Semgrep
Language / Framework:
Checks: ~5
Categories:
Semgrep is a lightweight, offline, open-source, static analysis tool. Due to licensing it doesn't ship with the community-created Semgrep rules, but you're free to use these in your own project.
Enable the Plugin
To enable Semgrep analysis, add the following to your .codeclimate.yml configuration file:
plugins:
semgrep:
enabled: true
More information about the CLI is available in the README here: https://github.com/codeclimate/codeclimate
Configure the Plugin
You may specify custom settings for the Semgrep plugin under the plugin's config
node in your .codeclimate.yml
:
plugins:
semgrep:
enabled: true
config:
- A
- B
- C
Understand the Plugin
Updated over 1 year ago