Skip to main content

How to run different versions of Semgrep

Most of the time, it's best to run the latest version of Semgrep, as it has the most recent features and fixes.

However, when testing or managing upgrades, it can be helpful to run different versions of Semgrep to compare behavior.

info

If you use Semgrep with Semgrep AppSec Platform, only the latest 10 minor versions are supported.

Installation with Homebrew does not support multiple versions of Semgrep, but you can use either Pip or Docker to install different versions. In the following examples, x.y.z is a placeholder for a version string.

Running different versions using pip

Install a specific Semgrep version using pip's version syntax:

python3 -m pip install semgrep==x.y.z

Confirm installation:

semgrep --version

Then, execute Semgrep as you would normally on the command line.

Running different versions using Docker

To run a version other than latest using Docker, use the tag for the version when pulling or running the image.

To pull:

docker pull semgrep/semgrep:x.y.z

To run locally, mounting the desired source directory (/PATH/TO/SRC) for scanning:

docker run --rm -v "/PATH/TO/SRC:/src" semgrep/semgrep:x.y.z semgrep --config=auto

To run in GitHub Actions CI:

jobs:
  semgrep:
    name: semgrep/ci 
    runs-on: ubuntu-latest

    container:
      image: semgrep/semgrep:x.y.z

Not finding what you need in this doc? Ask questions in our Community Slack group, or see Support for other ways to get help.