You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[Semgrep](https://semgrep.dev/) is a static analysis tool designed to scan code for security vulnerabilities and code quality issues..
8
+
9
+
## Files
10
+
11
+
Semgrep will run on the following files and extensions:
12
+
13
+
-`Apex`
14
+
-`Bash`
15
+
-`.c`
16
+
-`.cpp`
17
+
-`.cs`
18
+
-`.clj`
19
+
-`.dart`
20
+
-`Dockerfile`
21
+
-`.ex`
22
+
-`.html`
23
+
-`.go`
24
+
-`.java`
25
+
-`.js`
26
+
-`.jsx`
27
+
-`.json`
28
+
-`.jl`
29
+
-`.jsonnet`
30
+
-`.kt`
31
+
-`.kts`
32
+
-`Lisp`
33
+
-`.lua`
34
+
-`.ml`
35
+
-`.php`
36
+
-`.py`
37
+
-`.r`
38
+
-`.rb`
39
+
-`.rs`
40
+
-`.scala`
41
+
-`Scheme`
42
+
-`.sol`
43
+
-`.swift`
44
+
-`.tf`
45
+
-`.ts`
46
+
-`.tsx`
47
+
-`.yaml`
48
+
-`.xml`
49
+
-`ERB`
50
+
-`Jinja`
51
+
52
+
## Configuration
53
+
54
+
Semgrep uses a YAML style configuration file.
55
+
56
+
Semgrep supports the following config files:
57
+
58
+
- User-defined config file set at `reviews.tools.semgrep.config_file` in your project's `.coderabbit.yaml` file or setting the "Review → Tools → Semgrep → Config File" field in CodeRabbit's settings page.
0 commit comments