semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code. (by semgrep)
Review Static Analysis static-code-analysis Java Go Sast semgrep r2c C Python Ruby JavaScript TypeScript
Source Code
semgrep.dev
semgrep Reviews
Suggest alternative
Edit details
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Semgrep Alternatives

Similar projects and alternatives to semgrep

semgrep
semgrep

  1. rust

    2,803 semgrep VS rust

    Empowering everyone to build reliable and efficient software.

  2. CodeRabbit

    CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

    CodeRabbit logo

  3. pre-commit

    202 semgrep VS pre-commit

    A framework for managing and maintaining multi-language pre-commit hooks.

  4. Apache Log4j 2

    108 semgrep VS Apache Log4j 2

    Apache Log4j is a versatile, feature-rich, efficient logging API and backend for Java.

  5. coq

    88 semgrep VS coq

    Coq is a formal proof management system. It provides a formal language to write mathematical definitions, executable algorithms and theorems together with an environment for semi-interactive development of machine-checked proofs.

  6. SonarQube

    70 semgrep VS SonarQube

    Continuous Inspection

  7. golangci-lint

    74 semgrep VS golangci-lint

    Fast linters runner for Go

  8. snyk

    64 semgrep VS snyk

    Discontinued Snyk CLI scans and monitors your projects for security vulnerabilities. [Moved to: https://github.com/snyk/cli]

  9. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  10. ZAP

    70 semgrep VS ZAP

    The ZAP by Checkmarx Core project

  11. ast-grep

    48 semgrep VS ast-grep

    ⚡A CLI tool for code structural search, lint and rewriting. Written in Rust

  12. infer

    42 semgrep VS infer

    A static analyzer for Java, C, C++, and Objective-C

  13. git-secrets

    35 semgrep VS git-secrets

    Prevents you from committing secrets and credentials into git repositories

  14. PMD

    23 semgrep VS PMD

    An extensible multilanguage static code analyzer.

  15. gosec

    22 semgrep VS gosec

    Go security checker

  16. Logback

    21 semgrep VS Logback

    The reliable, generic, fast and flexible logging framework for Java.

  17. bearer

    20 semgrep VS bearer

    Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

  18. semgrep-rules

    10 semgrep VS semgrep-rules

    Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.

  19. Spotbugs

    19 semgrep VS Spotbugs

    SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

  20. codeql

    20 semgrep VS codeql

    CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

  21. pfff

    6 semgrep VS pfff

    Discontinued Tools for code analysis, visualizations, or style-preserving source transformation.

  22. logging-log4j1

    5 semgrep VS logging-log4j1

    Discontinued Apache log4j1

  23. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better semgrep alternative or higher similarity.
Suggest an alternative to semgrep

semgrep discussion

Log in or Post with

semgrep reviews and mentions

Posts with mentions or reviews of semgrep. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2025-02-28.

Stats

Basic semgrep repo stats
80
11,364
9.9
5 days ago

semgrep/semgrep is an open source project licensed under GNU Lesser General Public License v3.0 only which is an OSI approved license.

The primary programming language of semgrep is OCaml.

Popular Comparisons

  1. semgrep VS SonarQube
  2. semgrep VS Spotbugs
  3. semgrep VS snyk
  4. semgrep VS codeql
  5. semgrep VS pre-commit
  6. semgrep VS infer
  7. semgrep VS gitleaks
  8. semgrep VS detect-secrets
  9. semgrep VS comby
  10. semgrep VS qodana-action

Sponsored
CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai
Loading...