz" + sha256 "ce7fc319c57707ef5bf8b74fb9f8ebdb8bfafbe11898410e0d2a761d08a98ec7" + end + + resource "opentelemetry-semantic-conventions" do + url "https://files.pythonhosted.org/packages/4e/ea/a4a5277247b3d2ed2e23a58b0d509c2eafa4ebb56038ba5b23c0f9ea6242/opentelemetry_semantic_conventions-0.46b0.tar.gz" + sha256 "fbc982ecbb6a6e90869b15c1673be90bd18c8a56ff1cffc0864e38e2edffaefa" + end + + resource "opentelemetry-util-http" do + url "https://files.pythonhosted.org/packages/f0/91/45bf243850463b2c83000ca129442255eaef7c446bd0f59a2ab54b15abff/opentelemetry_util_http-0.46b0.tar.gz" + sha256 "03b6e222642f9c7eae58d9132343e045b50aca9761fcb53709bd2b663571fdf6" + end + resource "packaging" do url "https://files.pythonhosted.org/packages/51/65/50db4dda066951078f0a96cf12f4b9ada6e4b811516bf0262c0f4f7064d4/packaging-24.1.tar.gz" sha256 "026ed72c8ed3fcce5bf8950572258698927fd1dbda10a5e981cdf0ac37f4f002" end resource "peewee" do - url "https://files.pythonhosted.org/packages/1e/d4/22c2909b5a0b36e69471e699d673c2985f7691ca29870798a29e0a3d0e2b/peewee-3.17.5.tar.gz" - sha256 "e1b6a64192207fd3ddb4e1188054820f42aef0aadfa749e3981af3c119a76420" + url "https://files.pythonhosted.org/packages/bd/be/e9c886b4601a19f4c34a1b75c5fe8b98a2115dd964251a76b24c977c369d/peewee-3.17.6.tar.gz" + sha256 "cea5592c6f4da1592b7cff8eaf655be6648a1f5857469e30037bf920c03fb8fb" + end + + resource "protobuf" do + url "https://files.pythonhosted.org/packages/e8/ab/cb61a4b87b2e7e6c312dce33602bd5884797fd054e0e53205f1c27cf0f66/protobuf-4.25.4.tar.gz" + sha256 "0dc4a62cc4052a036ee2204d26fe4d835c62827c855c8a03f29fe6da146b380d" end resource "pygments" do @@ -158,8 +223,8 @@ class Semgrep < Formula end resource "rpds-py" do - url "https://files.pythonhosted.org/packages/2d/aa/e7c404bdee1db7be09860dff423d022ffdce9269ec8e6532cce09ee7beea/rpds_py-0.18.1.tar.gz" - sha256 "dc48b479d540770c811fbd1eb9ba2bb66951863e448efec2e2c102625328e92f" + url "https://files.pythonhosted.org/packages/2f/fe/5217efe981c2ae8647b503ba3b8f55efc837df62f63667572b4bb75b30bc/rpds_py-0.19.1.tar.gz" + sha256 "31dd5794837f00b46f4096aa8ccaa5972f73a938982e32ed817bb520c465e520" end resource "ruamel-yaml" do @@ -172,6 +237,11 @@ class Semgrep < Formula sha256 "beb2e0404003de9a4cab9753a8805a8fe9320ee6673136ed7f04255fe60bb512" end + resource "setuptools" do + url "https://files.pythonhosted.org/packages/5e/11/487b18cc768e2ae25a919f230417983c8d5afa1b6ee0abd8b6db0b89fa1d/setuptools-72.1.0.tar.gz" + sha256 "8d243eff56d095e5817f796ede6ae32941278f542e0f941867cc05ae52b162ec" + end + resource "tomli" do url "https://files.pythonhosted.org/packages/c0/3f/d7af728f075fb08564c5949a9c95e44352e23dee646869fa104a3b2060a3/tomli-2.0.1.tar.gz" sha256 "de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f" @@ -192,6 +262,16 @@ class Semgrep < Formula sha256 "a70222b86dea82fb382dd87b73278c10756c138bd6f8f714e2183128887b9eb2" end + resource "wrapt" do + url "https://files.pythonhosted.org/packages/95/4c/063a912e20bcef7124e0df97282a8af3ff3e4b603ce84c481d6d7346be0a/wrapt-1.16.0.tar.gz" + sha256 "5f370f952971e7d17c7d1ead40e49f32345a7f7a5373571ef44d800d06b1899d" + end + + resource "zipp" do + url "https://files.pythonhosted.org/packages/d3/20/b48f58857d98dcb78f9e30ed2cfe533025e2e9827bbd36ea0a64cc00cbc1/zipp-3.19.2.tar.gz" + sha256 "bf1dcf6450f873a13e952a29504887c89e6de7506209e5b1bcc3460135d4de19" + end + def install # Work around ruamel.yaml.clib not building on Xcode 15.3, remove after a new release # has resolved: https://sourceforge.net/p/ruamel-yaml-clib/tickets/32/ @@ -200,7 +280,14 @@ def install ENV.deparallelize Dir.mktmpdir("opamroot") do |opamroot| ENV["OPAMROOT"] = opamroot - ENV["OPAMYES"] = "1" + # `--no-depexts` prevents opam from attempting to automatically search for + # and install system dependencies using the os-native package manager. + # On Linux, this leads to confusing and inaccurate `Missing dependency` + # errors due to querying `apt`. See: + # https://github.com/Homebrew/homebrew-core/pull/82693 + # https://github.com/Homebrew/homebrew-core/pull/176636 + # https://github.com/ocaml/opam/pull/4548 + ENV["OPAMNODEPEXTS"] = ENV["OPAMYES"] = "1" # Set library path so opam + lwt can find libev ENV["LIBRARY_PATH"] = "#{HOMEBREW_PREFIX}/lib" # Set path to libev for our static linking logic @@ -211,20 +298,13 @@ def install # Manually run steps from `opam exec -- make setup` to link Homebrew's tree-sitter system "opam", "update", "-y" - - # We pass --no-depexts so as to disable the check for pkg-config. - # It seems to not be found when building on ubuntu - # See discussion on https://github.com/Homebrew/homebrew-core/pull/82693 - system "opam", "install", "-y", "--deps-only", "--no-depexts", "./libs/ocaml-tree-sitter-core" - system "opam", "install", "-y", "--deps-only", "--no-depexts", "./" - - # Run configure script in ocaml-tree-sitter-core + system "opam", "install", "-y", "--deps-only", "./libs/ocaml-tree-sitter-core" + system "opam", "install", "-y", "--deps-only", "./" cd "./libs/ocaml-tree-sitter-core" do system "./configure" end # Install semgrep-core and spacegrep - system "opam", "install", "--deps-only", "-y", "." system "opam", "exec", "--", "make", "core" system "opam", "exec", "--", "make", "copy-core-for-cli" @@ -232,15 +312,25 @@ def install end ENV["SEMGREP_SKIP_BIN"] = "1" - venv = virtualenv_create(libexec, "python3.11") - venv.pip_install resources + venv = virtualenv_create(libexec, "python3.12") + venv.pip_install resources.reject { |r| r.name == "glom" } + + # Replace `imp` usage: https://github.com/mahmoud/glom/commit/1f883f0db898d6b15fcc0f293225dcccc16b2a57 + # TODO: remove with glom>=23.4.0 + resource("glom").stage do |r| + inreplace "setup.py", "import imp", "" + inreplace "setup.py", "_version_mod = imp.load_source('_version', _version_mod_path)", "" + inreplace "setup.py", "_version_mod.__version__", "'#{r.version}'" + venv.pip_install Pathname.pwd + end + venv.pip_install_and_link buildpath/"cli" generate_completions_from_executable(bin/"semgrep", shells: [:fish, :zsh], shell_parameter_format: :click) end test do - system "#{bin}/semgrep", "--help" + system bin/"semgrep", "--help" (testpath/"script.py").write <<~EOS def silly_eq(a, b): return a + b == a + b From 21693ddc98092dff2a4f72df4a604e934b4c75a8 Mon Sep 17 00:00:00 2001 From: BrewTestBot <1589480+BrewTestBot@users.noreply.github.com> Date: Thu, 1 Aug 2024 14:41:50 +0000 Subject: [PATCH 2/2] semgrep: update 1.82.0 bottle. --- Formula/s/semgrep.rb | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Formula/s/semgrep.rb b/Formula/s/semgrep.rb index b655e596de9ed..1e06aba1bfe84 100644 --- a/Formula/s/semgrep.rb +++ b/Formula/s/semgrep.rb @@ -15,13 +15,13 @@ class Semgrep < Formula end bottle do - sha256 cellar: :any, arm64_sonoma: "6d6623f871175d622243324eb4eca73a9c3e3f59aca029e5d4db5ce845d71216" - sha256 cellar: :any, arm64_ventura: "1b00207deb8222823183de4b19d732d7c254e4203e585b930b193696743b493a" - sha256 cellar: :any, arm64_monterey: "3faa872a95b2954306231f0a10888912603e30679b3ea2909c122d1d477fb272" - sha256 cellar: :any, sonoma: "6d9520bc2dcabbe897fb671af7e6345215521d1ca1fd1e1de23a032875700825" - sha256 cellar: :any, ventura: "6ca124d84617d7c1d9301b2f5b92f95c95038484f9b17b37f4aebf4c175ae6c3" - sha256 cellar: :any, monterey: "96beec22c987963338d3c220f83bb62b9989387e7b7653d6a20a184402e88028" - sha256 cellar: :any_skip_relocation, x86_64_linux: "4a4b10e800c6ee9ac2234578696781a801a887c2dea4c1d6a543a747f3b55b6e" + sha256 cellar: :any, arm64_sonoma: "7b20e9c290e8e58b6af19bd1c1d569d047b926b5d51b3ea8b34d7efa3050e799" + sha256 cellar: :any, arm64_ventura: "4059a42336f3d9045c9422cf418cfea10104d5bf0fa9eaf06e6bb0a36b7d3d01" + sha256 cellar: :any, arm64_monterey: "09e75076f4a3ad8969454e2b5a54ab54692162bbfe7ef31c4a34d67052f80973" + sha256 cellar: :any, sonoma: "b5674e8d2395999ef97752027d6289ffe471c20b5617373250bab77e9cbb554f" + sha256 cellar: :any, ventura: "1be8f44716b7f9c266cf5ef83b26d9f877318056054834c267628a7e432a7a86" + sha256 cellar: :any, monterey: "aa2acd9cc010cfdc217085139fbc8bf1e37931ca75aafec99ef6a710b87400f3" + sha256 cellar: :any_skip_relocation, x86_64_linux: "665536715fcf92eb6b6d793dcf347da1c286d5d645ec11d1591a7ebaf8047b30" end depends_on "autoconf" => :build