Semgrep is an open source static code analysis tool that may be used to identify vulnerabilities in your own codebase or third-party dependencies. The goal of this repository is to package Semgrep as a (community) snap that can be effortlessly installed across a variety of Linux distributions.
Notice: If you want to view the officially recommended method of installing the OSS engine, refer to the Semgrep documentation.
- Clone this repository:
git clone https://github.com/iosifache/semgrep-snap
- Move into the cloned repository:
cd semgrep-snap
- Install Snapcraft:
sudo snap install snapcraft --classic
- Build the snap:
snapcraft --verbose
- Install the snap:
snap install --dangerous ./semgrep_*.snap
- Test the snap by running the
semgrep
command:semgrep