Release Version 1.109.0 (semgrep/semgrep-proprietary#3164)

semgrep-ci[bot] · yosefAlsuhaibani · commit 78255d093ce3 · 2025-02-19T12:55:33.000-05:00
# Release Checklist

- [x] Tests/CI passes on this Pull Request
- [x] At least one approval on this PR

Don't forget to merge this PR to move on to the next step of the
release!

Co-authored-by: yosefAlsuhaibani &lt;yosefAlsuhaibani@users.noreply.github.com&gt;

synced from Pro 7a2aca5efc5ae0606a3f9957df89d25ef6325f44
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,26 @@
 
 <!-- insertion point -->
 
+## [1.109.0](https://github.com/semgrep/semgrep/releases/tag/v1.109.0) - 2025-02-19
+
+
+### Changed
+
+
+- Pyproject.toml files are now parsed using a toml parser (tomli). (sc-2054)
+
+
+### Fixed
+
+
+- pro: taint-mode: Fixed limitation in custom taint propagators.
+  See https://semgrep.dev/playground/s/ReJQO (code-7967)
+- taint-mode: Disable symbolic-propagation when matching taint propagators
+  to prevent unintended interactions. See https://semgrep.dev/playground/s/7KE0k. (code-8054)
+- Fixed pattern match deduplication to avoid an O(n^2) worst-case complexity, and
+  optimized the matching of ordered `..., PAT, ...` patterns. (saf-682)
+
+
 ## [1.108.0](https://github.com/semgrep/semgrep/releases/tag/v1.108.0) - 2025-02-12
 
 
diff --git a/changelog.d/code-7967.fixed b/changelog.d/code-7967.fixed
diff --git a/changelog.d/code-8054.fixed b/changelog.d/code-8054.fixed
diff --git a/changelog.d/saf-682.fixed b/changelog.d/saf-682.fixed
diff --git a/changelog.d/sc-2054.changed b/changelog.d/sc-2054.changed
diff --git a/cli/setup.py b/cli/setup.py
@@ -138,7 +138,7 @@ def find_executable(env_name, exec_name):
 
 setuptools.setup(
     name="semgrep",
-    version="1.108.0",
+    version="1.109.0",
     author="Semgrep Inc.",
     author_email="support@semgrep.com",
     description="Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.",
diff --git a/cli/src/semgrep/__init__.py b/cli/src/semgrep/__init__.py
@@ -1 +1 @@
-__VERSION__ = "1.108.0"
+__VERSION__ = "1.109.0"
diff --git a/dune-project b/dune-project
@@ -21,7 +21,7 @@
 (generate_opam_files)
 
 ;; set here so the semgrep package below can use it and we can easily bump it
-(version 1.108.0)
+(version 1.109.0)
 
 ;; Default attributes of opam packages
 (source (github semgrep/semgrep))
diff --git a/release_changes.md b/release_changes.md
@@ -1,27 +1,18 @@
-## [1.108.0](https://github.com/semgrep/semgrep/releases/tag/v1.108.0) - 2025-02-12
-
-
-### Added
-
-
-- pro: Semgrep can now dynamically resolve dependencies for Python projects using pip, allowing it to determine transitive dependencies automatically. (sc-2069)
+## [1.109.0](https://github.com/semgrep/semgrep/releases/tag/v1.109.0) - 2025-02-19
 
 
 ### Changed
 
 
-- Bump base Alpine docker image from 3.19 to 3.21. (alpine-version)
-- The semgrep-appsec-platform specific metadata fields "semgrep.dev:" and
-  "semgrep.policy:" are now filtered from the JSON output unless you
-  are logged in with the Semgrep appsec platform.
-  See https://semgrep.dev/docs/semgrep-appsec-platform/json-and-sarif#json for more information. (metadata-filter)
-- The Semgrep Docker image now uses Python 3.12 (bumped from 3.11). (python-version)
+- Pyproject.toml files are now parsed using a toml parser (tomli). (sc-2054)
 
 
 ### Fixed
 
 
-- This PR changes the way we handle failures in `git worktree remove` more gracefully.
-  Instead of erroring, we continue to scan so that the user can still get results, but
-  log the error. It also adds a guard so that this failure is less likely to happen
-  and will include more debugging information when it does. (sms-521)
+- pro: taint-mode: Fixed limitation in custom taint propagators.
+  See https://semgrep.dev/playground/s/ReJQO (code-7967)
+- taint-mode: Disable symbolic-propagation when matching taint propagators
+  to prevent unintended interactions. See https://semgrep.dev/playground/s/7KE0k. (code-8054)
+- Fixed pattern match deduplication to avoid an O(n^2) worst-case complexity, and
+  optimized the matching of ordered `..., PAT, ...` patterns. (saf-682)
diff --git a/semgrep.opam b/semgrep.opam
@@ -1,6 +1,6 @@
 # This file is generated by dune, edit dune-project instead
 opam-version: "2.0"
-version: "1.108.0"
+version: "1.109.0"
 synopsis:
   "Like grep but for code: fast and syntax-aware semantic code pattern for many languages"
 description: """
diff --git a/setup.py b/setup.py
@@ -5,7 +5,7 @@
 
 setup(
     name="semgrep_pre_commit_package",
-    version="1.108.0",
-    install_requires=["semgrep==1.108.0"],
+    version="1.109.0",
+    install_requires=["semgrep==1.109.0"],
     packages=[],
 )
diff --git a/src/core/Version.ml b/src/core/Version.ml
@@ -3,4 +3,4 @@
 
   Automatically modified by scripts/release/bump.
 *)
-let version = "1.108.0"
+let version = "1.109.0"

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-__VERSION__ = "1.108.0"`
	`1`	`+__VERSION__ = "1.109.0"`
Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@`
`5`	`5`
`6`	`6`	`setup(`
`7`	`7`	`name="semgrep_pre_commit_package",`
`8`		`- version="1.108.0",`
`9`		`- install_requires=["semgrep==1.108.0"],`
	`8`	`+ version="1.109.0",`
	`9`	`+ install_requires=["semgrep==1.109.0"],`
`10`	`10`	`packages=[],`
`11`	`11`	`)`