From f364414cb9f1626ba7069cb6477a9a86b19b2004 Mon Sep 17 00:00:00 2001
From: Anders Kaseorg <anders@zulip.com>
Date: Thu, 9 Jul 2020 16:59:11 -0700
Subject: [PATCH] install-semgrep: Upgrade semgrep to 0.14.0.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
---
 tools/lint                  | 5 ++++-
 tools/semgrep.yml           | 1 -
 tools/setup/install-semgrep | 4 ++--
 version.py                  | 2 +-
 4 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/tools/lint b/tools/lint
index 461032a90f..f80fb754c1 100755
--- a/tools/lint
+++ b/tools/lint
@@ -1,6 +1,7 @@
 #!/usr/bin/env python3
 import argparse
 import os
+import re
 import sys
 
 # check for the venv
@@ -106,7 +107,9 @@ def run() -> None:
     linter_config.external_linter('semgrep-py', [*semgrep_command, "--lang=python"], ['py'],
                                   fix_arg='--autofix',
                                   description="Syntactic Grep (semgrep) Code Search Tool "
-                                  "(config: ./tools/semgrep.yml)")
+                                  "(config: ./tools/semgrep.yml)",
+                                  # https://github.com/returntocorp/semgrep/issues/1228
+                                  suppress_line=lambda line: bool(re.match(r"running \d+ rules\.\.\.$", line)))
 
     linter_config.external_linter('thirdparty', ['tools/check-thirdparty'],
                                   description="Check docs/THIRDPARTY copyright file syntax")
diff --git a/tools/semgrep.yml b/tools/semgrep.yml
index b6f7c984b8..3384e4873c 100644
--- a/tools/semgrep.yml
+++ b/tools/semgrep.yml
@@ -116,7 +116,6 @@ rules:
     languages: [python]
     pattern-either:
       - pattern: '"..." % ...'
-      - pattern: '("...") % ...'
       - pattern: django.utils.translation.ugettext(...) % ...
     severity: ERROR
     message: "Prefer f-strings or .format for string formatting"
diff --git a/tools/setup/install-semgrep b/tools/setup/install-semgrep
index 739558cfc0..55e0ca10b6 100755
--- a/tools/setup/install-semgrep
+++ b/tools/setup/install-semgrep
@@ -1,9 +1,9 @@
 #!/usr/bin/env bash
 set -e
 
-version=0.10.1
+version=0.14.0
 tarball=semgrep-v$version-ubuntu-16.04.tgz
-sha256=7d07d223e88d52a2e8886e748726e1c8488d8d81ced34b80b128c362d9b57a0a
+sha256=8b9437af0540ed9664904f9603d9d6ad011dad46433cba74e524c7753c7732c9
 tarball_url=https://github.com/returntocorp/semgrep/releases/download/v$version/$tarball
 
 check_version () {
diff --git a/version.py b/version.py
index 43a3845bfa..bc735ba09a 100644
--- a/version.py
+++ b/version.py
@@ -44,4 +44,4 @@ API_FEATURE_LEVEL = 24
 #   historical commits sharing the same major version, in which case a
 #   minor version bump suffices.
 
-PROVISION_VERSION = '89.2'
+PROVISION_VERSION = '89.3'