Semgrep AppSec Platform Policies can contain both individual rules and rulesets, which are curated groups of rules recommended for particular purposes. All organizations start with two rulesets: theDocumentation Index
Fetch the complete documentation index at: https://docs.semgrep.dev/llms.txt
Use this file to discover all available pages before exploring further.
default ruleset, which is a good starter pack for security teams, and the comment ruleset, which is a good starter pack for developers.
As Semgrep adds new rules to improve coverage, some of these rules are also added to rulesets. If you add a ruleset to your organization’s policies, any new rules added to the ruleset automatically become a part of your policies as well.
The default and comment rulesets are initially added in Monitor mode, where the findings generated by the rules are primarily intended for security teams to review. You can also add new rulesets to your policies from the Semgrep Registry.
When you add a ruleset through the registry, you can add it in any policy mode: Monitor, Comment, or Block. The mode you choose will determine the mode for future rules that are added to that ruleset.
Even if you later change some or all rules from a ruleset to a different mode, the default mode for the ruleset does not change. Therefore, when you add new rules to the ruleset, they are added in the original mode.