Skip to main content

15 docs tagged with "Semgrep Supply Chain"

View All Tags

Apache Maven

Set up Semgrep Supply Chain to correctly detect packages in Maven.

Dependency search

Search through all your dependencies in all your onboarded repositories at any time.

Jenkins UI

Configure Jenkins to send the correct branch name to Semgrep AppSec Platform.

License compliance

Semgrep Supply Chain can detect and list a package's license. Prevent or exempt certain packages from being used based on their licenses.

Overview

Learn how Semgrep leverages its engine to scan open source dependencies with high-signal rules.

SBOM

Generate a CycloneDX JSON or XML SBOM to view all dependencies of a repository.

Triage and remediation

Perform triage and remediation of dependency vulnerabilities through Semgrep Supply Chain.