undefined | Better HN

0 pointsleipert3y ago0 comments

I feel like the „semgrep.py“ idea is not that good, because someone could legitimately have a semgrep.py or semgrep.js or similar file which wraps semgrep.

Edit: thanks for maintaining semgrep, started using it heavily in day job and the team started writing Frontends for it.

0 comments

underyx3y ago

If someone had such a wrapper, I'd expect if it's globally available in $PATH then it'd have a more descriptive name, and if it's not in $PATH, then you'd likely run it as `python semgrep.py` or `./semgrep.py`. Does that sound right to you?

neura3y ago

Why not `semgrep-py`?

Though, as I tried to type that, I typed semgrep.py twice. The dot name really seems like a file extension, though. I'm torn.

Also, first time trying the tool and I love it!

underyx3y ago

Yeah, I don't really have a good reason, it just feels like the wrong call :/

Maybe it's that the dot makes it feel like 'variants' of 'semgrep' (even if for the wrong reason) but semgrep-py feels like an entirely distinct binary from semgrep or any other variants.

j / k navigate · click thread line to collapse

0 pointsleipert3y ago0 comments

I feel like the „semgrep.py“ idea is not that good, because someone could legitimately have a semgrep.py or semgrep.js or similar file which wraps semgrep.

Edit: thanks for maintaining semgrep, started using it heavily in day job and the team started writing Frontends for it.

0 comments

underyx3y ago

neura3y ago

Why not `semgrep-py`?

Though, as I tried to type that, I typed semgrep.py twice. The dot name really seems like a file extension, though. I'm torn.

Also, first time trying the tool and I love it!

underyx3y ago

Yeah, I don't really have a good reason, it just feels like the wrong call :/

Maybe it's that the dot makes it feel like 'variants' of 'semgrep' (even if for the wrong reason) but semgrep-py feels like an entirely distinct binary from semgrep or any other variants.

j / k navigate · click thread line to collapse