What is Semgrep?
Semgrep (Semantic Grep) is an open-source, lightweight static analysis tool that scans source code to identify specific patterns. It helps instructors and developers check for certain structures in code, such as:
- Statements
- Loops
- Declarations
- Function definitions
Semgrep works similarly to grep, but instead of searching for plain text, it scans for structured code patterns in a variety of programming languages like Python, JavaScript, Go, Java, C, and more.
How Can You Use Semgrep in CodeGrade?
In CodeGrade, Semgrep is integrated as a parent block called Code Structure, with two child blocks for pattern matching:
- Positive Match: Passes if the pattern is found.
- Negative Match: Fails if the pattern is found (useful for ensuring students don't use overly advanced or AI-generated code).
These blocks can be added to your setup with just a few simple steps. Here’s how:
Step 1: Set Up the Code Structure Block
- Drag the Code Structure block into your setup in CodeGrade.
- Inside the Code Structure block, nest a Match block.
There are two types of Match blocks:- Positive Match: This will pass if the pattern is detected in the student’s code.
- Negative Match: This will fail if the pattern is detected. This can be helpful to ensure students aren't using inappropriate code structures, such as overly advanced techniques or AI-generated code.
%20(800%20x%20525%20px)%20(9).png)
%20(800%20x%20525%20px)%20(800%20x%20525%20px)%20(11).png)
%20(800%20x%20525%20px)%20(800%20x%20525%20px)%20(10).png)