Introducing a tool to search through code for flaws where plain regexes fall flat and using Static Application Security Testing would be overkill. Semgrep proclaims itself as: "a tool for easily detecting and preventing bugs and anti-patterns in your codebase. It combines the convenience of grep with the correctness of syntactical and semantic search". It isn't just a glorified grep, though. It occupies a space somewhere in between grep and a SAST tool - more expressive than grep, but not as hard to tweak and learn as a SAST. on i-programmer
A dairy of my work.Just links to the full artices on i-programmer.info