-
**Describe the bug**
I have an error when I do a simple scan.
**To Reproduce**
I can only reproduce it on:
* Python 3.9
* semgrep 0.77.0, 0.76.0 (seems not here in 0.75.0)
```shell
python -…
-
**Describe the bug**
It would appear that `semgrep scan --validate` is not invoking semgrep-core correctly.
`semgrep scan --validate --config="p/owasp-top-ten" --debug`
```
[00.00][DEBUG]: s…
-
**Describe the bug**
Semgrep fails with exit code 2 on GitLab Merge Request if '--no-suppress-errors' is set and there are no files to scan.
**To Reproduce**
Create a merge request in GitLab.
Ma…
-
**Describe the bug**
The `rule:python.django.correctness.nontext-field-must-set-null-true.nontext-field-must-set-null-true` triggers false positives when `models` is imported from `django.contrib.gis…
-
Generally, users still want scans to complete even if one rule is bad so that they aren't blocked. Need a solution that warns users sufficiently loudly but allows them to push code
emjin updated
2 years ago
-
**Describe the bug**
It looks like `--strict` causes semgrep to report an error on on a `nosem` inline ignore if it contains rule_ids that do not match
a rule_id of a finding that fired on that line…
-
### Source issue
https://gitlab.com/gitlab-org/gitlab/-/issues/373113
**Describe the bug**
GitLab Customer reported that their Semgrep SAST job fails while "Creating report". They discovered …
-
A fatal error is triggered when running `semgrep ci`. The error condition seems to be triggered only when run with multiple rulesets and a sufficiently large source tree.
Running `semgrep scan` sep…
-
Some rules are available in the registry, but not in this semgrep-rules repository:
* [python.lang.security.audit.dangerous-spawn-process.dangerous-spawn-process](https://registry.semgrep.dev/rule/…
-
**Describe the bug**
When using diff-aware scanning via `--baseline-commit` / `SEMGREP_BASELINE_COMMIT` (e.g. on a non-main branch in CI), a file that is renamed in a way that moves it from being i…