diff --git a/docs/index.md b/docs/index.md
index 3f76e8588..97c9fd5ef 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -119,17 +119,18 @@ See the [Supported languages](/supported-languages#semgrep-code-and-oss) documen
-->
-December 2024 release notes summary
+January 2025 release notes summary
-- The Semgrep CLI tool requires a minimum version of **Python 3.9** as of Semgrep 1.100.0.
-- Semgrep OSS is now **Semgrep Community Edition (CE)**. Read the [Semgrep CE section](/release-notes/december-2024#-semgrep-community-edition-ce) for more details.
-- You can now export your findings in CSV format. Semgrep can export up to 10,000 most recent findings. For findings greater than 10,000, use the [ API](https://semgrep.dev/api/v1/docs/). See [Export findings](/semgrep-code/findings#export-findings) for more information.
-- Added new **Pro rules**:
- - 4 new rules for **Express.js** that cover SQL injection, object injection, and misconfiguration vulnerabilities.
- - 13 new rules for **NestJS** framework vulnerabilities that cover code injection, SQL injection, path traversal, log injection, XML external entity, and cross site scripting.
-- **Dependency Path**, which displays how transitive dependencies are imported into your code, is now in public beta for Java Gradle and Maven package managers.
- - Dependency Path for Kotlin is in private beta.
- - To join this beta, contact [ support@semgrep.com](mailto:support@semgrep.com).
-- Semgrep can now scan your Java Gradle and Maven codebases without the need for a lockfile. This feature is in public beta for Java and private beta for Kotlin Gradle and Maven. See also [Scan a project without lockfiles](/semgrep-supply-chain/getting-started#scan-a-project-without-lockfiles-beta).
+- The [Policy Management API](https://semgrep.dev/api/v1/docs/#tag/PoliciesService) is now generally available. The Policy Management API allows you to automate tasks such as:
+ - Add, update, and disable rules across multiple policies.
+ - Apply rules in different modes, such as monitor, comment, block, or disable, to align with security workflows.
+ - Integrate policy management into CI/CD pipelines to ensure consistent enforcement during software development.
+- [Semgrep Managed Scans](/deployment/managed-scanning/azure) for repositories hosted by **Azure DevOps** is now in public beta.
+- [Dependency Paths](/semgrep-supply-chain/dependency-search#view-the-dependency-path) are now available for the following languages and package managers:
+ - **JavaScript**: all package managers are supported by Semgrep.
+ - **Python**: Only Poetry is supported.
+- Semgrep now ingests CVE information from [ Electron release notes](https://releases.electronjs.org/releases/stable). This information is used to generate rules that can detect if you're affected by CVEs from this source.
+- [Noise filtering](/semgrep-assistant/overview#noise-filtering-beta) is now in public beta. With Noise Filtering, Assistant evaluates each Semgrep Code finding to determine if it's a true positive using additional context and prevents a PR comment from being posted in the developer workflow if it's not.
+- [Auto-triage Memories](/semgrep-assistant/getting-started#add-memory-during-triage) is now in public beta. With this feature, you can identify findings that are safe to ignore and write triage notes indicating why this is so. Assistant then stores this information as a memory and uses it to assess whether similar findings are shown to developers in the future. Assistant also takes that memory, reanalyzes similar findings in your backlog, and suggests issues that may be safe to close.
[See the latest release notes ](/release-notes/latest)
diff --git a/docs/release-notes/january-2025.md b/docs/release-notes/january-2025.md
new file mode 100644
index 000000000..6b6e7bcf8
--- /dev/null
+++ b/docs/release-notes/january-2025.md
@@ -0,0 +1,130 @@
+---
+slug: january-2025
+title: January 2025
+hide_title: true
+description: >-
+ Release notes include the changes, fixes, and additions in specific versions of Semgrep.
+tags:
+ - Release notes
+---
+
+# Semgrep release notes for January 2025
+
+## 🌐 Semgrep AppSec Platform
+
+- The **Policy Management API** is now generally available. The Policy Management API allows you to automate tasks such as:
+ - Add, update, and disable rules across multiple policies.
+ - Apply rules in different modes, such as monitor, comment, block, or disable, to align with security workflows.
+ - Integrate policy management into CI/CD pipelines to ensure consistent enforcement during software development.
+- **Semgrep Managed Scans:**
+ - Managed scans for repositories hosted by **Azure DevOps** is now in public beta.
+ - GitHub users can turn on or off full scans and diff-aware scans for individual projects scanned by Semgrep Managed Scans.
+- **Jira:** added the ability to map the **Team** information back to Semgrep.
+- Org admins can now invite new users to Semgrep by email. Invited users receive an email with instructions on how to join the organization's Semgrep account.
+- Added pagination to the **Settings > Access > Members** page, as well as the ability to search for members.
+
+## Changed
+
+- The **search bar** in the **Projects** page now loads faster.
+- Links to the **Project Settings** and **Scans** pages now use project IDs instead of project names. Existing links using project names continue to function normally.
+
+## Fixed
+
+- Fixed an issue where commands not prefixed with `/semgrep` or `/` weren't correctly handled.
+- Fixed an issue where reports generated by Semgrep AppSec Platform weren't correctly displaying the age of findings.
+- Fixed an issue where the first page of Bitbucket Data Center repositories wasn't displayed.
+- Fixed the formatting of Bitbucket Cloud PR comments.
+
+## 💻 Semgrep Code
+
+### Added
+
+- Added support for lambdas (anonymous functions) as callbacks. This is supported for all languages that have lambdas.
+ ```javascript
+ var tainted = source();
+
+ function withCallback1(val, callback) {
+ if (val) {
+ callback(val);
+ }
+ }
+
+ withCallback1(tainted, function (val) {
+ sink(val); // finding !
+ });
+ ```
+
+### Changed
+
+- Removed **pip** from the Semgrep Docker image. If necessary, you can install it by running `apk add py3-pip`.
+
+### Fixed
+
+- The `semgrep test` and `semgrep validate` commands have been correctly documented as **EXPERIMENTAL** in `semgrep --help`.
+ - Those commands are not GA. It is recommended to use the `semgrep scan --test` and `semgrep scan --validate`.
+- Improve error handling for capabilities ancillary to a scan, such as looking for `nosemgrep` comments and rendering autofixes, to reduce the likelihood of an unexpected error in such a component causing the scan to error.
+- Fix the behavior of Semgrep when running into broken symlinks. If such a path is passed explicitly as a scanning root on the command line, it results in an error. Otherwise, if it's a file discovered while scanning the file system, it's a warning.
+- Fixed an issue with crashes due to an exception in `lines_of_file`. The code should now be more robust and not stop the whole scan when an out-of-bound line access happens during `nosemgrep` analysis or when displaying the lines of a match.
+
+## ⛓️ Semgrep Supply Chain
+
+### Added
+
+
+- [Dependency Paths](/semgrep-supply-chain/dependency-search#view-the-dependency-path) are now available for the following languages and package managers:
+ - **JavaScript**: all package managers are supported by Semgrep.
+ - **Python**: Only Poetry is supported.
+- **C#**: Semgrep can now scan NuGet codebases without the need for a lockfile. This feature is in **private beta**. See also [Scan a project without lockfiles](/semgrep-supply-chain/getting-started#scan-a-project-without-lockfiles-beta). Reach out to [ support@semgrep.com](mailto:support@semgrep.com) to join the beta program.
+- Semgrep now ingests CVE information from [ Electron release notes](https://releases.electronjs.org/releases/stable). This information is used to generate rules that can detect if you're affected by CVEs from this source.
+
+### Changed
+
+- Semgrep Supply Chain [Policies](/semgrep-supply-chain/policies) are now in public beta. Creating a policy enables you to:
+ - Customize when Semgrep sends a finding as a PR or MR comment or fails the CI job.
+ - Customize the projects and conditions that send a comment or fail a CI job.
+
+### Fixed
+
+- Fixed bug where Supply Chain diff-aware scans of `package-lock.json` v2 projects incorrectly produced non-new findings.
+
+## 🤖 Semgrep Assistant
+
+### Added
+
+- **Noise filtering** is now in public beta. With Noise Filtering, Assistant evaluates each Semgrep Code finding to determine if it's a true positive using additional context and prevents a PR comment from being posted in the developer workflow if it's not.
+- **Auto-triage Memories** is now in public beta. With this feature, you can identify findings that are safe to ignore and write triage notes indicating why this is so. Assistant then stores this information as a memory and uses it to assess whether similar findings are shown to developers in the future. Assistant also takes that memory, reanalyzes similar findings in your backlog, and suggests issues that may be safe to close.
+
+## 📝 Documentation and knowledge base
+
+### Added
+- Added the following new documents, articles, and sections:
+ - Set up [Semgrep Managed Scans with Azure DevOps](/deployment/managed-scanning/azure).
+ - [Semgrep for developers](/for-developers/overview), a new series of documents that aims to:
+ - Help AppSec engineers educate developers about Semgrep and secure coding.
+ - Inform developers of how to resolve Semgrep findings in various environments, such as their pull requests or merge requests.
+ - [Semgrep Assistant metrics](/semgrep-assistant/metrics), which explains how Assistant's metrics and benchmarks are analyzed.
+ - [SAML single-sign on with Google Workspace](/kb/semgrep-appsec-platform/saml-google-workspace).
+ - [Reference for Semgrepignore v2](/semgrepignore-v2-reference).
+ - [Customize semgrep in `pre-commit`](/kb/integrations/customize-semgrep-precommit).
+- Minor additions and updates:
+ - Added instructions to remove projects scanned with Semgrep Managed Scans.
+- Major updates have been made to the following documentation:
+ - [Supported languages](/supported-languages) now provides a summary table for both Code and Supply Chain features for each language.
+- Thanks to [savq](https://github.com/savq) for their improvements to Semgrep's contributing documentation.
+
+### Changed
+
+- Clarified language around manifest files and lockfiles.
+- Updated Semgrep rules licensing documentation.
+
+### Removed
+
+- Removed references to the asdf-semgrep plugin.
+
+## 🔧 Semgrep Community Edition (CE)
+
+* The following versions of Semgrep CE were released in January 2025:
+
+ - [ 1.102.0](https://github.com/semgrep/semgrep/releases/tag/v1.102.0)
+ - [ 1.103.0](https://github.com/semgrep/semgrep/releases/tag/v1.103.0)
+ - [ 1.104.0](https://github.com/semgrep/semgrep/releases/tag/v1.104.0)
diff --git a/docs/release-notes/latest.md b/docs/release-notes/latest.md
index f418a2386..9d35d0ae0 100644
--- a/docs/release-notes/latest.md
+++ b/docs/release-notes/latest.md
@@ -9,116 +9,123 @@ tags:
- Release notes
---
-# Semgrep release notes for December 2024
-
-:::info Important changes
-- The Semgrep CLI tool requires a minimum version of **Python 3.9** as of Semgrep 1.100.0.
-- Semgrep OSS is now **Semgrep Community Edition (CE)**. Read the [Semgrep CE section](#-semgrep-community-edition-ce) for more details.
-:::
+# Semgrep release notes for January 2025
## 🌐 Semgrep AppSec Platform
-### Added
+- The **Policy Management API** is now generally available. The Policy Management API allows you to automate tasks such as:
+ - Add, update, and disable rules across multiple policies.
+ - Apply rules in different modes, such as monitor, comment, block, or disable, to align with security workflows.
+ - Integrate policy management into CI/CD pipelines to ensure consistent enforcement during software development.
+- **Semgrep Managed Scans:**
+ - Managed scans for repositories hosted by **Azure DevOps** is now in public beta.
+ - GitHub users can turn on or off full scans and diff-aware scans for individual projects scanned by Semgrep Managed Scans.
+- **Jira:** added the ability to map the **Team** information back to Semgrep.
+- Org admins can now invite new users to Semgrep by email. Invited users receive an email with instructions on how to join the organization's Semgrep account.
+- Added pagination to the **Settings > Access > Members** page, as well as the ability to search for members.
-- **Policy management API** is now in private beta. This API enables you to add, update, and turn off rules for selected policies in your chosen mode.
-- You can now export your findings in CSV format. Semgrep can export up to 10,000 most recent findings. For findings greater than 10,000, use the [ API](https://semgrep.dev/api/v1/docs/). See [Export findings](/semgrep-code/findings#export-findings) for more information.
- 
- _**Figure**. The download findings CSV button._
-- Semgrep now tracks individual fields or keys in record or dict expressions. For example:
- ```python
- def foo():
- return { 0: "safe", 1: taint }
-
- def test():
- t = foo()
- sink(t[0]) # safe; this is not a finding
- sink(t[1]) # this produces a finding
- ```
-- **TypeScript**: Semgrep now supports ellipses in function parameters. For
-example, the following code is TypeScript, as opposed to pure JavaScript, because it uses decorators on function parameters:
- ```typescript
- foo(x, @Bar() y, z): string { return ''; }
- ```
- - You can match this method using the following pattern:
- ```typescript
- function $FN(..., @Bar(...) $X, ...) { ... }
- ```
-- C#: Patterns such as new `$T(...)` now matches C# target-typed new expressions such as `new ()`.
+## Changed
-### Changed
+- The **search bar** in the **Projects** page now loads faster.
+- Links to the **Project Settings** and **Scans** pages now use project IDs instead of project names. Existing links using project names continue to function normally.
-- **Semgrep Managed Scans**: Cloning repositories is now faster. This improves the speed of the overall scan.
-- **Reporting**: In cases where there were **no new findings** for the selected time period, the **Guardrails adoption** chart displayed 0% adoption, which was incorrect because there was nothing to adopt as there were no new findings. To better display that there is no data on adoption, the reporting page now displays blocks of grey for periods where there are no findings.
+## Fixed
-### Removed
-
-- Removed the `use-osemgrep-sarif` flag.
+- Fixed an issue where commands not prefixed with `/semgrep` or `/` weren't correctly handled.
+- Fixed an issue where reports generated by Semgrep AppSec Platform weren't correctly displaying the age of findings.
+- Fixed an issue where the first page of Bitbucket Data Center repositories wasn't displayed.
+- Fixed the formatting of Bitbucket Cloud PR comments.
## 💻 Semgrep Code
### Added
-- Added new **Pro rules**:
- - 4 new rules for **Express.js** that cover SQL injection, object injection, and misconfiguration vulnerabilities.
- - 13 new rules for **NestJS** framework vulnerabilities that cover code injection, SQL injection, path traversal, log injection, XML external entity, and cross site scripting.
+- Added support for lambdas (anonymous functions) as callbacks. This is supported for all languages that have lambdas.
+ ```javascript
+ var tainted = source();
+
+ function withCallback1(val, callback) {
+ if (val) {
+ callback(val);
+ }
+ }
+
+ withCallback1(tainted, function (val) {
+ sink(val); // finding !
+ });
+ ```
+
+### Changed
+
+- Removed **pip** from the Semgrep Docker image. If necessary, you can install it by running `apk add py3-pip`.
### Fixed
-
-- Fixed the date format used in `--gitlab-sast` option to match the specification and not use RFC 3339. Thanks to Elias Haeussler for the fix.
-- Fixed what is considered a sink when a sink formula matches a lambda expression: it is the lambda itself that is the sink, not the individual statements in the lambda.
-
+- The `semgrep test` and `semgrep validate` commands have been correctly documented as **EXPERIMENTAL** in `semgrep --help`.
+ - Those commands are not GA. It is recommended to use the `semgrep scan --test` and `semgrep scan --validate`.
+- Improve error handling for capabilities ancillary to a scan, such as looking for `nosemgrep` comments and rendering autofixes, to reduce the likelihood of an unexpected error in such a component causing the scan to error.
+- Fix the behavior of Semgrep when running into broken symlinks. If such a path is passed explicitly as a scanning root on the command line, it results in an error. Otherwise, if it's a file discovered while scanning the file system, it's a warning.
+- Fixed an issue with crashes due to an exception in `lines_of_file`. The code should now be more robust and not stop the whole scan when an out-of-bound line access happens during `nosemgrep` analysis or when displaying the lines of a match.
## ⛓️ Semgrep Supply Chain
### Added
-- Semgrep now supports reachability for **Swift**. For CLI users, ensure that you are using Semgrep **1.98.0 or higher**. Swift is the tenth language Semgrep supports with reachability analysis.
- - Added support for SwiftPM `Package.resolved` version 3.
-- **Dependency Path**, which displays how transitive dependencies are imported into your code, is now in public beta for Java Gradle and Maven package managers.
- - Dependency Path for Kotlin is in private beta.
- - To join this beta, contact [ support@semgrep.com](mailto:support@semgrep.com).
-- Semgrep can now scan your Java Gradle and Maven codebases without the need for a lockfile. This feature is in public beta for Java and private beta for Kotlin Gradle and Maven. See also [Scan a project without lockfiles](/semgrep-supply-chain/getting-started#scan-a-project-without-lockfiles-beta).
- - To participate in this beta, contact [ support@semgrep.com](mailto:support@semgrep.com).
- - Semgrep now provides the flag `--allow-local-builds`, which is used to enable this feature.
+
+- [Dependency Paths](/semgrep-supply-chain/dependency-search#view-the-dependency-path) are now available for the following languages and package managers:
+ - **JavaScript**: all package managers are supported by Semgrep.
+ - **Python**: Only Poetry is supported.
+- **C#**: Semgrep can now scan NuGet codebases without the need for a lockfile. This feature is in **private beta**. See also [Scan a project without lockfiles](/semgrep-supply-chain/getting-started#scan-a-project-without-lockfiles-beta). Reach out to [ support@semgrep.com](mailto:support@semgrep.com) to join the beta program.
+- Semgrep now ingests CVE information from [ Electron release notes](https://releases.electronjs.org/releases/stable). This information is used to generate rules that can detect if you're affected by CVEs from this source.
### Changed
-- Improved `pnpm-lock.yaml` parsing.
+- Semgrep Supply Chain [Policies](/semgrep-supply-chain/policies) are now in public beta. Creating a policy enables you to:
+ - Customize when Semgrep sends a finding as a PR or MR comment or fails the CI job.
+ - Customize the projects and conditions that send a comment or fail a CI job.
+
+### Fixed
+
+- Fixed bug where Supply Chain diff-aware scans of `package-lock.json` v2 projects incorrectly produced non-new findings.
## 🤖 Semgrep Assistant
-### Changed
+### Added
-- Semgrep Assistant is in the process of integrating its remediation guidelines into a single PR or MR comment. This means that you receive only one comment per finding, not including summary comments.
- - Previously, Semgrep Assistant would add an additional, separate comment on the thread after the first comment from Semgrep. With this change, **all Semgrep guidance** is in one comment for clarity.
- - This change is rolling out over the course of several weeks.
+- **Noise filtering** is now in public beta. With Noise Filtering, Assistant evaluates each Semgrep Code finding to determine if it's a true positive using additional context and prevents a PR comment from being posted in the developer workflow if it's not.
+- **Auto-triage Memories** is now in public beta. With this feature, you can identify findings that are safe to ignore and write triage notes indicating why this is so. Assistant then stores this information as a memory and uses it to assess whether similar findings are shown to developers in the future. Assistant also takes that memory, reanalyzes similar findings in your backlog, and suggests issues that may be safe to close.
## 📝 Documentation and knowledge base
-### Added
-
-- Added the following new documents, articles and sections:
- - [JSON and SARIF reference](/semgrep-appsec-platform/json-and-sarif) provides you with a list of fields supported by Semgrep CE and Semgrep AppSec Platform.
- - [Full and diff-aware scans with GitHub and Jenkins](/kb/semgrep-ci/jenkins-diff-scans) helps you set up and troubleshoot Semgrep.
- - The [Semgrep Supply Chain > Dependency graphs](/semgrep-supply-chain/dependency-search#dependency-paths-beta) section provides instructions on how to enable the feature.
- - Instructions on [scanning a project without lockfiles](/semgrep-supply-chain/getting-started#scan-a-project-without-lockfiles-beta) in Semgrep Supply Chain.
+### Added
+- Added the following new documents, articles, and sections:
+ - Set up [Semgrep Managed Scans with Azure DevOps](/deployment/managed-scanning/azure).
+ - [Semgrep for developers](/for-developers/overview), a new series of documents that aims to:
+ - Help AppSec engineers educate developers about Semgrep and secure coding.
+ - Inform developers of how to resolve Semgrep findings in various environments, such as their pull requests or merge requests.
+ - [Semgrep Assistant metrics](/semgrep-assistant/metrics), which explains how Assistant's metrics and benchmarks are analyzed.
+ - [SAML single-sign on with Google Workspace](/kb/semgrep-appsec-platform/saml-google-workspace).
+ - [Reference for Semgrepignore v2](/semgrepignore-v2-reference).
+ - [Customize semgrep in `pre-commit`](/kb/integrations/customize-semgrep-precommit).
+- Minor additions and updates:
+ - Added instructions to remove projects scanned with Semgrep Managed Scans.
+- Major updates have been made to the following documentation:
+ - [Supported languages](/supported-languages) now provides a summary table for both Code and Supply Chain features for each language.
+- Thanks to [savq](https://github.com/savq) for their improvements to Semgrep's contributing documentation.
### Changed
-- Updated Quickstart links to point users to the most common methods of setting up Semgrep.
-- Updated language support details in [Supported languages > Semgrep Supply Chain](/supported-languages#semgrep-supply-chain).
-- **Extract mode** has been moved to the [Deprecated experiments](/writing-rules/experiments/deprecated-experiments) page.
-- Updated Semgrep Secrets triage documentation to include new ticketing integrations and triage states.
-- Renamed instances of Semgrep OSS to Semgrep CE, except for instances within release notes.
+- Clarified language around manifest files and lockfiles.
+- Updated Semgrep rules licensing documentation.
+
+### Removed
+
+- Removed references to the asdf-semgrep plugin.
## 🔧 Semgrep Community Edition (CE)
-- Semgrep OSS has been renamed to **Semgrep Community Edition (CE)**. Semgrep CE remains free, with 2800+ rules and no login required. See also [ Important updates to Semgrep OSS](https://semgrep.dev/blog/2024/important-updates-to-semgrep-oss/) in the Semgrep blog.
-- Rules authored and maintained by Semgrep, Inc. are now licensed under [ Semgrep Rules License v.1.0](https://semgrep.dev/legal/rules-license/). These rules are available only for internal, non-competing, and non-Software-as-a-Service (SaaS) contexts.
-- As of Semgrep 1.100.0, certain JSON and SARIF export fields are available only for logged-in users. See the [JSON and SARIF reference](/semgrep-appsec-platform/json-and-sarif) for the list of fields.
-- The following versions of Semgrep CE were released in December 2024:
- - [ 1.98.0](https://github.com/semgrep/semgrep/releases/tag/v1.98.0)
- - [ 1.99.0](https://github.com/semgrep/semgrep/releases/tag/v1.99.0)
- - [ 1.100.0](https://github.com/semgrep/semgrep/releases/tag/v1.100.0)
- - [ 1.101.0](https://github.com/semgrep/semgrep/releases/tag/v1.101.0)
+* The following versions of Semgrep CE were released in January 2025:
+
+ - [ 1.102.0](https://github.com/semgrep/semgrep/releases/tag/v1.102.0)
+ - [ 1.103.0](https://github.com/semgrep/semgrep/releases/tag/v1.103.0)
+ - [ 1.104.0](https://github.com/semgrep/semgrep/releases/tag/v1.104.0)
diff --git a/docs/semgrep-supply-chain/dependency-search.md b/docs/semgrep-supply-chain/dependency-search.md
index 870af12d3..60a506888 100644
--- a/docs/semgrep-supply-chain/dependency-search.md
+++ b/docs/semgrep-supply-chain/dependency-search.md
@@ -105,12 +105,12 @@ Semgrep generates dependency paths for JavaScript projects that utilize `pnpm` a
Semgrep generates dependency paths for Python projects that utilize `poetry` and include a `poetry.lock` file whenever you invoke a scan using `semgrep ci`.
-### View the dependency graph
+### View the dependency path
-Once the scan completes, view the dependency graph in Semgrep AppSec Platform on:
+Once the scan completes, view the dependency path in Semgrep AppSec Platform on:
- The **Finding Details** page for a transitive finding
-- The **Supply Chain > Dependencies** tab when you view a transitive dependency; click **Transitive** to launch the dependency graph
+- The **Supply Chain > Dependencies** tab when you view a transitive dependency; click **Transitive** to launch the dependency path
_**Figure**. Supply Chain findings with a dependency graph shown._
diff --git a/docs/semgrep-supply-chain/policies.md b/docs/semgrep-supply-chain/policies.md
index 06cac421d..7df90eadd 100644
--- a/docs/semgrep-supply-chain/policies.md
+++ b/docs/semgrep-supply-chain/policies.md
@@ -24,7 +24,7 @@ You can create as many policies as you need.
## Feature maturity
-The Supply Chain policies feature is in **private beta**. To apply to this beta, reach out to [ support@semgrep.com](mailto:support@semgrep.com).
+The Supply Chain policies feature is in **public beta**. To apply to this beta, reach out to [ support@semgrep.com](mailto:support@semgrep.com).
## Prerequisites
diff --git a/sidebars.js b/sidebars.js
index 055e3f51d..5e77c990c 100644
--- a/sidebars.js
+++ b/sidebars.js
@@ -669,6 +669,18 @@ module.exports = {
link: {type: 'doc', id: 'release-notes/introduction'},
items: [
'release-notes/latest',
+ {
+ type: 'category',
+ label: '2025',
+ collapsible: true,
+ link: {
+ type: 'generated-index',
+ title: '2025 Release notes'
+ },
+ items: [
+ 'release-notes/january-2025',
+ ],
+ },
{
type: 'category',
label: '2024',
diff --git a/static/img/guardrails-secrets.png b/static/img/guardrails-secrets.png
index 0ff416134..fc383dc63 100644
Binary files a/static/img/guardrails-secrets.png and b/static/img/guardrails-secrets.png differ