Releases: pixee/codemodder-python
Releases · pixee/codemodder-python
1.2.0
What's Changed
- Update dependency setuptools to v71 by @renovate in #718
- Update dependency semgrep to >=1.80,<1.81 by @renovate in #720
- Update pre-commit hooks by @github-actions in #721
- Update openai requirement from <1.36,>=1.35 to >=1.35,<1.37 by @dependabot in #727
- Update pre-commit hooks by @github-actions in #725
- Regex Transformer by @clavedeluna in #729
Full Changelog: 1.1.2...1.2.0
Contributors
renovate, dependabot, and clavedeluna
Assets 2
1.1.2
What's Changed
- tmpdir should always be type Path by @clavedeluna in #716
- allow testing api to check for min changes by @clavedeluna in #717
Full Changelog: 1.1.1...1.1.2
Contributors
clavedeluna
Assets 2
1.1.1
What's Changed
- do not raise ValueError if no resource by @clavedeluna in #715
- Update pre-commit hooks by @github-actions in #714
Full Changelog: 1.1.0...1.1.1
Contributors
clavedeluna
Assets 2
1.1.0
What's Changed
- semgrep django set secure cookie codemod by @clavedeluna in #709
- Semgrep harden pyyaml by @clavedeluna in #710
- New RSA key size transformer and semgrep codemod by @clavedeluna in #711
- Handle detection of SARIFs that have UTF-8 BOMs by @drdavella in #713
Full Changelog: 1.0.0...1.1.0
Contributors
drdavella and clavedeluna
Assets 2
1.0.0
What's Changed
This release introduces two backwards-incompatible changes:
- Core "pixee" codemods can no longer be requested by name alone
- Some Sonar codemods no longer encode the Sonar rule ID in the codemod name
The codemod API has been mature for quite some time and It seemed as good a time as any to officially bump to v1.0.0 🎉
New
- first semgrep sarif codemod for jinja autoescape by @clavedeluna in #687
- Deprecate requesting codemods by name by @clavedeluna in #699
- Semgrep jwt decode verify by @clavedeluna in #696
- Semgrep defused xml codemod by @clavedeluna in #705
- remove -ID from sonar codemod n by @clavedeluna in #704
- Semgrep subprocess shell False codemod by @clavedeluna in #706
Full Changelog: 0.106.4...1.0.0
Contributors
clavedeluna
Assets 2
0.106.4
What's Changed
- Update diff line number change calculation by @clavedeluna in #670
Full Changelog: 0.106.3...0.106.4
Contributors
clavedeluna
Assets 2
0.106.3
What's Changed
- Update security requirement from ~=1.2.0 to >=1.2,<1.4 by @dependabot in #663
- Update injected security dependency and remanage updates by @clavedeluna in #666
- Make provider resources more general by @drdavella in #667
Full Changelog: 0.106.2...0.106.3
Contributors
drdavella, dependabot, and clavedeluna
Assets 2
0.106.2
What's Changed
- All tests will validate codemod registration by @clavedeluna in #656
Full Changelog: 0.106.1...0.106.2
Contributors
clavedeluna
Assets 2
0.106.1
What's Changed
- Fix handling of LLM model environment variables by @drdavella in #657
Full Changelog: 0.106.0...0.106.1
Contributors
drdavella
Assets 2
0.106.0
What's Changed
New
- Check file paths passed on as tool findings by @clavedeluna in #637
- Support parsing/writing pyproject.toml with
poetryby @clavedeluna in #646 - Removed unused handles in file-resource-leak by @andrecsilva in #648
- Add type stub dependencies by @clavedeluna in #651
Full Changelog: 0.105.0...0.106.0
Contributors
andrecsilva and clavedeluna