Last changed
docker pull cgr.dev/chainguard/semgrep
Need access to a specific version? Contact us.
Get notified of upcoming product changes, critical vulnerability notifications and patches and more.
Sign InCLI for the Semgrep static analysis tool. Semgrep is a lightweight static analysis tool for many languages. It finds bug variants with patterns that look like source code.
The image is available on cgr.dev
:
The image can be run directly and sets the semgrep binary as the entrypoint:
Chainguard Images contain software packages that are direct or transitive dependencies. The following licenses were found in the "latest" version of this image:
Apache-2.0
BSD-2-Clause
BSD-3-Clause
GCC-exception-3.1
GPL-2.0-or-later
GPL-3.0-or-later
LGPL-2.0-or-later
For a complete list of licenses, please refer to this Image's SBOM.
Software license agreement