Image Overview: semgrep

Overview: semgrep Chainguard Image

CLI for the Semgrep static analysis tool. Semgrep is a lightweight static analysis tool for many languages. It finds bug variants with patterns that look like source code.

Download this Image

The image is available on

docker pull

Use It!

The image can be run directly and sets the semgrep binary as the entrypoint:

$ docker run

Usage: semgrep [OPTIONS] COMMAND [ARGS]...

  To get started quickly, run `semgrep scan --config auto`

  Run `semgrep SUBCOMMAND --help` for more information on each subcommand

  If no subcommand is passed, will run `scan` subcommand by default

  -h, --help  Show this message and exit.

  ci                   The recommended way to run semgrep in CI
  install-semgrep-pro  Install the Semgrep Pro Engine
  login                Obtain and save credentials for
  logout               Remove locally stored credentials to
  lsp                  [EXPERIMENTAL] Start the Semgrep LSP server
  publish              Upload rule to
  scan                 Run semgrep rules on files
  shouldafound         Report a false negative in this project.

Last updated: 2024-04-11 12:38