- Semgrep AppSec Platform
- Team & Enterprise Tier
Tagging projects
Add tags for specific projects in the Semgrep AppSec Platform through the following methods:
- Set tags through the Semgrep AppSec Platform > Project page.
- Set tags using the Semgrep AppSec Platform API (for Team and Enterprise Tier users).
- Set tags in your repository's
.semgrepconfig.ymlfile.
Setting tags
- Keep in mind, when setting tags via the
.semgrepconfig.ymlfile or Semgrep AppSec Platform API, that these actions supersede any tags previously set. - For example, if you set tags through the API and subsequently run a CI scan, then the previous tags set by the API will be overwritten by any tag definitions in the
.semgrepconfig.ymlfile of the repository. - For this reason, we recommend exclusively choosing either the API or
.semgrepconfig.ymlfile to manage and set tags. Do not use a mix of the two.
Set tags through Semgrep AppSec Platform and Semgrep AppSec Platform API
To manage tags through Semgrep AppSec Platform, follow these steps:
- Go to the Semgrep AppSec Platform Projects page.
- Click on the project's gear icon to enter project configuration page, and then add or remove tags.
Refer to Semgrep API documentation to use the API.
Set tags in .semgrepconfig.yml
You can also add tags through a specific file added to your repository. To do so, follow the instructions below:
- Create
.semgrepconfig.ymlfile in the root directory of your repository. - Add tags to the
.semgrepconfig.ymlfile. Example of tags added to.semgrepconfig.ymlfile:tags:
- favourite
- awesomeproject
caution
Changes to tags made through the .semgrepconfig.yml file are also visible in the Semgrep AppSec Platform > Projects page, however, the inverse is not true (changes in Semgrep AppSec Platform > Projects page will be overwritten by .semgrepconfig.yml.)
Not finding what you need in this doc? Ask questions in our Community Slack group, or see Support for other ways to get help.