Semgrep is an open-source static analysis tool designed to scan code for security vulnerabilities and code quality issues.Documentation Index
Fetch the complete documentation index at: https://docs.coderabbit.ai/llms.txt
Use this file to discover all available pages before exploring further.
Configuration
Semgrep uses a YAML style configuration file. By default, we will automatically use the following files if any are set in the root directory of your repository.semgrep.ymlorsemgrep.yamlsemgrep.config.ymlorsemgrep.config.yaml
- User-defined config file set at
reviews.tools.semgrep.config_filein your project’s.coderabbit.yamlfile or setting the “Reviews → Tools → Semgrep → Config File” field in CodeRabbit’s settings page.
CodeRabbit will only run Semgrep if your repository contains a Semgrep config file. This config must use the default file names, or you must define the path to this file in the
.coderabbit.yaml or config UI.Links
Files
Semgrep will run on the following file types:- C/C++ (
.c,.cpp,.cc,.cxx,.c++,.h,.hpp,.hh,.hxx,.h++) - C# (
.cs) - Go (
.go) - Java (
.java) - JavaScript (
.js,.jsx) - Kotlin (
.kt) - Python (
.py) - TypeScript (
.ts) - Ruby (
.rb) - Rust (
.rs) - PHP (
.php) - Scala (
.scala) - Swift (
.swift) - Terraform (
.tf) - JSON (
.json)