A comprehensive Azure DevOps pipeline extension for Semgrep security scanning with advanced ticket creation, summary reporting, auto-fix PR capabilities, and enterprise-grade error handling.
The Semgrep Azure DevOps Extension is a comprehensive pipeline tool that integrates Semgrep security scanning directly into Azure DevOps workflows. It enables teams to automatically scan code for vulnerabilities using Semgrep's SAST, SCA, and license compliance engines, then create Azure DevOps work items for findings, generate detailed summary reports, and optionally create auto-fix pull requests with suggested remediations. This extension is designed for security-conscious development teams using Azure DevOps who want to automate their security scanning process and ensure vulnerabilities are properly tracked and addressed. It's particularly valuable for organizations implementing DevSecOps practices, as it provides enterprise-grade error handling, performance optimizations, and comprehensive filtering options to control which findings are reported and tracked.
Recipients
How the donated funds are distributed
Support the dependencies
Support the repos that depend on this repository
Top contributors
Recent events
Kivach works on the Obyte network, and therefore you can track all donations.
