Skip to content

Latest commit

 

History

History
73 lines (61 loc) · 1.38 KB

semgrep.md

File metadata and controls

73 lines (61 loc) · 1.38 KB
title sidebar_label description
Semgrep
Semgrep
CodeRabbit's guide to Semgrep.

Semgrep is a static analysis tool designed to scan code for security vulnerabilities and code quality issues.

Configuration

Semgrep uses a YAML style configuration file.

Semgrep supports the following config files:

  • User-defined config file set at reviews.tools.semgrep.config_file in your project's .coderabbit.yaml file or setting the "Review → Tools → Semgrep → Config File" field in CodeRabbit's settings page.

Due to licensing it doesn't ship with the community-created Semgrep rules, but you're free to use these in your own project.

NOTE: CodeRabbit will only run Semgrep if your repository contains a Semgrep config file. In addition you must also define the path to this file in .coderabbit.yaml or config UI.

Links

Files

Semgrep will run on the following files and extensions:

  • Apex
  • Bash
  • .c
  • .cpp
  • .cs
  • .clj
  • .dart
  • Dockerfile
  • .ex
  • .html
  • .go
  • .java
  • .js
  • .jsx
  • .json
  • .jl
  • .jsonnet
  • .kt
  • .kts
  • Lisp
  • .lua
  • .ml
  • .php
  • .py
  • .r
  • .rb
  • .rs
  • .scala
  • Scheme
  • .sol
  • .swift
  • .tf
  • .ts
  • .tsx
  • .yaml
  • .xml
  • ERB
  • Jinja