Semgrep
JSON →Semgrep is a fast, open-source, static analysis engine for finding bugs, detecting vulnerabilities in third-party dependencies, and enforcing code standards across over 30 programming languages. It scans code locally, without uploading it to external servers by default. As of version 1.156.0, it is actively developed with frequent (often weekly) releases, offering both a free Community Edition and a commercial AppSec Platform with enhanced features.
Traffic · last 30 days ↓25% vs prev 7d
total hits 24
actors 8 distinct systems
last hit 1d ago GPTBot
top countries 🇺🇸 United States · 🇨🇦 Canada · BD · 🇩🇪 Germany · 🇳🇴 Norway
Resources
packagepypi.org/project/semgrep/ ↗
API endpoints
full doc /v1/registry/semgrep
install /v1/registry/semgrep/install
compatibility /v1/registry/semgrep/compatibility