add dump-intrafile-graph and dump-taint-signatures #552

Merged

corneliuhoffman merged 2 commits intomainfrom

Jan 22, 2026

Contributor

corneliuhoffman commented Jan 21, 2026

To use

bin/opengrep show dump-intrafile-graph tests/rules/cross_function_tainting/interprocedural.py

respectively

bin/opengrep show dump-taint-signatures tests/rules/cross_function_tainting/interprocedural.yaml tests/rules/cross_function_tainting/interprocedural.py

corneliuhoffman requested review from dimitris-m, maciejpirog and willem-delbare as code owners

January 21, 2026 15:22

corneliuhoffman removed the request for review from willem-delbare

January 21, 2026 16:00

dimitris-m reviewed

View reviewed changes

src/osemgrep/cli_show/Show_subcommand.ml Outdated Show resolved Hide resolved

Corneliu Hoffman and others added 2 commits

January 22, 2026 12:30


          add dump-intrafile-graph, dump-taint-signatures

49a8e79


          make dump-taint-signatures work with >= 1 rules

0f11c1f

dimitris-m force-pushed the dump_stuff branch from d0f3073 to 0f11c1f Compare

January 22, 2026 12:31

dimitris-m approved these changes

View reviewed changes

Collaborator

dimitris-m left a comment

LGTM -- applied some improvements

maciejpirog approved these changes

View reviewed changes

corneliuhoffman merged commit 591072d into main

6 checks passed

corneliuhoffman deleted the dump_stuff branch

January 22, 2026 12:55

maciejpirog mentioned this pull request

Release v1.16.0 #568

Merged

tmeijn pushed a commit to tmeijn/dotfiles that referenced this pull request


          build(deps): update opengrep/opengrep to v1.16.0

58a1789

This MR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [opengrep/opengrep](https://github.com/opengrep/opengrep) | minor | `v1.15.1` → `v1.16.0` |

MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot).

**Proposed changes to behavior should be submitted there as MRs.**

---

### Release Notes

<details>
<summary>opengrep/opengrep (opengrep/opengrep)</summary>

### [`v1.16.0`](https://github.com/opengrep/opengrep/releases/tag/v1.16.0): Opengrep 1.16.0

[Compare Source](opengrep/opengrep@v1.15.1...v1.16.0)

#### Improvements

- Dart: Add typed metavariabless by [@&#8203;maciejpirog](https://github.com/maciejpirog) in [#&#8203;551](opengrep/opengrep#551)
- Dart: Use case of identifier to guess call vs new by [@&#8203;maciejpirog](https://github.com/maciejpirog) in [#&#8203;555](opengrep/opengrep#555)
- Go: Enable goroutines in taint tracking by [@&#8203;maciejpirog](https://github.com/maciejpirog) in [#&#8203;559](opengrep/opengrep#559)
- Add taint propagation via "for" comprehensions by [@&#8203;maciejpirog](https://github.com/maciejpirog) in [#&#8203;564](opengrep/opengrep#564)

#### Bug Fixes

- Rust: Missing Rust type alias translation by [@&#8203;smith-xyz](https://github.com/smith-xyz) in [#&#8203;549](opengrep/opengrep#549)
- Fix: Ensure that linux binaries have 8mb stack size (musl) by [@&#8203;dimitris-m](https://github.com/dimitris-m) in [#&#8203;563](opengrep/opengrep#563)
- Fixed a perf regression by removing system calls and improving the reachability graph and the callee lookup by [@&#8203;corneliuhoffman](https://github.com/corneliuhoffman) in [#&#8203;556](opengrep/opengrep#556)
- Fixed intrafile bug introduced by a superfluous fallback by [@&#8203;corneliuhoffman](https://github.com/corneliuhoffman) in [#&#8203;567](opengrep/opengrep#567)
- Ruby: Always translate `or` and `and` to expression by [@&#8203;maciejpirog](https://github.com/maciejpirog) in [#&#8203;562](opengrep/opengrep#562)
- Bash: Allow redirects before command arguments by [@&#8203;maciejpirog](https://github.com/maciejpirog) in [#&#8203;548](opengrep/opengrep#548)

#### Internal Improvements

- Add `show dump-intrafile-graph` and `show dump-taint-signatures` commands by [@&#8203;corneliuhoffman](https://github.com/corneliuhoffman) in [#&#8203;552](opengrep/opengrep#552)
- Improve tainting code by [@&#8203;maciejpirog](https://github.com/maciejpirog) in [#&#8203;546](opengrep/opengrep#546)
- Graph refactoring by [@&#8203;corneliuhoffman](https://github.com/corneliuhoffman) in [#&#8203;553](opengrep/opengrep#553)

#### New Contributors

- [@&#8203;smith-xyz](https://github.com/smith-xyz) made their first contribution in [#&#8203;549](opengrep/opengrep#549)

**Full Changelog**: <opengrep/opengrep@v1.15.1...v1.16.0>

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this MR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45Ni4yIiwidXBkYXRlZEluVmVyIjoiNDIuOTYuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiUmVub3ZhdGUgQm90IiwiYXV0b21hdGlvbjpib3QtYXV0aG9yZWQiLCJkZXBlbmRlbmN5LXR5cGU6Om1pbm9yIl19-->

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet