{"library":"semgrep","title":"Semgrep","description":"Semgrep is a fast, open-source, static analysis engine for finding bugs, detecting vulnerabilities in third-party dependencies, and enforcing code standards across over 30 programming languages. It scans code locally, without uploading it to external servers by default. As of version 1.156.0, it is actively developed with frequent (often weekly) releases, offering both a free Community Edition and a commercial AppSec Platform with enhanced features.","language":"python","status":"active","last_verified":"Tue May 19","install":{"commands":["pip install semgrep"],"cli":{"name":"semgrep","version":"1.163.0"}},"imports":["import subprocess"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"import subprocess\nimport json\nimport os\n\n# Create a dummy Python file to scan for demonstration\ndummy_code = \"\"\"\nimport os\n\ndef vulnerable_function(user_input):\n    # This pattern (os.system with user input) is often flagged by security rules\n    os.system(f\"echo {user_input}\") \n\ndef harmless_function():\n    print(\"Hello, Semgrep!\")\n\"\"\"\n\nfile_path = \"vulnerable_app.py\"\nwith open(file_path, \"w\") as f:\n    f.write(dummy_code)\n\nprint(f\"Created {file_path} for scanning.\")\n\ntry:\n    # Run Semgrep scan on the dummy file with a common security ruleset\n    # Use --json for machine-readable output and --error to get a non-zero exit code on findings\n    # `check=False` is used to allow inspection of output even if Semgrep exits with findings (code 1)\n    result = subprocess.run(\n        [\"semgrep\", \"scan\", \"--config\", \"p/security-audit\", file_path, \"--json\", \"--error\"],\n        capture_output=True,\n        text=True,\n        check=False \n    )\n\n    print(\"\\n--- Semgrep CLI Output (stdout) ---\")\n    print(result.stdout)\n\n    if result.stderr:\n        print(\"\\n--- Semgrep CLI Error (stderr) ---\")\n        print(result.stderr)\n\n    if result.returncode != 0:\n        print(f\"\\nSemgrep exited with non-zero code: {result.returncode}. This indicates findings or an actual error.\")\n    else:\n        print(\"\\nSemgrep exited with code 0. No findings or --error was not used/no blocking rules.\")\n\n    # Parse JSON output if available\n    try:\n        json_output = json.loads(result.stdout)\n        if json_output.get(\"results\"):\n            print(f\"\\nFound {len(json_output['results'])} security findings:\")\n            for finding in json_output[\"results\"]:\n                print(f\"  - Rule: {finding['check_id']} at {finding['start']['line']}:{finding['start']['col']}\")\n                print(f\"    Message: {finding['extra']['message']}\")\n        else:\n            print(\"\\nNo findings reported in JSON output.\")\n    except json.JSONDecodeError:\n        print(\"\\nCould not decode JSON output.\")\n\nexcept FileNotFoundError:\n    print(\"Error: 'semgrep' command not found. Please ensure Semgrep is installed and in your PATH.\")\nexcept Exception as e:\n    print(f\"An unexpected error occurred: {e}\")\nfinally:\n    # Clean up the dummy file\n    if os.path.exists(file_path):\n        os.remove(file_path)\n        print(f\"\\nCleaned up {file_path}.\")","lang":"python","description":"This quickstart demonstrates how to programmatically run a Semgrep scan on a Python file using the `subprocess` module. It creates a dummy file with a common vulnerability pattern, runs Semgrep with a security ruleset, and parses the JSON output to display findings.","tag":"verified","tag_description":"quickstart runs on critical runtimes, recently tested","last_tested":"2026-04-24","results":[{"runtime":"python:3.10-alpine","exit_code":0},{"runtime":"python:3.10-slim","exit_code":0},{"runtime":"python:3.11-alpine","exit_code":0},{"runtime":"python:3.11-slim","exit_code":0},{"runtime":"python:3.12-alpine","exit_code":0},{"runtime":"python:3.12-slim","exit_code":0},{"runtime":"python:3.13-alpine","exit_code":0},{"runtime":"python:3.13-slim","exit_code":0},{"runtime":"python:3.9-alpine","exit_code":0},{"runtime":"python:3.9-slim","exit_code":0}]},"compatibility":{"tag":"verified","tag_description":"installs cleanly on critical runtimes, fast import, recently tested","last_tested":"2026-05-19","installed_version":"1.136.0","pypi_latest":"1.163.0","is_stale":true,"summary":{"python_range":"3.10–3.9","success_rate":100,"avg_install_s":14.6,"avg_import_s":0.02,"wheel_type":"wheel"},"results":[{"runtime":"python:3.10-alpine","python_version":"3.10","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.01,"mem_mb":0.5,"disk_size":"410.9M"},{"runtime":"python:3.10-alpine","python_version":"3.10","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":"clean","install_time_s":null,"import_time_s":0.01,"mem_mb":0.5,"disk_size":"411.3M"},{"runtime":"python:3.10-alpine","python_version":"3.10","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":null,"failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.01,"mem_mb":0.5,"disk_size":"312.6M"},{"runtime":"python:3.10-slim","python_version":"3.10","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":null,"install_time_s":17,"import_time_s":0.01,"mem_mb":0.5,"disk_size":"407M"},{"runtime":"python:3.10-slim","python_version":"3.10","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":"clean","install_time_s":16.5,"import_time_s":0.01,"mem_mb":0.5,"disk_size":"407M"},{"runtime":"python:3.10-slim","python_version":"3.10","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":null,"failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.01,"mem_mb":0.5,"disk_size":"313M"},{"runtime":"python:3.11-alpine","python_version":"3.11","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.02,"mem_mb":1,"disk_size":"421.7M"},{"runtime":"python:3.11-alpine","python_version":"3.11","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":"clean","install_time_s":null,"import_time_s":0.02,"mem_mb":1,"disk_size":"422.2M"},{"runtime":"python:3.11-alpine","python_version":"3.11","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":null,"failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.02,"mem_mb":1,"disk_size":"322.7M"},{"runtime":"python:3.11-slim","python_version":"3.11","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":null,"install_time_s":16.6,"import_time_s":0.02,"mem_mb":1,"disk_size":"418M"},{"runtime":"python:3.11-slim","python_version":"3.11","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":"clean","install_time_s":15.2,"import_time_s":0.01,"mem_mb":1,"disk_size":"418M"},{"runtime":"python:3.11-slim","python_version":"3.11","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":null,"failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.02,"mem_mb":1,"disk_size":"323M"},{"runtime":"python:3.12-alpine","python_version":"3.12","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.02,"mem_mb":0.8,"disk_size":"411.9M"},{"runtime":"python:3.12-alpine","python_version":"3.12","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":"clean","install_time_s":null,"import_time_s":0.02,"mem_mb":0.8,"disk_size":"412.3M"},{"runtime":"python:3.12-alpine","python_version":"3.12","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":null,"failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.02,"mem_mb":0.8,"disk_size":"312.9M"},{"runtime":"python:3.12-slim","python_version":"3.12","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":null,"install_time_s":13.5,"import_time_s":0.02,"mem_mb":0.8,"disk_size":"408M"},{"runtime":"python:3.12-slim","python_version":"3.12","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":"clean","install_time_s":12.5,"import_time_s":0.02,"mem_mb":0.8,"disk_size":"408M"},{"runtime":"python:3.12-slim","python_version":"3.12","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":null,"failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.02,"mem_mb":0.8,"disk_size":"313M"},{"runtime":"python:3.13-alpine","python_version":"3.13","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.02,"mem_mb":1,"disk_size":"411.8M"},{"runtime":"python:3.13-alpine","python_version":"3.13","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":"clean","install_time_s":null,"import_time_s":0.02,"mem_mb":1,"disk_size":"412.2M"},{"runtime":"python:3.13-alpine","python_version":"3.13","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":null,"failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.02,"mem_mb":1,"disk_size":"312.7M"},{"runtime":"python:3.13-slim","python_version":"3.13","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":null,"install_time_s":13.9,"import_time_s":0.01,"mem_mb":0.8,"disk_size":"408M"},{"runtime":"python:3.13-slim","python_version":"3.13","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":"clean","install_time_s":12.7,"import_time_s":0.01,"mem_mb":0.8,"disk_size":"408M"},{"runtime":"python:3.13-slim","python_version":"3.13","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":null,"failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.02,"mem_mb":0.8,"disk_size":"313M"},{"runtime":"python:3.9-alpine","python_version":"3.9","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.01,"mem_mb":0.5,"disk_size":"250.0M"},{"runtime":"python:3.9-alpine","python_version":"3.9","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":"clean","install_time_s":null,"import_time_s":0.01,"mem_mb":0.5,"disk_size":"250.1M"},{"runtime":"python:3.9-alpine","python_version":"3.9","os_libc":"alpine (musl)","variant":"semgrep","exit_code":0,"wheel_type":null,"failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.01,"mem_mb":0.5,"disk_size":"249.9M"},{"runtime":"python:3.9-slim","python_version":"3.9","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":null,"install_time_s":14.4,"import_time_s":0.01,"mem_mb":0.5,"disk_size":"251M"},{"runtime":"python:3.9-slim","python_version":"3.9","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":"wheel","failure_reason":null,"import_side_effects":"clean","install_time_s":13.4,"import_time_s":0.01,"mem_mb":0.5,"disk_size":"251M"},{"runtime":"python:3.9-slim","python_version":"3.9","os_libc":"slim (glibc)","variant":"semgrep","exit_code":0,"wheel_type":null,"failure_reason":null,"import_side_effects":null,"install_time_s":null,"import_time_s":0.01,"mem_mb":0.5,"disk_size":"250M"}]}}