Extensions

Several third-party tools include Semgrep extensions.

Official IDE extensions

Name	Marketplace link	Documentation
Microsoft Visual Studio Code	`semgrep-vscode`	Semgrep VS Code extension
IntelliJ Ultimate Idea and many other IntelliJ products	`semgrep-intellij`	Semgrep IntelliJ extension
Emacs	`lsp-mode`	See repository README

Use of Language Server Protocol (LSP)

All of the official IDE extensions use the Language Server Protocol to communicate with Semgrep. This allows the team to focus on one codebase that can be shared across most modern editor platforms.

`pre-commit`

Prevent secrets or security issues from entering your Git source control history by running Semgrep as a pre-commit hook. See pre-commit documentation for details.

Semgrep as an engine

Many other tools have capabilities powered by Semgrep. Add yours with a pull request!

DefectDojo
Dracon
GitLab SAST
GuardDog
litbsast
mobsfscan
nodejsscan
ScanMyCode CE (Community Edition)
SecObserve

Not finding what you need in this doc? Ask questions in our Community Slack group, or see Support for other ways to get help.

Official IDE extensions​

Use of Language Server Protocol (LSP)​

pre-commit​

Semgrep as an engine​

Official IDE extensions

Use of Language Server Protocol (LSP)

`pre-commit`

Semgrep as an engine