From fe8f2fbf94c14abe2d8e192d8887daffacd4313d Mon Sep 17 00:00:00 2001
From: Anders Kaseorg <anders@zulip.com>
Date: Fri, 17 Sep 2021 15:13:21 -0700
Subject: [PATCH] lint: Remove deprecated semgrep flag.

The semgrep --dangerously-allow-arbitrary-code-execution-from-rules
flag is deprecated and no longer used.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
---
 tools/lint | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/tools/lint b/tools/lint
index c90e6d22d4..ffa85b2935 100755
--- a/tools/lint
+++ b/tools/lint
@@ -187,15 +187,6 @@ def run() -> None:
         "--error",
         "--disable-version-check",
         "--quiet",
-        # This option is dangerous in the context of running
-        # semgrep-as-a-service on untrusted user code, since it
-        # causes Python code in the rules configuration to be
-        # executed.  From our standpoint, it is required for
-        # `pattern-where-python` rules, and there's no real
-        # security impact, since if you can put arbitrary code
-        # into zulip.git, you can run arbitrary code in a Zulip
-        # development environment anyway.
-        "--dangerously-allow-arbitrary-code-execution-from-rules",
     ]
     linter_config.external_linter(
         "semgrep-py",