SEMGREP Static Code Analysis

Very recently, the Julia team has put together about 100 rules that map formal coding standards and guidelines for Julia. These rules are now available to be applied to Julia packages and can be scanned using SEMGREP. As this is a early new feature, we are currently only providing the full set of rules to our paid customers. We can provide you the full set of rules and coding standards, have them scanned in JuliaHub's SEMGREP integration, and give you the output of the scan (on your Julia code and packages). Please contact us today if you're interested in learning more:

Static code analysis is a vital technique for modern software development, allowing us to find errors, inefficiencies, and security risks without the requirement for program execution. Semgrep, an open-source static analysis tool, has received praise for its versatility, support for a wide range of languages, and user-friendly design. We're excited to report that Semgrep now offers experimental support for Julia, a high-level, high-performance programming language developed for technical computing!

Semgrep's objective has always been to have a substantial impact on software security, regardless of the language used. Semgrep, on its way to becoming a powerful static analysis tool, now supports a variety of programming languages, including Julia. Julia's effective inclusion in Semgrep was made possible by the major efforts of Avik Sengupta from JuliaHub and Sergio Vargas.

Read More: Static Code Analysis with JuliaHub

Read Semgrep's Announcement

Except from the Blog:

We’re ecstatic to announce experimental support for the Julia language! Semgrep’s parse rate currently sits at a formidable 99.3%, which would qualify it for “beta” status on parse rate alone, which is one of the metrics we use to determine a language’s maturity. Basic Semgrep functionalities like metavariables and ellipses are also supported in the matching engine.

Read More

Semgrep in VS Code