Update semgrep to current latest, by default (#20102)

This refreshes the new semgrep backend (added in #18593, in 2.19) to use the current latest published version (`1.46.0`, instead of `1.37.0`). The newer version of Semgrep is slightly stricter about the formatting of the global settings file, so this inserts a dummy `anonymous_user_id` value.
pantsbuild · Oct 31, 2023 · 13f853e · 13f853e
1 parent e43dcfe
commit 13f853e
Show file tree

Hide file tree

Showing 2 changed files with 368 additions and 220 deletions.
diff --git a/src/python/pants/backend/tools/semgrep/rules.py b/src/python/pants/backend/tools/semgrep/rules.py
@@ -154,10 +154,11 @@ async def partition(
 
 
 # We have a hard-coded settings file to side-step
-# https://github.com/returntocorp/semgrep/issues/7102, and also provide more cacheability.
+# https://github.com/returntocorp/semgrep/issues/7102, and also provide more cacheability, NB. both
+# keys are required.
 _DEFAULT_SETTINGS = FileContent(
     path="__semgrep_settings.yaml",
-    content=b"has_shown_metrics_notification: true",
+    content=b"anonymous_user_id: 00000000-0000-0000-0000-000000000000\nhas_shown_metrics_notification: true",
 )