Semgrep
Semgrep is a static analysis tool designed to scan code for security vulnerabilities and code quality issues..
Files
Semgrep will run on the following files and extensions:
Apex
Bash
.c
.cpp
.cs
.clj
.dart
Dockerfile
.ex
.html
.go
.java
.js
.jsx
.json
.jl
.jsonnet
.kt
.kts
Lisp
.lua
.ml
.php
.py
.r
.rb
.rs
.scala
Scheme
.sol
.swift
.tf
.ts
.tsx
.yaml
.xml
ERB
Jinja
Configuration
Semgrep uses a YAML style configuration file.
Semgrep supports the following config files:
- User-defined config file set at
reviews.tools.semgrep.config_file
in your project's.coderabbit.yaml
file or setting the "Review → Tools → Semgrep → Config File" field in CodeRabbit's settings page.