Update dependency semgrep to v1.151.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
semgrep (changelog)	==1.149.0 → ==1.151.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

semgrep/semgrep (semgrep)

v1.151.0

Compare Source

Added

• Added progress indicators for symbol analysis calculation and upload during CI scans (sc-3103)

Fixed

• bumped glom to at least version 23.3, which includes a fix to a SyntaxWarning
  warning log. (gh-11460)
• Semgrep no longer prints info log lines from semgrep-core RPC calls when --trace is passed and --debug isn't (loglines)
• Fixed the README not appearing in built wheels. (wheelreadme)

v1.150.0

Compare Source

Added

• Connecting to the Semgrep MCP server via streamableHttp now requires OAuth. (saf-2453)

Changed

• Migrated from pipenv to uv for ./cli package management (uv)

Fixed

• pro: Improved virtual method resolution in Scala (code-9213)
• Improved performance for supply chain scans by reducing pre-computation when printing the scan status. This results in slightly less information being displayed in the case that there are no rules to run. (gh-5436)
• Supply Chain Analysis: fixed version range matching for NPM packages with versions containing a prerelease identifier such as -alpha in 1.2.3-alpha. (sc-3001)

---

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[greptile-apps]

Greptile Overview

Greptile Summary

• Bumps semgrep in the Python dev dependency group from 1.149.0 to 1.150.0 (non-Windows only).
• Regenerates uv.lock accordingly, adding new transitive deps (e.g., semantic-version, pyjwt[crypto]) and updating hashes/URLs.
• Change is isolated to Python tooling (uv/pyproject) and doesn’t touch the Node packages directly.

Confidence Score: 4/5

• This PR is likely safe to merge after addressing a minor formatting inconsistency in pyproject.toml.
• The change is a straightforward semgrep patch bump with a regenerated uv lockfile; the only concrete issue found is inconsistent dependency marker spacing that can cause formatting/CI diffs if enforced.
• pyproject.toml

Important Files Changed

Filename	Overview
pyproject.toml	Bumped semgrep dev dependency to 1.150.0, but introduced inconsistent PEP 508 marker spacing (==1.150.0; vs ==... ;) which can break style/format checks if enforced.
uv.lock	Regenerated lockfile for semgrep 1.150.0; adds new transitive deps (semantic-version, pyjwt[crypto]) and updates exclude-newer timestamp. No functional issues spotted in the lock structure.

[greptile-apps]

_{2 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Inconsistent marker spacing

This line changes the formatting from the surrounding dependencies by removing the space before the environment marker (==1.150.0; vs ==... ;). If this repo enforces formatting (e.g., via a TOML formatter or snapshot tests), this will cause CI diffs/failures. Consider matching the existing style.

Suggested change

	"semgrep==1.150.0; sys_platform != 'win32'",
	"semgrep==1.150.0 ; sys_platform != 'win32'",

_{Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!}

Prompt To Fix With AI

This is a comment left during a code review.
Path: pyproject.toml
Line: 18:18

Comment:
**Inconsistent marker spacing**

This line changes the formatting from the surrounding dependencies by removing the space before the environment marker (`==1.150.0;` vs `==... ;`). If this repo enforces formatting (e.g., via a TOML formatter or snapshot tests), this will cause CI diffs/failures. Consider matching the existing style.

```suggestion
    "semgrep==1.150.0 ; sys_platform != 'win32'",
```

<sub>Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!</sub>

How can I resolve this? If you propose a fix, please make it concise.