semgrep

Why am I seeing new findings on my code when I have changed nothing at all?


I haven't touched my code base for a little while as well as my rule board (haven't added or removed any rules). Why am I seeing new findings? Is this a known bug? What could be going on here?


Solution

  • If you have seen new findings on code that has not been updated recently as well as new findings even with non-changing rule configuration, this may be due to an update regarding the rules that you are currently using.

    Over time, rules may be updated to accept a larger area of coverage or updated to be more specific in what they find. This in turn can cause new findings to appear in areas of code that may or may not have been updated recently.