Semgrep-sast scans all files but I want it to not scan some folders such as the docs folder

I would like to get some ideas how to exclude files and folders in the sast testing. I have set up my sast in my .gitlab-ci.yml and have created my .semgrepignore file but it seems that it not being used. Can anyone help me?

Hi @tjmonsi, I’m one of the maintainers of Semgrep. Unfortunately .semgrepignore isn’t yet understood by GitLab’s Semgrep SAST analyzer, but there are some options!

You could add to your GitLab CI/CD pipeline Semgrep CI (here) which natively understands .semgrepignore, or follow along on the GitLab team’s MR that adds pre-scan file exclusion here.

I hope this helps!

Hi @dlukeomalley thanks for this. I will look into it. :slight_smile: