Semgrep

Free, open-source lightweight static analysis for many languages. Find and block bug variants with patterns that look like source code.

Official Semgrep Homepage

https://github.com/returntocorp/semgrep

GNU Lesser General Public License v2.1

Maintained