semgrep

PyPI v1.159.0

10,520,610 weekly downloads · 27 Dependencies

Recently publishedMany dependencies (20+)

Source data as of:

Summary

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Install pip install semgrep

Registry values

Reproduced verbatim from the official registry, with the source named on each value.

Weekly downloads 10,520,610 Source: PyPI (Python Package Index)
Releases 337 Last release: 2026-04-10 Source: PyPI (Python Package Index)
Dependencies 27 Source: PyPI (Python Package Index)

Description

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Registry-supplied description, cleaned to plain text. Source: PyPI (Python Package Index).

Package details

Package
semgrep
Registry
PyPI
Version
1.159.0
Weekly downloads
10,520,610 (weekly)
Dependencies
27: attrs, boltons~, click-option-group~, click~, colorama~, exceptiongroup~, glom, jsonschema~, mcp, opentelemetry-api~, opentelemetry-sdk~, opentelemetry-exporter-otlp-proto-http~, opentelemetry-instrumentation-requests~, opentelemetry-instrumentation-threading~, packaging, peewee~, pyjwt, requests~, rich, ruamel.yaml, ruamel.yaml.clib, semantic-version~, tomli~, typing-extensions~, urllib3~, wcmatch~, pywin32
Releases
337
Last release
2026-04-10
First published
2020-05-06
Repository
https://github.com/semgrep/semgrep

Why a field shows "—": A dash means the value is not published by the source registry for that package. Quanteta never fills in a guessed value — a missing field stays blank.

Derived indices (computation method published)

Quanteta-computed from the registry values below. This is a derived index, not a measured registry metric. See the formula on the Data & Sources page.

Q-Vitality Quanteta 68.7 / 100 Maintenance activity index (release cadence + download level).
Q-Trust Quanteta 7.3 / 100 Adoption / stability index (community size + download stability + age).
Q-Risk Quanteta 43.8 / 100 Dependency-surface index. Higher = more risk factors detected.

Data & Sources

Related packages

Other packages sharing a factual facet, for cross-reference. A descriptive neighbourhood — ordering does not imply a recommendation.

Same ecosystem

boto3 PyPI 476,910,084 packaging PyPI 343,175,305 urllib3 PyPI 333,295,410 requests PyPI 322,684,829
← Back to all packages