Opengrep

The fully open source code analysis engine. Quickly analyze large code bases & fix security issues at scale. Initiated by 10 rival security orgs, Opengreps promises to advance and democratize static code security for the benefit and free use of all.
Why Opengrep?

Recently, Semgrep made changes that shifted critical features of its OSS engine and community-contributed rules behind a commercial license. While this was their decision, it left a gap for developers and organizations who believe security should be collaborative, open, and freely available. Enter Opengrep.

What makes Opengrep special
– A fully open-source static code analysis engine with no hidden features or license constraints.
– Backward compatibility with common JSON and SARIF outputs, making adoption seamless.
– Community-focused development, with contributions reviewed and accepted on merit—not tied to any single company’s commercial goals.
– Your rules won’t be locked into specific vendors, so you can take them easil