๐๏ธ Semgrep with self-hosted Ubuntu runners in Azure Pipelines
Run Semgrep on self-hosted Ubuntu runners in Azure DevOps.
๐๏ธ Running Semgrep using templates in Azure Pipelines
Running Semgrep commands in Azure Pipelines templates.
๐๏ธ Set up Jenkins Freestyle projects for Bitbucket repositories
Set up Jenkins freestyle projects for Bitbucket repositories.
๐๏ธ Triggering events from Bitbucket to Jenkins
How to trigger events from the Bitbucket server to a Jenkins instance
๐๏ธ Set up Jenkins pipeline projects for Bitbucket repositories
Set up Jenkins pipeline projects for Bitbucket repositories.
๐๏ธ Semgrep in CI vs CLI: align your SAST scan results and understand differences
How to align your scan results between CI and CLI and understand differences in behavior.
๐๏ธ Collecting Semgrep GitHub Actions logs from GitHub
Collect logs from GitHub Actions to troubleshoot Semgrep CI scans.
๐๏ธ GitLab "Job's log exceeded limit" error
Collect verbose logs from GitLab to troubleshoot Semgrep CI scans.
๐๏ธ Failed to run a git command during a pull request or merge request scan
When running Semgrep in CI with a pull request or merge request as the triggering event, Semgrep runs some additional git commands to determine the behavior for the scan. The scan exits with an error if these commands fail. A message like the following shows in the output:
�๐๏ธ Use GitHub repository rulesets to implement Semgrep
Set up GitHub repository rulesets to implement Semgrep scans across many repositories in an organization.
๐๏ธ Set up reusable GitHub workflows for Semgrep scans
Learn how to set up reusable GitHub workflows for Semgrep scans.
๐๏ธ Why aren't findings populating in the GitHub Advanced Security Dashboard after running Semgrep in CI?
To prevent "resource not accessible by integration" error when running job to upload findings to GitHub's Advanced Security Dashboard
๐๏ธ Full and diff-aware scans with GitHub and Jenkins
Set up full and diff-aware scans in Jenkins with Multibranch pipeline projects.
๐๏ธ Jenkins shared library with Semgrep scans
Setting up Jenkins shared library with Semgrep scans
๐๏ธ Receive Semgrep MR comments through a GitLab runner
Set additional environment variables to receive Semgrep MR comments through a GitLab runner.
๐๏ธ Why are there new source code manager (SCM) connections that I didn't manually configure listed in Semgrep AppSec Platform?
Learn why there are new SCMs listed in Semgrep AppSec Platform.
๐๏ธ Does Semgrep scan compressed files or other non-code files?
Options to scan compressed files or other artifacts with Semgrep.
๐๏ธ Scanning a monorepo in parts
How to scan a monorepo in parts for better CI performance and clearer findings organization
๐๏ธ How to trigger diff-aware scans
Learn how to run a diff-aware scan.
๐๏ธ Configure GitHub Actions to use the nonroot Semgrep docker image
How to properly configure your GitHub Actions workflow to use the `nonroot` Semgrep docker image
๐๏ธ Why are duplicate findings appearing after running Semgrep in CI?
To prevent duplicated findings, perform full scans only on the main branch of your repository.