Skip to content

Commit 3a48d16

Browse files
armchairlinguistarmchairlinguist
authored
Align style and be clearer about versions & defaults (#2062)
1 parent 47d2139 commit 3a48d16

File tree

1 file changed

+17
-31
lines changed

1 file changed

+17
-31
lines changed

docs/kb/semgrep-code/semgrepignore-ignored.md

+17-31
Original file line numberDiff line numberDiff line change
@@ -7,37 +7,23 @@ description: Why am I getting findings in files that should be ignored?
77

88
# Why am I getting findings in files that should be ignored?
99

10-
If you don't have already a `.semgrepignore` file, refer to our
11-
[guide on how to exclude files from Semgrep
12-
scans](/docs/ignoring-files-folders-code). Otherwise, if
13-
you already have a `.semgrepignore` file, read on.
14-
15-
Starting with Semgrep CE 1.112.0, the Semgrepignore specification has
16-
changed slightly to better align with Git and Gitignore and to offer
17-
more flexibility.
18-
The new specification is referred to as
19-
[Semgrepignore v2](/docs/semgrepignore-v2-reference).
20-
If you're getting findings in files that should have been
21-
ignored according to your `.semgrepignore` file, check the
22-
following:
23-
24-
1. If you're using Git, check that the `.semgrepignore` file is at the
25-
root of the Git project or at least is within the project.
26-
`.semgrepignore` files can be placed in any folder in the project
27-
and follow the same specification as `.gitignore` files,
28-
which they extend.
29-
2. If you're not using Git, check that the `.semgrepignore` file
30-
is in the folder passed on the `semgrep scan` command line.
31-
For example, if the command is `semgrep scan foo/`, you must move
32-
the `.semgrepignore` file from the current folder
33-
to `foo/.semgrepignore`.
34-
35-
To ensure you're using Semgrepignore v2, pass the flag
36-
`--semgrepignore-v2` to `semgrep scan` or to `semgrep
37-
ci`. To use the legacy Semgrepignore v1 implementation, use
38-
`--no-semgrepignore-v2`. These options are for troubleshooting the
39-
migration from v1 to v2. These flags will be removed when v2 becomes
40-
only implementation available.
10+
If you don't have already a `.semgrepignore` file, refer to our [guide on how to exclude files from Semgrep scans](/docs/ignoring-files-folders-code).
11+
12+
If you already have a `.semgrepignore` file and are not seeing the results you expect, you may be seeing the effect of changes in Semgrep 1.117.0 and above. Starting with Semgrep 1.117.0, the Semgrepignore specification has changed slightly to better align with Git and Gitignore and to offer more flexibility. The new specification is referred to as [Semgrepignore v2](/docs/semgrepignore-v2-reference).
13+
14+
## Requirements for Semgrepignore v2
15+
16+
### If you're using Git
17+
18+
Place the the `.semgrepignore` file in root of the Git project (preferred) or in any folder in the project where you want to consistently ignore some files. `.semgrepignore files follow the same specification as `.gitignore` files, which they extend.
19+
20+
### If you're not using Git
21+
22+
Place the `.semgrepignore` file in the folder passed on the `semgrep scan` command line. For example, if the command is `semgrep scan foo/`, and the `.semgrepignore` file is in the current directory, move the `.semgrepignore` file from the current directory to `foo/.semgrepignore`.
23+
24+
## Troubleshooting Semgrepignore v2 issues
25+
26+
To ensure you're using Semgrepignore v2, pass the flag `--semgrepignore-v2` to `semgrep scan` or to `semgrep ci`. To use the legacy Semgrepignore v1 implementation, use `--no-semgrepignore-v2`. These options are for troubleshooting the migration from v1 to v2. These flags will be removed when v2 becomes the only implementation available.
4127

4228
## Best practices
4329

0 commit comments

Comments
 (0)