Image Overview: semgrep

Overview: semgrep Chainguard Image

This image contains the CLI for the Semgrep static analysis tool. Semgrep is a lightweight static analysis tool for many languages. Find bug variants with patterns that look like source code.

Get It!

The image is available on

$ docker pull
Using default tag: latest
latest: Pulling from chainguard/semgrep
Status: Downloaded newer image for

Use It!

The image can be run directly and sets the semgrep binary as the entrypoint:

$ docker run

Usage: semgrep [OPTIONS] COMMAND [ARGS]...

  To get started quickly, run `semgrep scan --config auto`

  Run `semgrep SUBCOMMAND --help` for more information on each subcommand

  If no subcommand is passed, will run `scan` subcommand by default

  -h, --help  Show this message and exit.

  ci                   The recommended way to run semgrep in CI
  install-semgrep-pro  Install the Semgrep Pro Engine
  login                Obtain and save credentials for
  logout               Remove locally stored credentials to
  lsp                  [EXPERIMENTAL] Start the Semgrep LSP server
  publish              Upload rule to
  scan                 Run semgrep rules on files
  shouldafound         Report a false negative in this project.