Skip to main content

focus-metavariable

The experimental focus-metavariable operator puts the focus, or zooms in, on the code region matched by a metavariable. For example, to find all functions arguments annotated with the type bad write the following pattern:

pattern: |
def $FUNC(..., $ARG : bad, ...):
...

This works but it matches the entire function definition. Sometimes, this is not desirable, for example, if you are using Semgrep App and you have triaged a finding generated by this pattern, the same finding may show up again as new if you make any change to the definition of the function!

To specify that you are only interested in the code matched by a particular metavariable, in our example $ARG, use focus-metavariable.

Note that focus-metavariable: $ARG is not the same as pattern: $ARG! Using pattern: $ARG finds all the uses of the parameter x which is not what we want! (Note that pattern: $ARG does not match the formal parameter declaration, because in this context $ARG only matches expressions.)

In short, focus-metavariable: $X is not a pattern in itself, it does not perform any matching, it only focuses the matching on the code already bound to $X by other patterns. Whereas pattern: $X matches $X against your code (and in this context, $X only matches expressions)!