From 022a7fbd33849eface1cbd56da1b379dd84dbb05 Mon Sep 17 00:00:00 2001 From: Alexis Grant Date: Wed, 17 Dec 2025 12:00:17 -0800 Subject: [PATCH 1/2] Clarify that new findings from added/updated rules applies to full scans The bot got confused and thought this might apply to diff scans, and presumably some humans could get confused too! So we'll make it very clear and explicit. --- docs/kb/semgrep-code/unexpected-new-findings.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/kb/semgrep-code/unexpected-new-findings.md b/docs/kb/semgrep-code/unexpected-new-findings.md index 1abbcfb434..b6b6af6d07 100644 --- a/docs/kb/semgrep-code/unexpected-new-findings.md +++ b/docs/kb/semgrep-code/unexpected-new-findings.md @@ -7,9 +7,9 @@ description: This may be occurring because rule coverage has increased. # Why are there more Semgrep findings when the code hasn't changed? -If the rules you're using in Semgrep have changed since you last scanned your code, you may see more findings even if your code has not changed. +If the rules you're using in Semgrep have changed since you last performed a full scan of your project, you may see more findings for the project even if your code has not changed. -For rulesets in the Semgrep Registry, if you add a ruleset to one of your policies, the policy receives updates and additions to the ruleset on an ongoing basis. So if a rule is added to a ruleset, or changes make a rule more comprehensive (or more precise), your policy automatically picks up those changes, and the subsequent scan can show new findings for the new or updated rules. +For rulesets in the Semgrep Registry, if you add a ruleset to one of your policies, the policy receives updates and additions to the ruleset on an ongoing basis. So if a rule is added to a ruleset, or changes make a rule more comprehensive (or more precise), your policy automatically picks up those changes, and the next full scan for the project can show new findings for the new or updated rules. For Semgrep-curated rulesets, you can view each rule's history to see recent changes: From c8a1731e5b9d137561ceabf32fa34bdc885a1d33 Mon Sep 17 00:00:00 2001 From: Alexis Grant Date: Wed, 17 Dec 2025 14:20:29 -0800 Subject: [PATCH 2/2] TW rewording Co-authored-by: Abhijna Parigi --- docs/kb/semgrep-code/unexpected-new-findings.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/kb/semgrep-code/unexpected-new-findings.md b/docs/kb/semgrep-code/unexpected-new-findings.md index b6b6af6d07..d6dbfce4b5 100644 --- a/docs/kb/semgrep-code/unexpected-new-findings.md +++ b/docs/kb/semgrep-code/unexpected-new-findings.md @@ -9,7 +9,7 @@ description: This may be occurring because rule coverage has increased. If the rules you're using in Semgrep have changed since you last performed a full scan of your project, you may see more findings for the project even if your code has not changed. -For rulesets in the Semgrep Registry, if you add a ruleset to one of your policies, the policy receives updates and additions to the ruleset on an ongoing basis. So if a rule is added to a ruleset, or changes make a rule more comprehensive (or more precise), your policy automatically picks up those changes, and the next full scan for the project can show new findings for the new or updated rules. +For rulesets in the Semgrep Registry, if you add a ruleset to one of your policies, the policy receives updates and additions to the ruleset on an ongoing basis. When a rule is added to a ruleset, or when changes make a rule more comprehensive or more precise, your policy automatically picks up those changes. As a result, the next full scan of the project may surface new findings from the new or updated rules. For Semgrep-curated rulesets, you can view each rule's history to see recent changes: