Semgrep Files

Lightweight static analysis for many languages

This is an exact mirror of the Semgrep project, hosted at https://github.com/returntocorp/semgrep. SourceForge is not affiliated with Semgrep. For more information, see the SourceForge Open Source Mirror Directory.

The interactive file manager requires Javascript. Please enable it or use sftp or scp.
You may still browse the files here.

Name	Modified	Size	InfoDownloads / Week
Parent folder
README.md	2025-10-16	1.3 kB	0
Release v1.140.0 source code.tar.gz	2025-10-16	11.2 MB	0
Release v1.140.0 source code.zip	2025-10-16	15.5 MB	9
Totals: 3 Items		26.7 MB	9

1.140.0 - 2025-10-16

Added

scala: Allow partial case patterns such as case 1 => ... to easily match individual case clauses within a match-expression. (code-9118)
Added python 3.14 support. (gh-11250)
MCP: Slash command setup_semgrep_mcp now supports Claude Code. (saf-2261)

Changed

Semgrep's Docker image base has been bumped from Alpine Linux 3.21 to 3.22 (docker-version)

Fixed

Java and Rust: Fixed parsing of float and double literals with type suffixes so they can be used in metavariable-comparison and pattern matching. Previously, Java literals like 0.5f or 1.0d, and Rust literals like 0.5f32 or 1.0f64 would fail to parse and could not be compared. (gh-7968)
Display an error instead of a malformed success message when the show subcommand fails due to an invalid CLI token. (grow-630)
new semgrep/semgrep images should now contain golang v1.24 instead of v1.23 (saf-2240)
Fixed an issue where temporary files, containing rules to be validated, persisted after a semgrep scan. (saf-2257)
MCP: Fixed tool calls failing for some models (e.g., GPT-5). (saf-2262)
MCP: Fixed a bug where resource closure errors would occur when trying to use the MCP with the streamable-http tranport method. (saf-2264)

Source: README.md, updated 2025-10-16

Other Useful Business Software

Keep company data safe with Chrome Enterprise Icon

Keep company data safe with Chrome Enterprise

Protect your business with AI policies and data loss prevention in the browser

Make AI work your way with Chrome Enterprise. Block unapproved sites and set custom data controls that align with your company's policies.

Download Chrome

Gen AI apps are built with MongoDB Atlas Icon

Gen AI apps are built with MongoDB Atlas

Build gen AI apps with an all-in-one modern database: MongoDB Atlas

MongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.

Start Free

Recommended Projects

lintr
lintr is a static code analysis tool for R that identifies syntax errors, style inconsistencies, and other potential issues in R scripts and packages. It supports customizable lint rules and integrates with many editors to provide realtime feedback and enforce coding standards (e.g., tidyverse style).
Code Quality and Security for Java
Hundreds of unique rules to find Java bugs, code smells & vulnerabilities. Sonar static analysis helps you build and maintain high-quality Java code. Covering popular build systems, standards and versions, Sonar elevates your coding game while keeping vulnerabilities at bay. With each Java...
nodejsscan
Static security code scanner (SAST) for Node.js applications powered by libsast and semgrep. nodejsscan is a static security code scanner for Node.js applications.
sourceinsight-scan
Your can get the HELP.DOC Here Chinese Version: https://sourceforge.net/projects/siscan/files/1.0.1/SI_Scan_Help.doc/download English Version: https://sourceforge.net/projects/siscan/files/1.0.1/SI_Scan_Help_English.doc/download sourceinsight-scan is a Source Insight plugin for static...
AWS Toolkit for JetBrains
The AWS Toolkit for JetBrains makes it easier to write applications built on Amazon Web Services. If you come across bugs with the toolkit or have feature requests, please raise an issue on our GitHub repository. See the user guide for how to get started, along with what features/services are...