semgrep · khorne3 · Dec 2, 2025 · Dec 2, 2025
diff --git a/docs/extensions/semgrep-intellij.md b/docs/extensions/semgrep-intellij.md
@@ -87,7 +87,7 @@ Hover over a match and click the link.
 
 ## Support
 
-If you need our support, join the [Semgrep community Slack workspace](http://go.semgrep.dev/slack) and tell us about any problems you encountered.
+If you need our support, join the [Semgrep community Slack workspace](https://go.semgrep.dev/slack) and tell us about any problems you encountered.
 
 ## Limitations
 

diff --git a/docs/faq/comparisons/opengrep.md b/docs/faq/comparisons/opengrep.md
@@ -19,7 +19,7 @@ To resolve confusion within security and developer communities when trying to ch
 
 ## What is Semgrep Community Edition?
 
-[Semgrep Community Edition](http://semgrep.dev/products/community-edition) (CE) is the collective name for the [open source Semgrep engine](https://github.com/semgrep/semgrep), previously known as Semgrep OSS, and the collection of rules published and maintained by the Semgrep community and Semgrep, Inc. 
+[Semgrep Community Edition](https://semgrep.dev/products/community-edition) (CE) is the collective name for the [open source Semgrep engine](https://github.com/semgrep/semgrep), previously known as Semgrep OSS, and the collection of rules published and maintained by the Semgrep community and Semgrep, Inc. 
 
 ## What is Opengrep?
 

diff --git a/docs/learn/vulnerabilities/server-side-request-forgery/overview.md b/docs/learn/vulnerabilities/server-side-request-forgery/overview.md
@@ -60,7 +60,7 @@ def fetch_data_securely():
     return response.text
 ```
 
-In the function `fetch_data_vulnerable`, a request is made to a user-supplied url. There is a check to see if the url is on the domain [`semgrep.dev`](http://semgrep.dev) but it is insufficient. Notice what happens if the user enters `https://semgrep.dev.attacker.com`. The resulting URL is an attacker-controlled domain. This is a textbook case of SSRF.
+In the function `fetch_data_vulnerable`, a request is made to a user-supplied url. There is a check to see if the url is on the domain [`semgrep.dev`](https://semgrep.dev) but it is insufficient. Notice what happens if the user enters `https://semgrep.dev.attacker.com`. The resulting URL is an attacker-controlled domain. This is a textbook case of SSRF.
 
 Tools like Semgrep can detect this type of issue automatically. They will look for untrusted input from user requests flowing into functions that send HTTP requests. The rule recognizes when user input is concatenated into the URL or passed through intermediate variables. This makes it practical to find SSRF vulnerabilities across large codebases without needing to manually inspect every string operation.
 

diff --git a/src/components/procedure/_quickstart-intellij.md b/src/components/procedure/_quickstart-intellij.md
@@ -13,5 +13,5 @@
 4. See Semgrep findings: Hold the pointer over the code that has the red underline.
 
 :::info Feature maturity
-Semgrep's IntelliJ extensions are currently in beta. Currently, the IntelliJ extension only supports Semgrep Community Edition (CE) - it doesn't support Semgrep Supply Chain, Secrets, Pro rules, or Pro Engine. Please join the [Semgrep community Slack workspace](http://go.semgrep.dev/slack) and let the Semgrep team know if you encounter any issues.
+Semgrep's IntelliJ extensions are currently in beta. Currently, the IntelliJ extension only supports Semgrep Community Edition (CE) - it doesn't support Semgrep Supply Chain, Secrets, Pro rules, or Pro Engine. Please join the [Semgrep community Slack workspace](https://go.semgrep.dev/slack) and let the Semgrep team know if you encounter any issues.
 :::