unsubbed.co

Semgrep

An extensible developer-friendly application security platform that scans source code to surface true and actionable security issues with AI-assisted SAST, SCA, and Secrets Detection solutions

LGPL-2.1 Free returntocorp/semgrep · 14K semgrep.dev OCaml 3 deploy options Plugins

Overview

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code. An extensible developer-friendly application security platform that scans source code to surface true and actionable security issues with AI-assisted SAST, SCA, and Secrets Detection solutions. The project has 14K+ GitHub stars and is licensed under LGPL-2.1.

Getting Started

Source: GitHub README

  1. From the Semgrep AppSec Platform
  2. From the CLI

For new users, we recommend starting with the Semgrep AppSec Platform because it provides a visual interface, a demo project, result triaging and exploration workflows, and makes setup in CI/CD fast. Scans are still local and code isn’t uploaded. Alternatively, you can also start with the CLI and navigate the terminal output to run one-off searches.

Normalized Features

Source: tool-features-normalized.json

brew, docker, pip, plugins.

Deploy

Docker

Self-host with Docker Compose

Coolify

One-click via Coolify panel
elestio

Elestio

Managed hosting from $9/mo
pikapods

PikaPods

Simple managed hosting

Features

Integrations & APIs

  • Plugin / Extension System

Category

Developer Tools (181)

Replaces

Snyk
1 tools

Related Developer Tools Tools

View all 181 →

Neovim

97K

The hyperextensible Vim fork that rewards the time you invest — sub-100ms startup, modal editing, total customization, and no licensing fees.

developer tools

Hoppscotch Community Edition

78K

Open-source API development ecosystem — lightweight, fast alternative to Postman with REST, GraphQL, WebSocket, and real-time API testing.

developer tools MIT

code-server

77K

Run VS Code on any machine and access it through a browser — code from your iPad, Chromebook, or any device with a web browser.

developer tools MIT

Appwrite

55K

Open-source backend-as-a-service with authentication, databases, storage, functions, and messaging. Self-hosted Firebase alternative for web and mobile apps.

developer tools BSD-3-Clause

Gitea

54K

Lightweight, self-hosted Git service with code hosting, pull requests, CI/CD, package registry, and project management. GitHub alternative that runs on a Raspberry Pi.

developer tools MIT

Gogs

48K

A painless, lightweight, self-hosted Git service written in Go. Minimal resource usage, easy setup, and runs on anything from a Raspberry Pi to a VPS.

developer tools MIT