Announcing C# alpha support

Semgrep v0.52.0 includes alpha C# support

Semgrep v0.52.0 has promoted C# support from develop to alpha!

This means that we expect to parse most C# code (our estimated parse rate is 97%) and that we support matching metavaribles ($X and such) and ellipsis (...) against expressions and statements.[^1] This already allows one to write some useful rules. In fact, we just got our first set of C# rules contributed by Ahmet Akan!

We’re looking for early testers like Ahmet that can help us identify bugs and contribute rules. If that sounds interesting, try writing some C# rules in the Playground. A few examples to help you start are here, here, here, here, and here. There is also a tutorial and excellent documentation to learn more about writing Semgrep rules.

If you get serious about it, then please install or upgrade Semgrep! If you find it useful, you may want to add Semgrep to your CI pipeline, too!

We must thank Sjoerd Langkemper for his outstanding work that made this milestone possible. As an external contributor, Sjoerd jumped into adding C# support to Semgrep back in August 2020, contributed more than 50 commits, and left C# support very close to alpha. Our plan is to promote C# to beta during the next few months.

[^1]: To learn more about language support tiers like alpha, beta, and GA, visit our supported languages docs.

About

Semgrep Logo

Semgrep lets security teams partner with developers and shift left organically, without introducing friction. Semgrep gives security teams confidence that they are only surfacing true, actionable issues to developers, and makes it easy for developers to fix these issues in their existing environments.

Find and fix the issues that matter before build time

Semgrep helps organizations shift left without the developer productivity tax.

Get started in minutesBook a demo