Hi, i have been using Gitlab SAST when the default scanner for python was still bandit. Now with the change to Semgrep as the default scanner, i was wondering if there are any changes to the severity of the vulnerabilities found?
Before the change there were some High/ Medium and Low severity found in my project, but after switching to Semgrep it seems to be that only Critical/ Medium and Info severities can be detected.
I am wondering if the semgrep bandit rules are different from the original bandit rules, and if not why can the Semgrep only detect those 3 levels ?
Would appreciate any help, Thanks