๐๏ธ Change rule severity and other metadata by forking rules
Change rule severity and other metadata by forking rules
๐๏ธ Matching multiple tokens with ellipsis metavariables
Ellipsis metavariables can help with matching multiple word tokens.
๐๏ธ How to exclude certain file types for a particular rule
Certain filetypes can generate numerous false positives and delay your triage process. This document helps you achieve a selective middle ground:
๐๏ธ Match the absence of something in a file
You can approximate this behavior by matching an entire file, but excluding the desired content from the match.
๐๏ธ Match comments with Semgrep
Semgrep's generic pattern matching mode can match comments in code files.
๐๏ธ Fix pattern parse errors when running rules
Learn how to implement rule patterns that include the targeted language's reserved words.
๐๏ธ Performance principles for rules and files to abide by when scanning repositories
Learn the rule and file performance principles to abide by when scanning repositories to optimize scan times.
๐๏ธ Why do new rules keep appearing in Comment or Block mode?
Change the default mode for a ruleset.
๐๏ธ Run all available rules on a repository
Learn how to run all available rules on your repository.
๐๏ธ How does Semgrep assign severity levels to rules?
Understand how rule severity is determined.
๐๏ธ My rule with pattern-not doesn't work: using pattern-not-inside
Learn how to fix issues with `pattern-not` when excluding cases in custom rules.
๐๏ธ Use the Semgrep rule schema to write rules in VS Code
Use the Semgrep rule schema in VS Code to help make rule writing easier.