Bump semgrep from 1.18.0 to 1.32.0 in /server

[dependabot]

Bumps semgrep from 1.18.0 to 1.32.0.

Release notes

Sourced from semgrep's releases.

Release v1.32.0

1.32.0 - 2023-07-13

Added

• feat(docker): Create a semgrep user for our docker container so that people can run it as a non-root user (gh-8116)

• feat(typed metavar): Typed metavariable support for Rust

  Users can create TypedMetavar using Rust's type annotation syntax :. For example, the following rule works for matching HttpResponseBuilder type of variables:

  rules:
  - id: no-direct-response-write
    patterns:
    - pattern: '($BUILDER : HttpResponseBuilder).body(...)'
    - pattern-not: '($BUILDER : HttpResponseBuilder).body("...".to_string())'
    message: find dangerous codes
    severity: WARNING
    languages: [rust]
  ``` ([gh-8200](https://github.com/returntocorp/semgrep/issues/8200))
  

Fixed

• baseline scans reporting on existing findings (baseline-supply-chain)
• Fixed an issue leading to incorrect autofix results involving JS/TS async arrow functions (e.g. async () => {}, etc.). (gh-7353)
• Workaround for rootless containers as git operations may fail due to dubious ownership of /src (gh-8267)

Release v1.31.2

1.31.2 - 2023-07-07

No significant changes.

Release v1.31.1

1.31.1 - 2023-07-07

No significant changes.

Release v1.31.0

1.31.0 - 2023-07-07

Added

... (truncated)

Changelog

Sourced from semgrep's changelog.

1.32.0 - 2023-07-13

Added

• feat(docker): Create a semgrep user for our docker container so that people can run it as a non-root user (gh-8116)

• feat(typed metavar): Typed metavariable support for Rust

  Users can create TypedMetavar using Rust's type annotation syntax :. For example, the following rule works for matching HttpResponseBuilder type of variables:

  rules:
  - id: no-direct-response-write
    patterns:
    - pattern: '($BUILDER : HttpResponseBuilder).body(...)'
    - pattern-not: '($BUILDER : HttpResponseBuilder).body("...".to_string())'
    message: find dangerous codes
    severity: WARNING
    languages: [rust]
  ``` ([gh-8200](https://github.com/returntocorp/semgrep/issues/8200))
  

Fixed

• baseline scans reporting on existing findings (baseline-supply-chain)
• Fixed an issue leading to incorrect autofix results involving JS/TS async arrow functions (e.g. async () => {}, etc.). (gh-7353)
• Workaround for rootless containers as git operations may fail due to dubious ownership of /src (gh-8267)

1.31.2 - 2023-07-07

No significant changes.

1.31.1 - 2023-07-07

No significant changes.

1.31.0 - 2023-07-07

Added

• Make CLI hit the new endpoint for the reliable fixed status on the Semgrep app. (cod-16)

• feat(rule syntax): Metavariable Type Extension for Semgrep Rule Syntax 2.0

  This PR introduces the changes made in Semgrep rule syntax 1.0 to version 2.0 as well.

  rule syntax 2.0

  rules:

... (truncated)

Commits

• e701fe5 chore: Bump version to 1.32.0
• 19ff6ab fix(supply-chain): baseline scans reporting on existing findings (#8258)
• efa0f46 tainting: Fix Taint.pick_taint (#8251)
• 0cc2a1f fix(docker): Workaround for rootless containers as git operations may fail du...
• 0321c09 fix: [ci] nightly brew tests failing (#8252)
• d0cc10f Create a semgrep user for our docker container so that people can run… (#8199)
• e71a462 tainting: Simplify preconditions when instantiating functions (#8240)
• 2884fc9 feat: [ci] add cirrus M1 builds in background (#8245)
• c2a55bc chore(osemgrep): send all rules and targets together to Run_semgrep (#8197)
• 521eba0 fix(js): Include location of async keyword in arrow func range (#8198)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

This change is