Welcome! This repository contains Semgrep's Community Edition rules.
In addition to the rules in this repository, the Semgrep Registry offers proprietary Pro rules that offer additional language coverage, and unlock crossfile and deep dataflow analysis.
To start writing and using Semgrep rules, see Learn Semgrep syntax and Writing rules. Then, run existing and custom Semgrep rules locally with the Semgrep command line interface (Semgrep CLI) or continuously with Semgrep in CI while using Semgrep AppSec Platform.
See Writing rules for information including:
You can also learn how to write rules using the interactive, example-based Semgrep rule tutorial.
We welcome Semgrep rule contributions directly to this repository! When submitting your contribution, you grant Semgrep, Inc. a license to use, modify, and distribute your contribution under the Semgrep Rules License v. 1.0. This ensures your rule can be shared with other Semgrep Registry users.
To contribute, please review our Contributing to Semgrep rules guidelines.
You can also reach out to us at support@semgrep.com, and we will help import your rules for others to use!
Join Slack for the fastest answers to your questions! Or contact the team at support@semgrep.com.
GitHub action to run testsIf you fork this repository or create your own, you can add a GitHub Action to your workflow that will automatically test your rules using the latest version of Semgrep. See our semgrep-rules-test example.
Rulesets are groups of rules organized by purpose, language, or framework sourced from the Semgrep Registry. If you want to modify existing rulesets or create your own, please contact us at support@semgrep.com.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4