Skip to main content

    Extensions

    Several third-party tools include Semgrep extensions.

    Official IDE extensions

    Use of Language Server Protocol (LSP)

    All of the official extensions use the Language Server Protocol to communicate with Semgrep. This allows the team to focus on one codebase that can be shared across most modern editor platforms.

    Pre-commit

    The pre-commit framework can run semgrep at commit-time. Install pre-commit and add the following to .pre-commit-config.yaml

    repos:
    - repo: https://github.com/semgrep/pre-commit
      rev: 'v1.103.0'
      hooks:
        - id: semgrep
          # See https://semgrep.dev/explore to select a ruleset and copy its URL
          args: ['--config', '<SEMGREP_RULESET_URL>', '--error', '--skip-unknown-extensions']

    The pre-commit can also run custom rules and rulesets from Semgrep Code, similar to running semgrep ci using the following configuration:

    repos:
    - repo: https://github.com/semgrep/pre-commit
      rev: 'v1.103.0'
      hooks:
        - id:  semgrep-ci

    For guidance on customizing Semgrep's behavior in pre-commit, see Customize Semgrep in pre-commit.

    Run with Semgrep Pro rules

    If you would like to run the pre-commit hook locally while using Semgrep Pro rules:

    1. Log in to your Semgrep account. Running this command launches a browser window, but you can also use the link that's returned in the CLI to proceed:

      semgrep login

    2. In the Semgrep CLI login, click Activate to proceed.

    Version management

    Semgrep as an engine

    Many other tools have capabilities powered by Semgrep. Add yours with a pull request!

    Not finding what you need in this doc? Ask questions in our Community Slack group, or see Support for other ways to get help.