Alternatives and similar repositories for semgrep-vscode

Users that are interested in semgrep-vscode are comparing it to the libraries listed below

• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆44Updated this week
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆74Updated last year
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆122Updated 3 months ago
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆119Updated last year
• oasis-tcs / sarif-spec
  OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues
  ☆186Updated last month
• microsoft / sarif-tools
  A set of Python command line tools for working with SARIF files produced by code analysis tools
  ☆128Updated 2 months ago
• LLNL / Surfactant
  Modular framework for file information extraction and dependency analysis to generate accurate SBOMs
  ☆36Updated this week
• jtmelton / semgrep-idea-plugin
  ☆16Updated 2 years ago
• Vulnogram / Vulnogram
  Vulnogram is a tool for creating and editing CVE information in CVE JSON format
  ☆206Updated last week
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated this week
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆128Updated 2 months ago
• Checkmarx / chainjacking
  Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks
  ☆60Updated 3 years ago
• microsoft / sarif-web-component
  A React-based component for viewing SARIF files.
  ☆99Updated 11 months ago
• swinslow / npm-spdx
  Golang tool to pull and summarize NPM license info
  ☆13Updated 2 years ago
• owasp-dep-scan / depscan-bin
  Binary builds for dep-scan - The Dependency Scanner
  ☆10Updated last year
• picatz / randomua
  A command-line application to generate random user agent strings.
  ☆17Updated 5 years ago
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆90Updated last year
• ScottNorberg-NCG / CodeSheriff.NET
  ☆18Updated last year
• ptdropper / CVE-Scanner-for-your-SW-BOM
  CVE Vulnerability scanner of your software bill of materials (SBOM). ASCII text input.
  ☆17Updated 5 years ago
• AppThreat / atom
  atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
  ☆72Updated last month
• usnistgov / swid-tools
  ☆15Updated last week
• fabric8-analytics / cvedb
  CVE database
  ☆21Updated 5 years ago
• anchore / grype-db
  ☆54Updated last week
• disclose / dioterms
  Open-source vulnerability disclosure policy templates.
  ☆68Updated 3 years ago
• Checkmarx / dustilock
  DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
  ☆40Updated 3 years ago
• RedHatProductSecurity / cvss
  CVSS2/3/4 library with interactive calculator for Python 2 and Python 3
  ☆109Updated 3 months ago
• JosephTLucas / lintML
  A security-first linter for code that shouldn't need linting
  ☆16Updated 2 years ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆80Updated 11 months ago
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆94Updated last year
• htrgouvea / zarn
  A lightweight static security analysis tool for modern Perl Apps
  ☆49Updated 2 weeks ago