> ## Documentation Index
> Fetch the complete documentation index at: https://docs.semgrep.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Semgrep Code product terms

> The terms and definitions provided here are specific to Semgrep Code.

For rule-writing and SAST (static application security testing) terms, see the [Rule-writing glossary](/writing-rules/glossary).

## Default branch

Also known as a **mainline**, **primary**, or **trunk** branch. In many cases, Semgrep automatically detects these branches as primary branches when it first scans your project. If you have projects (repositories) with unique primary branch names, you can set them through the Semgrep web app.

## Diff-aware scan

A diff-aware scan is a type of scan that shows only the findings that have been caused by changes in files starting from a specific Git baseline. It is typically performed on feature branches when a pull request or merge request is opened. Unlike full scans, diff-aware scans only consider changes within modified files. At this time, cross-file analysis is not supported for diff-aware scans.

## Full scan

A full scan scans the entire codebase or Git repository in its current state. It is typically performed on trunk or mainline branches, such as `main`. Semgrep, Inc. recommends performing full scans on a recurring basis, such as daily or weekly.

## Policy

A policy defines the set of rules that Semgrep runs and the workflow actions it undertakes when a rule from the policy generates a finding. The workflow action performed by Semgrep when it detects a finding can include notifying Slack channels or posting a comment in the pull request or merge request that generated the finding.

Not to be confused with **policy-as-code**.

## Registry (Semgrep Registry)

A [collection of publicly available SAST rules](https://semgrep.dev/r) that you can download. Rules can be filtered by language, OWASP bug class, severity, and so on. [Contributions are welcome](/contributing/contributing-to-semgrep-rules-repository).

Rules are frequently organized by [rulesets](#ruleset), enabling you to find related rules by framework and language.

### Sources of rules

The Registry contains rules imported from various repositories. These include rules authored by other individuals or groups, such as Trail of Bits and GitLab.

You can view a rule's `license` key to ensure the license meets your needs.

## Ruleset

Rulesets are rules related through a programming language, OWASP category, or framework. Rulesets are curated by the team at Semgrep and updated as new rules are added to the Semgrep Registry.

## Scan target

A scan target is any file, or collection of files and directories that Semgrep can scan. While Semgrep can scan **any** text file through `generic` mode, Semgrep primarily scans the following:

### Codebase

Any code files within a specified directory and its subdirectories.

### Project

A repository or codebase that you have added to Semgrep Cloud Platform for scanning along with finding metadata and other Semgrep data and resources.

### Repository

A location, typically remote, for source code, including metadata relating to the source code. Semgrep supports Git repositories.
