Compare Semgrep to Opengrep
What is Opengrep?
Opengrep is a fork of the Semgrep Community Edition (CE) engine, formerly known as Semgrep OSS (Semgrep Open Source).
How is Opengrep licensed?
The Opengrep engine is licensed under LGPL 2.1. This means that any copies of the Opengrep engine must include a copy of the full license text and the original copyright notice, must make available the source code when a derivative work is distributed, and such derivative works must be licensed under the same or later version of the LGPL.
What is Semgrep Community Edition (CE)?
Semgrep Community Edition is the collective name for the open source Semgrep engine (formerly known as the Semgrep OSS engine) and the collection of rules published and maintained by the Semgrep community and Semgrep, Inc.
How is Semgrep CE licensed?
The Semgrep CE engine is licensed under LGPL 2.1. This license has remained unchanged since Semgrep, Inc. began development on the Semgrep engine in early 2020.
Semgrep maintains a collection of rules written by the community and Semgrep, Inc., and they are licensed under the Semgrep Rules License. This license limits their use to internal, non-competing, and non-SaaS contexts, and explicitly limits certain commercial usage. This applies to all rules authored by Semgrep and those contributed to our public repositories.
What changed with Semgrep’s licensing in December, 2024?
The license for Semgrep's Community Edition engine remains unchanged: LGPL 2.1.
Licensing for Semgrep-maintained rules changed from Commons Clause w/ LGPL 2.1 to the Semgrep Rules License.
Not finding what you need in this doc? Ask questions in our Community Slack group, or see Support for other ways to get help.