Semgrep

Semgrep is a fast, open source, static analysis engine for finding bugs, detecting dependency vulnerabilities, and enforcing code standards.

Prerequisite: Make sure you have set up an account in Semgrep or get the API keys from an admin.

  1. On the Edit build pipeline page, select the Pre-Build Stage (or Post-Build Stage).

  2. Click + Add task.

  3. Select Semgrep from PRESET PLUGINS.

  • Enter a relevant name in the Task name field. It is a mandatory field.

  • Enter a descriptive message for the task in the Description field. It is an optional field.

  • Provide a value for the input variable. Note: The value may be any of the values from the previous build stages, a global variable, or a custom value.

  • Trigger/Skip Condition refers to a conditional statement to execute or skip the task. You can select either:

    • Set trigger conditions or

    • Set skip conditions

  • Click Update Pipeline.

Last updated