Opengrep being the OSS fork of semgrep.
Not to be confused with opengrok.
this post was submitted on 25 Jan 2025
15 points (100.0% liked)
Security
846 readers
2 users here now
A community for discussion about cybersecurity, hacking, cybersecurity news, exploits, bounties etc.
Rules :
- All instance-wide rules apply.
- Keep it totally legal.
- Remember the human, be civil.
- Be helpful, don't be rude.
Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient
founded 2 years ago
MODERATORS
Opengrep being the OSS fork of semgrep.
What does this mean? semgrep is LGPL.
/edit: Looks like the semgrep engine remains FOSS, while the semgrep company maintained rules list becomes paid.
Not linking here 👀
Confused me
Yeah, fuck SemGrep for not wanting to provide free software to competitors, right? After all, who needs money in this world? Businesses can run on paying their employers with hopes and dreams.
Doesn't matter if some bigger corp just takes your product, doesn't even rebrand it and starts selling it at a cheaper rate or integrated in their ecosystem. And all that without contributing back. If the company dies, that's all fine to the purists of the opensource definition by some org - "as long as they stayed true to the definition".
Regardless. I wish SemGrep and OpenGrep good luck. They're both opensource in my eyes. OpenGrep could've picked a better name though. grep is already open...