trailofbits · ahpaleus · Feb 11, 2025 · Feb 10, 2025 · Feb 11, 2025 · Feb 11, 2025
@@ -14,7 +14,7 @@ Note that libFuzzer has been in [maintenance-only](https://llvm.org/docs/LibFuzz
 The more performant AFL++ fuzzer is compatible with fuzzing harnesses written for libFuzzer, which means transitioning from libFuzzer to AFL++ is easy and requires only changing your compiler from `clang++` to `afl-clang-fast++`.
 
 {{< fuzzing/intro-os >}}
-If possible, we recommend fuzzing on a local x64_64 VM or renting one on DigitalOcean, AWS, Hetzner, etc.
+If possible, we recommend fuzzing on a local x86_64 VM or renting one on DigitalOcean, AWS, Hetzner, etc.
 
 
 ## Installation {#installation}

@@ -39,7 +39,7 @@ PRO TIP: You should not use the statistics returned by your specific fuzzer to t
 The most comparable data is generated by tools specifically made for measuring coverage.
 {{< /hint >}}
 
-The following section reviews two methods to generate coverage reports: the an LLVM-based instrumentation and a GCC-based one. LLVM offers a stable and very fast way to generate coverage reports. The LLVM toolkit supports the [SanitizerCoverage](https://clang.llvm.org/docs/SanitizerCoverage.html) instrumentation that is unique to Clang and the GCC-compatible [gcov](https://gcc.gnu.org/onlinedocs/gcc/Gcov.html) instrumentation. GCC only supports the gcov instrumentation.
+The following section reviews two methods to generate coverage reports: an LLVM-based instrumentation and a GCC-based one. LLVM offers a stable and very fast way to generate coverage reports. The LLVM toolkit supports the [SanitizerCoverage](https://clang.llvm.org/docs/SanitizerCoverage.html) instrumentation that is unique to Clang and the GCC-compatible [gcov](https://gcc.gnu.org/onlinedocs/gcc/Gcov.html) instrumentation. GCC only supports the gcov instrumentation.
 
 Both methods allow the generation of a clear representation of coverage, with the resulting HTML report consisting of multiple pages. However, the report generation with gcov output is more inefficient and requires more time compared to the LLVM one.
 
@@ -307,7 +307,7 @@ HTML coverage report generated by gcovr
 {{< /resourceFigure >}}
 
 
-**We already mentioned that gcov incrementally updates `.gcda` files over multiple runes of the coverage binaries. To start from scratch, you can manually delete all `.gcda` files after executing gcovr, or add the flag `--delete`.**
+**We already mentioned that gcov incrementally updates `.gcda` files over multiple runs of the coverage binaries. To start from scratch, you can manually delete all `.gcda` files after executing gcovr, or add the flag `--delete`.**
 
 
 ## Real-world examples {#real-world-examples}

@@ -56,7 +56,7 @@ A new version of Semgrep is available. See https://semgrep.dev/docs/upgrading
 ```
 
 You can also check for updates manually by visiting the
-[Semgrep Releases](https://github.com/returntocorp/semgrep/releases) page.
+[Semgrep Releases](https://github.com/semgrep/semgrep/releases) page.
 
 #### Updating Semgrep
 
@@ -228,7 +228,7 @@ according to your preferences and tooling.
      - Use the `--severity [INFO|WARNING|ERROR]` flag to report findings only from rules that match
        the specified severity (`INFO`/`WARNING`/`ERROR`).
      - There is currently no obvious flag to limit results based on specific rule metadata (e.g., impact).
-       See the [Feature request: CLI support for filtering by rule metadata](https://github.com/returntocorp/semgrep/issues/6752)
+       See the [Feature request: CLI support for filtering by rule metadata](https://github.com/semgrep/semgrep/issues/6752)
        GitHub issue for a possible workaround.
 
    d. Data flow tracing:

@@ -20,14 +20,14 @@ semgrep --config /path/to/your/config --lang python --scan-unknown-extensions /p
 In this example, Semgrep will scan the `/path/to/your/file.xyz` file as a Python file,
 even though the `.xyz` extension is not a standard Python file extension.
 
-See also the [Allow user to specify file extensions for languages #3090](https://github.com/returntocorp/semgrep/issues/3090)
+See also the [Allow user to specify file extensions for languages #3090](https://github.com/semgrep/semgrep/issues/3090)
 GitHub issue to work around restrictions if you want to use Semgrep against your specific language, even if the file
 extension is not standard.
 
 ### Files/directories
 
 - By default, Semgrep follows the default
-[.semgrepignore](https://github.com/returntocorp/semgrep/blob/develop/cli/src/semgrep/templates/.semgrepignore) file.
+[.semgrepignore](https://github.com/semgrep/semgrep/blob/develop/cli/src/semgrep/templates/.semgrepignore) file.
 - If present, Semgrep will look at the repository's `.gitignore` file.
 - In case of a conflict between the two files, the `.semgrepignore` file takes precedence. This means that if the
   `.gitignore` file includes a file and the `.semgrepignore` file excludes it, Semgrep will not analyze the file.
@@ -109,7 +109,7 @@ for writing and testing rules. However, it is essential to consider the followin
       (e.g., `# ruleid: <id>`) into your test code to evaluate your rule's effectiveness while working in the Semgrep
       Playground (see [example](https://semgrep.dev/s/ezxE)).
     - **Note the limitations with comments**: Be aware that the Semgrep Playground does not retain comments when sharing
-      a link or "forking" a rule (Ctrl+S). Refer to this [GitHub issue](https://github.com/returntocorp/semgrep/issues/7120)
+      a link or "forking" a rule (Ctrl+S). Refer to this [GitHub issue](https://github.com/semgrep/semgrep/issues/7120)
        for more information.
 
 ### Building blocks
@@ -1019,7 +1019,7 @@ development. The channel is staffed by knowledgeable developers familiar with Se
 They are usually quick to respond to questions. They can guide you in structuring your rules and in debugging any issues
 that arise. Additionally, the Slack channel is a great place to connect with other developers working on similar
 projects, allowing you to learn from others' experiences and share your insights.
-- Use [Semgrep GitHub issues](https://github.com/returntocorp/semgrep/issues) to report bugs, suggest new features, and
+- Use [Semgrep GitHub issues](https://github.com/semgrep/semgrep/issues) to report bugs, suggest new features, and
 ask for help with specific issues.
 
 ## Thoroughly testing Semgrep rules for optimal performance

@@ -98,7 +98,7 @@ to reduce false positives/negatives.
     - Pay attention to the Semgrep Community Slack, where the Semgrep community helps with problems or writing custom
     rules.
     - Encourage the team to report existing limitations/bugs while using Semgrep to the Semgrep team by filling out
-    GitHub issues (see this [example issue](https://github.com/returntocorp/semgrep/issues/4587) submitted by
+    GitHub issues (see this [example issue](https://github.com/semgrep/semgrep/issues/4587) submitted by
     Trail of Bits).
 
 7. Implement Semgrep in the CI/CD pipeline by getting acquainted with the Semgrep documentation related to your CI