Skip to content

feat: Add opengrep migration docs CF-2184#2586

Merged
lventura-codacy merged 2 commits intomasterfrom
semgrep-to-opengrep-migration
Feb 19, 2026
Merged

feat: Add opengrep migration docs CF-2184#2586
lventura-codacy merged 2 commits intomasterfrom
semgrep-to-opengrep-migration

Conversation

@lventura-codacy
Copy link
Contributor

@lventura-codacy lventura-codacy commented Feb 19, 2026

👀 Live preview

🚧 To do

  • If relevant, include the Jira issue key at the end of the pull request title
  • Perform a self-review of the changes
  • Fix any issues reported by the CI/CD

@lventura-codacy lventura-codacy requested a review from a team as a code owner February 19, 2026 13:57
Copilot AI review requested due to automatic review settings February 19, 2026 13:57
@github-actions
Copy link
Contributor

github-actions bot commented Feb 19, 2026
edited
Loading

Overall readability score: 54.12 (🔴 -0.08)

File Readability
languages.md 56.3 (🔴 -0.33)
configuring-code-patterns.md 61.26 (🟢 +0)
codacy-configuration-file.md 57 (🔴 -0.21)
index.md 75.56 (🟢 +0.36)
cloud-2026-02-migrating-semgrep.md 35.9 (-)
managing-security-and-risk.md 52.82 (🔴 -0.02)
supported-languages-and-tools.md 49.15 (🔴 -0.54)
View detailed metrics

🟢 - Shows an increase in readability
🔴 - Shows a decrease in readability

File Readability FRE GF ARI CLI DCRS
languages.md 56.3 31.89 9.6 11.9 13.51 7.11
  🔴 -0.33 🟢 +0 🔴 -0.19 🟢 +0 🟢 +0 🟢 +0
configuring-code-patterns.md 61.26 38.82 9.49 11 11.89 7.1
  🟢 +0 🟢 +0 🟢 +0 🟢 +0 🟢 +0 🟢 +0
codacy-configuration-file.md 57 36.28 10.36 12.9 12.58 6.67
  🔴 -0.21 🟢 +0 🔴 -0.08 🟢 +0 🔴 -0.05 🟢 +0
index.md 75.56 87.35 9.25 12.1 8.58 6.23
  🟢 +0.36 🟢 +0.51 🟢 +0.04 🟢 +0.1 🟢 +0.18 🔴 -0.06
cloud-2026-02-migrating-semgrep.md 35.9 33.24 15.54 14.9 13.52 9
  - - - - - -
managing-security-and-risk.md 52.82 27.32 10.39 13.7 13.63 6.67
  🔴 -0.02 🟢 +0 🔴 -0.01 🟢 +0 🟢 +0 🟢 +0
supported-languages-and-tools.md 49.15 31.17 10.81 13.1 14.2 7.81
  🔴 -0.54 🔴 -0.21 🔴 -0.21 🟢 +0 🟢 +0.06 🔴 -0.07

Averages:

  Readability FRE GF ARI CLI DCRS
Average 54.12 43.02 10.95 12.33 12.22 8.01
  🔴 -0.08 🔴 -0.04 🔴 -0.02 🔴 -0.01 🟢 +0 🟢 +0
View metric targets
Metric Range Ideal score
Flesch Reading Ease 100 (very easy read) to 0 (extremely difficult read) 60
Gunning Fog 6 (very easy read) to 17 (extremely difficult read) 8 or less
Auto. Read. Index 6 (very easy read) to 14 (extremely difficult read) 8 or less
Coleman Liau Index 6 (very easy read) to 17 (extremely difficult read) 8 or less
Dale-Chall Readability 4.9 (very easy read) to 9.9 (extremely difficult read) 6.9 or less

@github-actions github-actions bot temporarily deployed to Netlify February 19, 2026 13:58 Inactive
claudiacodacy
claudiacodacy reviewed Feb 19, 2026
View reviewed changes
@codacy-production
Copy link
Contributor

codacy-production bot commented Feb 19, 2026
edited
Loading

Codacy's Analysis Summary

0 new issue (≤ 0 minor issue)
0 new security issue

Review Pull Request in Codacy →

AI Reviewer available: add the codacy-review label to get contextual insights without leaving GitHub.

Copilot AI reviewed Feb 19, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request migrates the documentation from Semgrep to Opengrep following licensing changes to Semgrep. Opengrep is an open-source fork of the Semgrep engine that Codacy is adopting as a 1:1 replacement. The PR updates tool references, URLs, and adds release notes explaining the migration while preserving backward compatibility through unchanged configuration file names.

Changes:

  • Added release notes documenting the Semgrep to Opengrep migration
  • Updated all tool name references from "Semgrep" to "Opengrep" across documentation files
  • Updated repository URLs from codacy/codacy-semgrep to codacy/codacy-opengrep and external links from semgrep.dev to github.com/opengrep/opengrep
  • Removed Semgrep Pro references from footnotes and updated anchor references from #semgrep to #opengrep
  • Updated vocabulary file to include Opengrep and remove Semgrep

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
docs/release-notes/cloud/cloud-2026-02-migrating-semgrep.md New release notes file explaining the migration from Semgrep to Opengrep
docs/release-notes/index.md Added link to the new migration release notes
docs/repositories-configure/languages.md Updated reference to Opengrep for custom file extensions note
docs/repositories-configure/configuring-code-patterns.md Updated tool name in configuration files table
docs/repositories-configure/codacy-configuration-file.md Updated tool name in configuration list and deprecation references
docs/organizations/managing-security-and-risk.md Updated tool name and URLs in security tools table, removed Semgrep Pro footnote
docs/getting-started/supported-languages-and-tools.md Comprehensive updates to tool names, URLs, anchor references, and footnotes across the languages table
.github/styles/config/vocabularies/Codacy/accept.txt Added Opengrep and removed Semgrep from accepted vocabulary
Comments suppressed due to low confidence (1)

docs/repositories-configure/codacy-configuration-file.md:225

  • Consider adding a deprecation notice for 'semgrep' in the deprecated tools list, similar to other replaced tools like 'bundleraudit'. This would help users who have 'semgrep' in their Codacy configuration files understand that they should migrate to using 'opengrep' instead. For example: - semgrep - Use the name opengrep for Opengrep.
The following names are **deprecated** and shouldn't be used, although they're still accepted in the Codacy configuration file:

-   `bundleraudit` - The tool **bundler-audit** [is deprecated](../release-notes/cloud/cloud-2023-10-13-bundler-audit-deprecation.md). If you are using **Opengrep** or **Trivy** instead, use the names `trivy` or `opengrep`.
-   `csslint` - The tool **CSSLint** [is deprecated](../release-notes/cloud/cloud-2023-10-25-csslint-jshint-fauxpas-tailor-tslint-deprecation.md). If you are using **Stylelint** instead, use the name `stylelint`.
-   `eslint` - Use the name `eslint-8` for **ESLint**.
-   `jshint`, `tslint` - The tools **JSHint** and **TSLint** [are deprecated](../release-notes/cloud/cloud-2023-10-25-csslint-jshint-fauxpas-tailor-tslint-deprecation.md). If you are using **ESLint** instead, use the name `eslint-8`.
-   `pylint` - Use the name `pylintpython3` for **Pylint**.
-   `tailor` - The tool **Tailor** [is deprecated](../release-notes/cloud/cloud-2023-10-25-csslint-jshint-fauxpas-tailor-tslint-deprecation.md). If you are using **SwiftLint** instead, use the name `swiftlint`.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

codacy-production[bot]

This comment was marked as outdated.

Sign in to view

@github-actions github-actions bot temporarily deployed to Netlify February 19, 2026 14:21 Inactive
codacy-production[bot]
codacy-production bot reviewed Feb 19, 2026
View reviewed changes
Copy link
Contributor

@codacy-production codacy-production bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

The PR successfully updates the documentation for the Semgrep to Opengrep migration. It is generally up to standards. I have identified some inconsistencies where Opengrep was added to the main supported tools table but missed in the 'Languages checked for security issues' table for specific languages (AWS CloudFormation, Helm, Kubernetes). There are also minor grammatical and formatting nitpicks in the new release notes and footnote spacing.

Test plan proposal

  • Verify that the Opengrep GitHub links (https://github.com/opengrep/opengrep/) are valid and resolve correctly.
  • Confirm that footnote references (e.g., <sup>1</sup>) correctly navigate to the intended span IDs on each page where they were updated.
  • Ensure that the new release note file is correctly indexed and accessible from the main release notes index page.
  • Audit the 'Security and risk management' table to ensure Opengrep is present for all languages listed in the 'Supported tools' main table.

About this PR

  • The description is sufficient for context given the Jira key, but consider adding a brief summary of the migration (forking of Semgrep) to the description for clarity in the git history.

💡 Codacy uses AI. Check for mistakes.

@lventura-codacy lventura-codacy removed the request for review from a team February 19, 2026 14:56
@lventura-codacy lventura-codacy merged commit ef4a108 into master Feb 19, 2026
5 checks passed
@lventura-codacy lventura-codacy deleted the semgrep-to-opengrep-migration branch February 19, 2026 15:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@claudiacodacy claudiacodacy claudiacodacy left review comments

Copilot code review Copilot Copilot left review comments

@machadoit machadoit machadoit approved these changes

+1 more reviewer

@codacy-production codacy-production[bot] codacy-production[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lventura-codacy @machadoit @claudiacodacy

Comments