Skip to main content

16 docs tagged with "Semgrep Supply Chain"

View All Tags

Apache Maven

Set up Semgrep Supply Chain to correctly detect packages in Maven.

Customization

Customize how Semgrep Supply Chain scans your codebase's open source dependencies.

Dependency search

Search through all your dependencies in all your onboarded repositories at any time.

Glossary

Glossary of terms related to software composition analysis and Semgrep Supply Chain.

Jenkins UI

Configure Jenkins to send the correct branch name to Semgrep Cloud Platform.

License compliance

Semgrep Supply Chain can detect and list a package's license. Prevent or exempt certain packages from being used based on their licenses.

Overview

Learn how Semgrep leverages its engine to scan open source dependencies with high-signal rules.

SBOM

Generate a CycloneDX JSON or XML SBOM to view all dependencies of a repository.

Supported languages

Semgrep supports more than two dozen languages. Learn about generally available, beta, and experimentally supported languages.

Supported languages

Semgrep supports more than two dozen languages. Learn about generally available, beta, and experimentally supported languages.

Triage and remediation

Perform triage and remediation of dependency vulnerabilities through Semgrep Supply Chain.