Product Docs
Open Source
Education
This image contains the CLI for the Semgrep static analysis tool. Semgrep is a lightweight static analysis tool for many languages. Find bug variants with patterns that look like source code.
The image is available on cgr.dev:
cgr.dev
$ docker pull cgr.dev/chainguard/semgrep:latest Using default tag: latest latest: Pulling from chainguard/semgrep [...] Status: Downloaded newer image for cgr.dev/chainguard/semgrep:latest cgr.dev/chainguard/semgrep:latest
The image can be run directly and sets the semgrep binary as the entrypoint:
$ docker run cgr.dev/chainguard/semgrep:latest Usage: semgrep [OPTIONS] COMMAND [ARGS]... To get started quickly, run `semgrep scan --config auto` Run `semgrep SUBCOMMAND --help` for more information on each subcommand If no subcommand is passed, will run `scan` subcommand by default Options: -h, --help Show this message and exit. Commands: ci The recommended way to run semgrep in CI install-semgrep-pro Install the Semgrep Pro Engine login Obtain and save credentials for semgrep.dev logout Remove locally stored credentials to semgrep.dev lsp [EXPERIMENTAL] Start the Semgrep LSP server publish Upload rule to semgrep.dev scan Run semgrep rules on files shouldafound Report a false negative in this project.