A Semgrep scan is having a problem - what next?
Troubleshoot common issues with Semgrep scans.
Troubleshoot common issues with Semgrep scans.
Definitions of Semgrep Code product-specific terms.
Learn how to implement rule patterns that include the targeted language's reserved words.
Semgrep's generic pattern matching mode can match comments in code files.
You can approximate this behavior by matching an entire file, but excluding the desired content from the match.
Ellipsis metavariables can help with matching multiple word tokens.
This may be occurring because SEMGREP_APP_TOKEN is set as a group variable.
Learn about Semgrep Code, a static application security testing (SAST) tool | that finds security vulnerabilities in your first-party code.
Learn how to use Semgrep's experimental pattern syntax to search code for a specific code pattern.
This article introduces cross-file (interfile) analysis, guides you through installation, and provides some additional information.
Learn the rule and file performance principles to abide by when scanning repositories to optimize scan times.
Learn how to remove duplicate findings and prevent them from displayed in Semgrep AppSec Platform.
Learn how to run all available rules on your repository.
Learn about Semgrep rules, how to add your custom rules and rules from Semgrep Registry, a community-contributed repository of rules to help enforce security.
Proprietary Semgrep features for the Java language that can increase true positives and reduce false positives.
A guide using to Semgrep Pro Rules: supported languages, vulnerabilities covered, and using Pro rules in Semgrep scans.
The Policies page is a visual representation of the rules that Semgrep Code uses to scan code.
Learn how about Semgrep Code's triage status for findings and how to triage and remediate findings.
Troubleshoot scan failures on monorepos by studying logs, compartmentalizing scans, increasing RAM, and running jobs in parallel.
Troubleshoot "invalid header value" errors in GitHub and Gitlab
The Findings page allows users to view findings identified by Semgrep Code.
This may be occurring because rule coverage has increased.
Semgrep Editor is a powerful tool within Semgrep AppSec Platform to write rules and quickly apply these rules across an organization to enforce coding standards across an organization.