Skip to main content

29 docs tagged with "Semgrep Supply Chain"

View all tags

Apache Maven

Set up Semgrep Supply Chain to correctly detect packages in Maven.

C#

Detailed documentation for Semgrep's C# support.

Go

Detailed documentation for Semgrep's Go support.

Java

Detailed documentation for Semgrep's Java support.

JavaScript

Detailed documentation for Semgrep's JavaScript support.

Jenkins UI

Configure Jenkins to send the correct branch name to Semgrep AppSec Platform.

Kotlin

Detailed documentation for Semgrep's Kotlin support.

License compliance

Semgrep Supply Chain can detect and list a package's license. Prevent or exempt certain packages from being used based on their licenses.

Manage policies

Use policies to define the conditions in which developers are notified of a finding or potentially blocked from merging their PR or MR.

Overview

Learn how Semgrep leverages its engine to scan open source dependencies with high-signal rules.

Ruby

Detailed documentation for Semgrep's Ruby support.

SBOM

Generate a CycloneDX JSON or XML SBOM to view all repository dependencies.

Scala

Detailed documentation for Semgrep's Scala support.

Swift

Detailed documentation for Semgrep's Swift support.

Triage and remediate

Perform triage and remediation of dependency vulnerabilities through Semgrep Supply Chain.

Upgrade guidance

Know if a vulnerable package or dependency can be easily and reliably upgraded to a fixed version.