Skip to main content

Semgrep - More Than Just a Glorified Grep

Introducing a tool to search through code for flaws where plain regexes fall flat and using Static Application Security Testing would be overkill.

Semgrep proclaims itself as:
"a tool for easily detecting and preventing bugs and anti-patterns in your codebase. It combines the convenience of grep with the correctness of syntactical and semantic search".
It isn't just a glorified grep, though. It occupies a space somewhere in between grep and a SAST tool - more expressive than grep, but not as hard to tweak and learn as a SAST.


Popular posts from this blog

Book Review : How To Create Pragmatic, Lightweight Languages

At last, a guide that makes creating a language with its associated baggage of lexers, parsers and compilers, accessible to mere mortals, rather to a group of a few hardcore eclectics as it stood until now.

The first thing that catches the eye, is the subtitle:

The unix philosophy applied to language design, for GPLs and DSLs"
What is meant by "unix philosophy" ?. It's taking simple, high quality components and combining them together in smart ways to obtain a complex result; the exact approach the book adopts.
I'm getting ahead here, but a first sample of this philosophy becomes apparent at the beginnings of Chapter 5 where the Parser treats and calls the Lexer like  unix's pipes as in lexer|parser. Until the end of the book, this pipeline is going to become larger, like a chain, due to the amount of components that end up interacting together.

The book opens by putting things into perspective in Chapter 1: Motivation: why do you want to build lan…

Headless Chrome and the Puppeteer Library for Scraping and Testing the Web

With the advent of Single Page Applications, scraping pages for information as well as running automated user interaction tests has become much harder due to its highly dynamic nature. The solution? Headless Chrome and the Puppeteer library. While there's always been Selenium, PhantomJS and others, and despite headless Chrome and Puppeteer arriving late to the party, they make for valuable additions to the team of web testing automation tools, which allow developers to simulate interaction of real users with a web site or application. Headless Chrome is able to run without Puppeteer, as it can be programmatically controlled through the Chrome DevTools Protocol, typically invoked by attaching to a remotely running Chrome instance: chrome --headless --disable-gpu
                     --remote-debugging-port=9222 Subsequently loading the protocol's sideckick module 'chrome-remote-interface' which provides  a simple abstraction of commands and notifications using a straight…

Machine Learning Python Plugins For GIMP

The open-source raster graphics editor, GIMP, gets a big creative boost with brand new Machine Learning extensions dubbed GIMP-ML. While the aim of GIMP-ML is primarily to make some tough image processing tasks much easier using Deep Learning, the project can also claim to provide to be a victory of open source  over its closed source counterparts, even over high caliber commercial applications such as Photoshop. It benefits from the advantage of open architectures, open source and community driven effort in the extensibility of applications. With those ML extensions GIMP mixes Science and Art to bring forth some pretty magical effects - background blurring, face parsing, generative portrait modification, relighting, motion blurring and generating super-resolution images. on i-programmer