Skip to main content
  • Semgrep Cloud Platform
  • Community Tier
  • Team & Enterprise Tier
  • Semgrep Code

Rule board

The Rule Board is a visual representation of the rules that Semgrep Code uses for scanning. Rules can be organized in rulesets. Rulesets are rules related through a programming language, OWASP category, or framework.

Rules and rulesets are displayed as cards in Semgrep Cloud Platform. Group cards by dragging and dropping cards into the columns. Columns represent the actions undertaken in response to findings from that rule or ruleset.

The columns and their corresonding actions are:

Monitor
Rules that display findings only in Semgrep Cloud Platform.
Comment
Rules that display findings to developers through PR or MRs.
Block
Rules that block merges and commits, in addition to showing findings in Semgrep Cloud Platform and PRs or MRs.

Screenshot of the default state of the rule board

Semgrep Code is pre-configured to use the default ruleset. The default ruleset scans for security vulnerabilities in common programming languages and frameworks.

Semgrep Code detects the framework and language when scanning a project and only runs rules relevant for that framework and language.

Adding rules or rulesets

  1. Click Add rules. A drawer appears.
  2. Search for rules by entering a relevant search term, such as your programming language, OWASP category, or framework in the search bar.
  3. Optional: Display the rules within a ruleset by clicking on the Expand icon beside the name of the ruleset.
  4. Optional: Display the rule definition by clicking on the View in Playground icon beside the name of the rule.
  5. Drag the card and drop it on the relevant column.
  6. Once you are done adding rules and rulesets, click Save changes.

From Semgrep Registry

  1. Click a rule or ruleset in Semgrep Registry.
  2. Click Add these to Rule Board or Add to Rule Board.
  3. Select which column to place the rule or ruleset in.
  4. The new card appears on your Rule Board.

From Semgrep Playground

  1. Enter a name and save your rule.
  2. Click Add to Rule Board.
  3. Select which column to place the rule or ruleset in.
  4. The new card appears on your Rule Board.

From the in-app Editor

  1. From the Library pane, click the rule to add to the Rule Board. The rule appears on the code pane.
  2. Click Add to Rule Board.
  3. Select which column to place the rule or ruleset in.
  4. The new card appears on your Rule Board.

Disabling rules

To disable an individual rule, follow these steps:

  1. In Semgrep Cloud Platform, click Rule board.
  2. Click the ruleset that contains a rule you want to disable.
  3. Click the toggle next to the rule. Screenshot of a disabled rule in a ruleset
info
  • You can only disable individual rules that are part of rulesets in your rule board.
  • You can also reverse the described procedure to enable disabled rules in rulesets.

Removing rules or rulesets

To remove a rule from the Rule board:

  1. In Semgrep Cloud Platform, click Rule board.
  2. Click the ruleset that contains the rule.
  3. Click the Remove ruleset icon next to the rule you're deleting.
  4. Click Save.
info
  • Individual rules within rulesets can only be disabled, not deleted. To disable an individual rule in Rule board, click the toggle to disable the rule. See also Disabling rules.
  • When you remove a rule from the Rule Board, all associated findings on Findings page and Dashboard page are removed also.

You can also remove a rule on the Findings page, to do so, follow these steps:

  1. Go to the Semgrep Cloud Platform Findings page.
  2. Next to a finding with status Open, click the Ignore .
  3. Optional: Select a reason of why you are ignoring a finding. Choose either: False positive, Acceptable risk, No time to fix
  4. Click Save.
  5. Optional: Select whether you want to ignore all findings in Just this file, This directory, or Parent directory.
  6. Enable the checkbox to: Remove this rule from Rule board. This removes the related rule that matched the finding.

Configuring notifications

Notifications enable you to keep track of Semgrep scans within your preferred environment, such as email or Slack. They are configured for each column.

  1. Click the gear icon of the column to add a notification.
  2. Click Manage Integrations link.

For more information, follow guidelines for specific notification channel in Notifications documentation.

Find what you needed in this doc? Join the Semgrep Community Slack group to ask the maintainers and the community if you need help.