semgrep
Semgrep Code is a static application security testing (SAST) tool that detects security vulnerabilities in your first-party code.
You can use Semgrep Code to scan local repositories or integrate it into your CI/CD pipeline to automate the continuous scanning of your code.login https://semgrep.dev/login
quickstart https://semgrep.dev/docs/getting-started/quickstart
semgrep cli https://semgrep.dev/docs/cli-reference
cli command:
semgrep --config auto --output scan_results.sarif --sarif
Last updated
Was this helpful?