-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
6 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,22 +1,21 @@ | ||
| ## Julia rules for Semgrep | ||
| # Julia rules for Semgrep | ||
|
|
||
| [](https://github.com/JuliaComputing/semgrep-rules-julia/actions/workflows/semgrep-rules-test.yml) | ||
|
|
||
| Semgrep is a fast, open source, static analysis engine for finding bugs, detecting dependency vulnerabilities, and enforcing code standards. | ||
| Semgrep is a fast, open source, static analysis engine for finding bugs, detecting dependency vulnerabilities, and enforcing code standards. | ||
|
|
||
| Semgrep supports the Julia programming language as of version 1.5, from early 2023. This repository contains some early Semgrep rules for Julia. Feedback about these rules are much appreciated. | ||
| Semgrep supports the Julia programming language as of version 1.5, from early 2023. This repository contains some early Semgrep rules for Julia. Feedback about these rules are much appreciated. | ||
|
|
||
| There rules are likely to have some false positives and negatives, so feedback will be much appreciated. | ||
| There rules are likely to have some false positives and negatives, so feedback will be much appreciated. | ||
|
|
||
| ## Quick Start | ||
|
|
||
| * [Install the Semgrep CLI](https://semgrep.dev/docs/getting-started/) | ||
| * Clone this repo `git clone https://github.com/JuliaComputing/semgrep-rules-julia.git` | ||
| * Run `semgrep -c /path/to/semgrep-rules-julia/ /path/to/your/package` | ||
| * Semgrep has good [documentation](https://semgrep.dev/docs/) and [tutorials](https://semgrep.dev/learn/), which have more information about the tool. | ||
| * [Semgrep Playground](https://semgrep.dev/playground/) is the best way to experiment with new rules. | ||
|
|
||
| * [Semgrep Playground](https://semgrep.dev/playground/) is the best way to experiment with new rules. | ||
|
|
||
| ## Contribute | ||
|
|
||
| We welcome, and appreciate, new analysis rules. Please open a PR to this repo to add your rule to the ruleset. Rules here should be generally be widely, though not necessarily always, applicable. For each rule in its own `.yaml` file, there should be a corresponding `.jl` file with testcases. | ||
| We welcome, and appreciate, new analysis rules. Please open a PR to this repo to add your rule to the ruleset. Rules here should be generally be widely, though not necessarily always, applicable. For each rule in its own `.yaml` file, there should be a corresponding `.jl` file with testcases. |