Original Post: Releasing Semgrep 1.0
The content announces the release of Semgrep 1.0, a significant milestone after nearly three years of development and 123 pre-release versions. Semgrep has proven stable, robust, and widely used, with over 10 million Docker pulls. It aims to keep its rule syntax and CLI stable, ensuring backward compatibility similar to languages like Java.
The post discusses Semgrep’s departure from Semantic Versioning (SemVer), which suits libraries but not tools like Semgrep, equating it more with programming languages where major version increments introduce new features while maintaining compatibility.
Acknowledging the importance of community contributions, it highlights the maturity of features like Autofix and Generic Pattern Matching. With over 7,400 GitHub stars and spanning 25 programming languages, the post thanks numerous contributors for their support and looks forward to future developments while maintaining their core philosophy. Lastly, it emphasizes that achieving 1.0 is a testament to the principle: "Done is better than perfect."
Go here to read the Original Post