Subscribe
Sign in
Semgrep — Find bugs and enforce code standards
A fast, open-source, code analysis tool that excels at expressing code standards — without complicated queries. Rules look just like code; no more wrestling with regexes. Includes 900+ rules and SaaS infra for use in your editor, at commit-time, or in CI.
1
Replies
Best
Bence Nagy
Maker
Heya all! Excited for my first post here after lurking for 4-5 years! I joined the team behind Semgrep (called r2c; bonus points for anyone who gets the reference) around half a year ago because I saw they were on the right track to overhaul the code analysis landscape.
My personal highlights of Semgrep are:
• You write code to search code: `print("hi world")` can be found with the pattern `print(...)`
• We're collating much of the world's security know-how with the 900+ Semgrep rules we gathered from the community in a GitHub repo: https://github.com/returntocorp/...
Happy to answer questions here or on our community Slack! You can join that via https://r2c.dev/slack
Report
Share