Add Semgrep to CI/CD
Set up your CI pipeline with Semgrep AppSec Platform for centralized rule and findings management.
Set up your CI pipeline with Semgrep AppSec Platform for centralized rule and findings management.
Set up your CI pipeline manually with Semgrep AppSec Platform for centralized rule and findings management.
Learn how Semgrep Assistant can provide recommendations for triage and remediation of Semgrep findings.
Learn how to receive Slack or email alerts about findings and failures and how to integrate using webhooks.
Learn how to analyze findings with Assistant and view its results.
Set up Semgrep Supply Chain to correctly detect packages in Maven.
Enable PR comments in your Azure DevOps repositories to display Semgrep findings to developers.
A guide to common tasks after setting up core Semgrep features.
Enable PR comments in your Bitbucket Cloud repositories to display Semgrep findings to developers.
Enable PR comments in your Bitbucket Data Center repositories to display Semgrep findings to developers.
Configure Semgrep in CI by setting various environment variables. Enable diff-aware scanning, connect to Semgrep AppSec Platform, and more.
Reference for the Semgrep command-line interface including options and exit code behavior.
Configure how Semgrep in CI pipelines handles errors and blocks findings.
Connect a source code manager for use with Semgrep.
Learn how to set up a comprehensive Semgrep deployment for yourself or your organization.
Create a Semgrep account and organization to prepare your deployment for the addition of repositories and team members.
Customize your CI job to fit your organization's workflows.
Learn how to enable and configure Assistant's features.
Enable pull request (PR) comments in your GitHub repositories to display Semgrep findings to developers.
Enable merge request (MR) comments in your GitLab repositories to display Semgrep findings to developers.
Learn how to paginate responses from the Semgrep API.
Refer to this section to set up Semgrep Supply Chain for your specific tooling or pipeline.
Configure Jenkins to send the correct branch name to Semgrep AppSec Platform.
Semgrep Managed Scans provides an alternative to CI-based workflows. It enables you to add repositories to your Semgrep org in bulk without changing your CI workflows.
Packages included in the latest Semgrep docker image.
Use this checklist to ensure a smooth deployment of Semgrep in your organization.
Required software or services to run various Semgrep products.
Required software or services to run various Semgrep products.
Learn about the privacy and legal considerations involved when using Semgrep Assistant.
View sample configuration files to run Semgrep with various CI/CD providers such as GitHub, GitLab, Jenkins, Buildkite, CircleCI, and more.
Learn how to set up the Semgrep Network Broker, which facilitates secure access between Semgrep and your private network.
Learn how to set up a Semgrep OSS CI environment for yourself or your organization.
Set your primary or default branch to ensure Semgrep full scans display accurate counts and deduplicated findings.
SSO configuration instructions.
Semgrep supports more than two dozen languages. Learn about generally available, beta, and experimentally supported languages.
Guidelines on how to add or remove tags through Semgrep AppSec Platform and semgrepconfig.yml file.
Manage user access to projects through Teams.
Not seeing what you expect in Semgrep AppSec Platform? Follow these troubleshooting steps or find out how to get one-on-one help.
Update Semgrep by running the correct commands for your environment or operating system.
Understand GitHub authorization and permissions.