semgrep

Semgrep Code is a static application security testing (SAST) tool that detects security vulnerabilities in your first-party code.

You can use Semgrep Code to scan local repositories or integrate it into your CI/CD pipeline to automate the continuous scanning of your code.

login https://semgrep.dev/login

quickstart https://semgrep.dev/docs/getting-started/quickstart

semgrep cli https://semgrep.dev/docs/cli-reference

cli command: semgrep --config auto --output scan_results.sarif --sarif

PreviousSASTNextVulnerabilities

Last updated

Was this helpful?