Semgrep Rulesets
This ruleset is intended to produce low false positives, and safe for use in CI/CD pipelines.
Default ruleset, curated by Semgrep
This ruleset is intended to produce low false positives, and safe for use in CI/CD pipelines.
Scan code for potential security issues that require additional review. Recommended for teams looking to set up guardrails or to flag troublesome spots for further review.
Default ruleset for Python, curated by Semgrep.
Rules from the preeminent Node.js security scanner, NodeJSScan.
Default ruleset for JavaScript, curated by Semgrep.
Most common clientside JavaScript XSS vulnerabilities
Default ruleset for Go, curated by Semgrep.
Use Semgrep as a universal linter to identify vulnerabilities in your code base with the bandit (https://github.com/PyCQA/bandit) rule pack.
Default ruleset for Django, by Semgrep
Default ruleset for TypeScript, curated by Semgrep.
Use Semgrep as a universal linter to identify vulnerabilities in your code base with the gosec (https://github.com/securego/gosec) rule pack.
Use Semgrep as a universal linter to identify vulnerabilities and code smells in your code base with the FindSecBugs (https://find-sec-bugs.github.io/) rule pack.
Default ruleset for Flask, curated by Semgrep.
React security rules.
Find XSS vulnerabilities in your code base.
Cross-site scripting (XSS) secure defaults for Express.js
Avoid common JWT security mistakes.
Rule pack for detecting insecure transport in node js
No description
All the python rules as of July 7, 2020
Scan code for potential security issues that require additional review. Recommended for teams looking to set up guardrails or to flag troublesome spots for further review.
Secure defaults for XSS in Go.
A collection of opinionated rules for best practices in popular languages. Recommended for users who want really strict coding standards.