Skip to content

jtmelton/semgrep-idea-plugin

BranchesTags

Repository files navigation

semgrep-idea-plugin

Build Version Downloads

Description

The semgrep-idea-plugin is a simple wrapper tool for the Semgrep tool (see GitHub). This should allow you to work in your code environment as you normally would, and receive semgrep notifications in the IDE.

(Unofficial) This is a simple wrapper for the semgrep open source tool. See https://github.com/jtmelton/semgrep-idea-plugin for more details. (Unofficial) For the official plugin, see https://github.com/returntocorp/semgrep-intellij.

Installation

  • Using IDE built-in plugin system:

    Preferences > Plugins > Marketplace > Search for "semgrep-idea-plugin" > Install Plugin

  • Manually:

    Download the latest release and install it manually using Preferences > Plugins > ⚙️ > Install plugin from disk...

Configuration

  • semgrep-wrapper:

    At the moment you need to create a wrapper for the semgrep tool. This is necessary because the IDEA plugin has issues with the python env. Having said that, this may change in the future. The key pieces here are that you should:

    • include the full path to semgrep
    • add the json parameter - we expect to parse the json blob to report findings
    • expect 2 parameters: 1) rules file/directory, and 2) file to analyze
       #!/bin/sh
   
   export PATH="/usr/local/Cellar/semgrep/0.31.1/bin/:$PATH"
   
   if [ "$#" -ne 2 ]; then
       echo "You must enter exactly 2 command line arguments: the rules file/dir first, and the file to analyze second"
   fi
   
   /usr/local/Cellar/semgrep/0.31.1/bin/semgrep --config $1 $2 --json --error

  • Binary path setting:

    To update this setting,

    • Go to CMD + , or CTRL + , or Intellij IDEA -> Preferences
    • Go to Tools
    • Go to Semgrep Settings
    • Set "Binary / Run Script Location (fully qualified file path): "

    In this field you should enter the fully qualified path to the semgrep-wrapper file you created in the step above

  • Binary path setting:

    To update this setting,

    • Go to CMD + , or CTRL + , or Intellij IDEA -> Preferences
    • Go to Tools
    • Go to Semgrep Settings
    • Set "Rules Location (fully qualified file path): "

    In this field you should enter the fully qualified path to the semgre rules file or a directory containing one or more semgrep rules files

Plugin based on the IntelliJ Platform Plugin Template.

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

17 stars

Watchers

3 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages