Semgrep's May 2022 updates

Semgrep has enhanced its static analysis tool with several significant updates aimed at improving its effectiveness and user experience. The introduction of DeepSemgrep, a private beta extension, allows cross-file analysis for Java and Ruby, reducing false positives and negatives by analyzing complex vulnerabilities that span multiple files. This complements Semgrep's existing features, which are valued for their speed and simplicity. The new Playground offers a more developer-friendly interface, enabling users to write, test, and share rules more efficiently, aligning its functionality with the Editor. Additionally, Semgrep now supports GitHub Enterprise and GitLab Self-Managed, allowing inline comments for security issues, and introduces Autofix suggestions for developers to implement code fixes directly from their platforms. A default ruleset has also been added to provide optimal results without extra configuration, reinforcing Semgrep’s position as a preferred tool among security engineers for identifying vulnerabilities.