Documentation Index
Fetch the complete documentation index at: https://docs.semgrep.dev/llms.txt
Use this file to discover all available pages before exploring further.
WHAT IS A PROJECT IN SEMGREP APPSEC PLATFORM?A project is a repository, or part of a repository, that you scan through Semgrep AppSec Platform, either using CI or Semgrep Managed Scans. This also includes local CLI scans whose results you have sent for viewing on Semgrep AppSec Platform. A project’s scans can be viewed on the Project details page, and its findings can be viewed on the individual Semgrep products’ Findings pages.
- The Scanning tab lists all projects that have been provisioned or scanned by Semgrep, regardless of whether the project is actively being scanned. If the project’s repository has been archived in the source code manager, it is listed under Not scanning.
- The Not scanning tab lists projects that are associated with source code manager (SCM) connections that you’ve added, but which aren’t actively being scanned by Semgrep. For GitHub, GitLab, and Bitbucket Data Center, the Not scanning page also lists projects where you’ve archived the corresponding SCM repositories.
Findings from a project marked as archived still show in the Semgrep AppSec Platform Findings pages.
Sort projects
View all projects by navigating to Semgrep AppSec Platform and clicking Projects. To sort projects, click the attribute you want to sort by on the header row. You can only sort by one attribute. Sort by the following attributes:- Project: Click to toggle between sorting project names alphabetically in ascending or descending order.
- Last scan: Click to toggle between sorting the projects’ latest scans in ascending or descending order. The sorting is based on when the last scan started, regardless of its status. For this reason, you may see that scans with statuses such as Not started or Never finished are not necessarily grouped together.
Filter a project’s scans
Navigate to the Projects section in Semgrep AppSec Platform.
NOTEScan details, such as logs, are available for scans run in the past 1 month. Semgrep AppSec Platform does not display scan details older than 30 days, since this introduces performance issues due to the increased volume of stored scan data.
Run scans in bulk
You can scan multiple projects at once from the Projects page. This is useful when you want to rescan multiple projects after changing your ruleset or configuration. To run scans in bulk, select all the projects of interest and click Scan.Scan details and logs
To view the latest scan’s details from the Projects page:Permalinks to scan details
You can link to a specific scan’s details to share with collaborators or for troubleshooting. Click the link icon on the header to copy the permalink.Project details page
Each project listed on the Projects page has its own Project detail page, which you can access by clicking the window icon under the Details column. The Project detail page is where you can filter scans, configure settings, and view detailed logs for each scan that has been run. Use the Project detail page to:- View trends over time, such as longer or shorter scan durations.
- Share information when troubleshooting scans through the Scans tab.
- Update a project’s tags, primary branch, and path ignores through the Settings tab.
Configure project settings
You can configure a project’s settings by going to the Project details page and clicking the Settings tab. See the following pages for more information:- Configure Semgrep AppSec Platform to ignore specific file paths.
- For Semgrep Managed Scans users: configure your scans.
- Set a primary branch.
- Set tags.
Delete a project
Deleting a project removes all of its findings, metadata, and other records from Semgrep AppSec Platform.
To delete an archived project:
INFOIt can take up to a day (24 hours) for the Dashboard to correctly update and remove findings associated with a recently deleted project.