Semgrep rules specific to Frappe Framework
These rules guard against typical mistakes or bad practices while working on Frappe Framework apps. Frappe's own apps also use this to simplify repetitive checks in code review process.
- You can reuse the GitHub Action that Frappe Framework itself uses for running Semgrep: Workflow file
- Read how Semgrep works: Getting started with semgrep rules
- Write a rule. Make sure it doesn't have too many false positives.
- Write positive and negative test cases for rule you are adding: Testing rules