📄️ How to exclude a Semgrep Supply Chain rule from a scan
Exclude a Semgrep Supply Chain rule from a scan
📄️ How to scan multiple or nested manifest files or lockfiles
Semgrep Supply Chain uses manifest files or lockfiles as part of its reachability analysis to determine the exact version of a dependency that a codebase is using. Semgrep parses manifest files or lockfiles, such as:
📄️ Generate lockfiles for Semgrep Supply Chain in a Circle CI pipeline
How to generate lockfiles for Semgrep Supply Chain in a Circle CI pipeline.
📄️ Generating Python manifest files for Semgrep Supply Chain scans
Generate various Python lock files to run Semgrep Supply Chain scans successfully.
📄️ Why aren't Supply Chain findings showing?
Troubleshoot why findings for Semgrep Supply Chain are not showing.