TIPSemgrep’s Swift coverage leverages framework-specific analysis capabilities that are not present in Semgrep Community Edition (CE). As a result, many framework specific Pro rules will fail to return findings if run on Semgrep CE. To ensure full security coverage, run: semgrep login && semgrep ci.
Semgrep Code analyses
Coverage
Semgrep aims to provide comprehensive and accurate detection of common OWASP Top 10 issues in source code. Semgrep uses rules, which are instructions based on which it detects patterns in code. These rules are usually organized in rulesets.
By default, Semgrep Code provides you with the p/comment and p/default rulesets. These rulesets provide the most accurate and comprehensive coverage across Semgrep’s supported languages.
Some examples of rules include:
To view these rules, sign in to Semgrep AppSec Platform.
Swift support in Semgrep Supply Chain
Semgrep Supply Chain is a software composition analysis (SCA) tool that detects security vulnerabilities in your codebase introduced by open source dependencies.
Supported package managers
Semgrep supports the following Swift package manager:
Analyses and features
The following analyses and features are available for Swift: