Hacker News new | past | comments | ask | show | jobs | submit login

> it's a grep that can search code snippets based on language-aware syntax matching instead of regular expressions.

Hey, I'm a maintainer of Semgrep, and this sounds like a pretty good description of what the CLI can do, see this example for finding all function/class/method calls:

    $ semgrep -e '$NAME(...)' -l python
    flask_todomvc/extensions.py
    4:db = SQLAlchemy()
    ------------------------------------------------------------
    5:security = Security()

    flask_todomvc/factory.py
    15:    app = Flask(__name__)
    ------------------------------------------------------------
    17:    app.config.from_object(settings)
    ------------------------------------------------------------
    18:    app.config.from_envvar('TODO_SETTINGS', silent=True)



Oh, that's great to see. The website's presentation made a different impression with its "enforce code standards" angle.

Looks like a pretty useful tool with a couple nice options. A bit strange that the `-e` option is only explained on the website, but to be fair it seems to be a lot to cover. Still, a kind of "cheat sheet" style summary in the help message would be fantastic, just as a little suggestion.


question, you mention "no more AST parsing" as a selling line for semgrep. Isn't this actually a bad thing for a staric analyzer, as ASTs are actually... abstract, and closer to the real logic of what the code does? I know analyzing text is faster but is it worth?


The tool abstracts away the AST with a more intuitive, human friendly interface. Similarly to how Regular Expressions do for strings matching logic




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: