chore: add symbol analysis to scan config (#343)

As title. - [X] I ran `make setup && make` to update the generated code after editing a `.atd` file (TODO: have a CI check) - [X] I made sure we're still backward compatible with old versions of the CLI. For example, the Semgrep backend need to still be able to *consume* data generated by Semgrep 1.50.0. See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades Note that the types related to the semgrep-core JSON output or the semgrep-core RPC do not need to be backward compatible!
semgrep · Feb 6, 2025 · 3c94e14 · 3c94e14
1 parent 2ec9015
commit 3c94e14
Show file tree

Hide file tree

Showing 7 changed files with 286 additions and 58 deletions.
diff --git a/semgrep_output_v1.atd b/semgrep_output_v1.atd
@@ -592,7 +592,7 @@ type sca_match_kind = [
    * 1st-party code (e.g., via callgraph analysis)
    *)
   | TransitiveUnreachable of transitive_unreachable
-  (* could not decide because of the engine limitations (e.g., 
+  (* could not decide because of the engine limitations (e.g.,
    * found the use of a vulnerable library in the lockfile but
    * could not find the pattern in first party code and could not
    * access third-party code for further investigation
@@ -1226,6 +1226,10 @@ type features = {
    (* normally we resolve dependencies for changed subprojects only in diff scans. This flag
     * causes all subprojects to be resolved in diff scans *)
    ~scan_all_deps_in_diff_scan: bool;
+   (* Whether to collect "symbol analysis" information from the repo being scanned
+      See https://www.notion.so/semgrep/Semgrep-Code-Reconnaissance-Toolbox-18a3009241a880f2a439eed6b2cffe66?pvs=4
+    *)
+   ~symbol_analysis: bool;
 }
 
 type triage_ignored = {

diff --git a/semgrep_output_v1.jsonschema b/semgrep_output_v1.jsonschema
diff --git a/semgrep_output_v1.proto b/semgrep_output_v1.proto
diff --git a/semgrep_output_v1.py b/semgrep_output_v1.py
diff --git a/semgrep_output_v1.ts b/semgrep_output_v1.ts