Curated Collection of Popular Community Rules for Semgrep

This repository aims to provide a comprehensive set of effective Semgrep rules that have been contributed and vetted by the community.

Usage

# udpate the rules
./update-rules.sh

# validate all the rules
semgrep scan -j 100 -v --config ./rules --validate .

# actually running the scan
# '--config r/default' meaning that we already included the public rules of Semgrep
semgrep scan -j 100 --config r/default --config ./rules vulnerable-source-code

Special Thanks

Special thanks to the following repositories whose contributions have been instrumental in curating this collection of Semgrep rules:

Disclaimer

While these rules are developed and shared with the intent of improving code quality and security, they might not cover every possible scenario. Always exercise caution and perform comprehensive testing in conjunction with other security measures.

About

Curated Collection of Popular Community Rules for Semgrep

sast semgrep semgrep-rules

Languages

Language:Solidity 45.2%Language:Java 15.2%Language:JavaScript 11.1%Language:Scala 7.2%Language:C 6.8%Language:Go 5.5%Language:Python 4.2%Language:C# 1.4%Language:PHP 0.9%Language:Kotlin 0.7%Language:Lua 0.6%Language:HCL 0.6%Language:Shell 0.2%Language:Rust 0.1%Language:C++ 0.1%Language:TypeScript 0.1%Language:Makefile 0.1%Language:HTML 0.1%