Carl Flottmann
Carl Flottmann
## Summary This PR adds support for building [Semgrep ](https://github.com/semgrep/semgrep) from source and including it as a Macaron dependency. ## Description of changes This PR introduces a new manually-triggered GitHub...
### Summary This pull request builds upon the work completed in #851, refactoring and refining the source code analysis of PyPI packages by identifying suspicious patterns and dataflows. This PR...
The use of the `SKIP` result for heuristics is not clear. It is used in some places for when errors occur, and for some places where the heuristic does not...
Referencing the TODO item in #983: > Currently, the SourceCodeRepo heuristic still has a dependency on the EmptyProjectLinks heuristic. This is done currently to make the merging process easier, and...
## Summary The goal is to improve the efficiency of the `SimilarProjectsAnalyzer`, which currently downloads the sourcecode tarball for every package of every maintainer it finds. The solution to this...
## Summary The purpose of this PR is to address #1052, and implement appropriate skip and error handling in all existing heuristics. This PR removes the `depends_on` field from heuristics...
### Description The package page returned by `PyPIRegistry.get_package_page` is now returning JavaScript errors again. Previously appending a `/` to the URL worked, but this no longer appears to be the...