Why can I not see PR/MR comments on my CI platform? I have created my CI config file correctly as well as I have installed the Semgrep app onto my organization. I am able to get email notifications working but not with the others.
Related Questions in PULL-REQUEST
- How to restrict repo collaborators from approving pull requests?
- How to convert GitHub squash and merge commits to merge commits?
- PRs that were assigned to my team to be reviewed
- How do I request a PR review from GitHub users that can accept my pull request?
- Data Factory triggers two releases on Azure DevOps after Pull Request
- Gitkraken can not access pull requests on GitLab
- How can I know all git changes using some GitHub command.?
- GitHub Pull Requests with multiple CODEOWNERS approval behavior
- GitHub pull request icon status check in case of failed non required checks
- Only allow cross-fork PR from specific Bitbucket branch
- My issue is when multiple jobs fail in the pipeline, only one error gets reported back to the pull request
- How to get latest commit to be pulled for a PR?
- Is there a way to automatically merge pull requests created by dependabot?
- Unlink commits/Files during creating a Pull request from One branch to other
- how to render an image from the code repo in github pull request body
Related Questions in MERGE-REQUEST
- GitLab "Merged Result" Pipeline - Does it change all existing pipelines?
- adding more than one reviewer to a gitlab merge request
- Trigger jobs on a CI/CD pipeline on merge of the merge request
- Add Default Thread to Gitlab Merge Requests
- How to run a job only once a MR gets merged and know what MR got merged?
- "Remove all commits" when a commit added is not working after adding a new commit
- How to Add a Note to a GitLab Merge Request Post-Successful Merge?
- Merge Request Job stuck in Gitlab Pipeline
- Git Pipeline Fails ModuleNotFoundError of Own Module
- Automatic merge of an MR on GitLab
- Select commits from gitlab develop branch to create merge request to main
- Jenkins-GitLab Integration: How to Clone Source Branch of Merge Request in Jenkins?"
- GitLab prevent commits to existing merge request
- How can I create a private merge request template with GitLab?
- Multiline comment on merge request with GitLab REST API
Related Questions in SEMGREP
- Semgrep determine value of function parameter
- CWE-918 with Spring @Value parameters
- Download Full Semgrep Ruleset / Multiple rules in one file
- How do I find lines of code using semgrep CLI?
- How to ignore the semgrep check in this condition
- how to ignore a single rule globally with semgrep
- Load XSLT in Java code and parse it securely
- Enforcing dictionary access via .get(...) to prevent KeyErrors
- Semgrep: A scalable way of catching all cases in a multiline f-strings
- How to fix "SemgrepError Error while running rules: 0 bytes read on a total of 2 expected bytes" error for SemGrep analyzer?
- Need help to fix 'ensure that user-controlled variables in file paths are validated' semgrep scan issue
- SQL Injection with Semgrep/Spotbugs
- semgrep - any way to strip out terminal codes in its default output?
- Can SonarQube really detect memory leaks?
- regex matching duplicates in a comma separated list
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
The first way to make sure that you are receiving PR/MR comments is to make sure that your CI config file has the correct rule that allows for PR/MR comment scanning. For example, for Github Actions
on: pull_request {}rule whereas for Gitlab, you will have to use the- if: $CI_MERGE_REQUEST_IIDrule. Regarding other CI platforms feel free to look at the Sample CI configurations section of the Semgrep Docs.The second way is to make sure you are actually performing an PR/MR scan. You can be notified this via the run logs/CLI logs. Please make sure the triggering event of the scan is a pull_request and not anything else like the following screenshot: Image of scan with a push trigger event.
And finally, Semgrep only leaves PR comments on brand new issues which will require changing the source code that is being scanned or re-instating your current project.