Original Post: Keep your rules simple with symbolic propagation
tl;dr: Symbolic propagation is a new experimental feature in Semgrep that generalizes constant propagation, enabling pattern matching even with intermediate variable assignments. For example, return 42 will match return C where C = 42. Similarly, the pattern $OBJ.foo().bar() can now match code with intermediate assignments like:
def test(obj):
x = obj.foo()
x.bar()This eliminates the need for complex patterns that account for various code shapes involving intermediate assignments. To use this feature, set symbolic_propagation: true in the rule options. This feature simplifies writing powerful and succinct Semgrep rules, and although still experimental, it aims to become a default capability soon.
Go here to read the Original Post