Package Details: semgrep-bin 1.124.0-1

Git Clone URL: https://aur.archlinux.org/semgrep-bin.git (read-only, click to copy)
Package Base: semgrep-bin
Description: Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Upstream URL: https://github.com/returntocorp/semgrep
Keywords: code grep
Licenses: LGPL-2.1-only
Provides: semgrep
Submitter: aloxaf
Maintainer: ejedev
Last Packager: ejedev
Votes: 8
Popularity: 0.104832
First Submitted: 2020-05-23 02:08 (UTC)
Last Updated: 2025-06-08 03:15 (UTC)

Latest Comments

« First ‹ Previous 1 2 3 4

dkasak commented on 2021-01-19 12:47 (UTC)

@aloxaf, the latest version failed to build for me with yay. I then cloned the repository and tried running makepkg directly but it failed again:

[...]

running egg_info
writing semgrep.egg-info/PKG-INFO
writing dependency_links to semgrep.egg-info/dependency_links.txt
writing entry points to semgrep.egg-info/entry_points.txt
writing requirements to semgrep.egg-info/requires.txt
writing top-level names to semgrep.egg-info/top_level.txt
reading manifest file 'semgrep.egg-info/SOURCES.txt'
reading manifest template 'MANIFEST.in'
writing manifest file 'semgrep.egg-info/SOURCES.txt'
copying semgrep/rule_schema.yaml -> build/lib/semgrep
chmod: cannot access 'build/lib/semgrep/bin/semgrep-core': No such file or directory
chmod: cannot access 'build/lib/semgrep/bin/spacegrep': No such file or directory
==> ERROR: A failure occurred in build().
    Aborting...

I then did some manual mucking around in the pkg dir after which the makepkg succeeded. I'm not sure what made it succeed, but one of the things I did was to copy semgrep-core and spacegrep from $srcdir/semgrep-files to $srcdir/semgrep-0.37.0/semgrep/bin manually.

TL;DR: The package doesn't build cleanly as it stands and I think you might have missed it because you did a manual step like me before.

aloxaf commented on 2020-11-10 14:04 (UTC)

@dkasak

Thanks. They are now removed.

dkasak commented on 2020-11-10 13:39 (UTC)

@aloxaf, the conflict with the python-hypothesis package is still present in the new version of the package. I guess it's an upstream packaging error; it's a bit weird to use a non-namespaced tests package.

Perhaps you could just delete everything under /usr/lib/python3.8/site-packages/tests from this package as a workaround, given that it appears it's just test code?

dkasak commented on 2020-10-24 07:52 (UTC)

There's a conflict with python-hypothesis happening now:

python-hypothesis: /usr/lib/python3.8/site-packages/tests/__init__.py exists in filesystem (owned by semgrep-bin)
python-hypothesis: /usr/lib/python3.8/site-packages/tests/__pycache__/__init__.cpython-38.opt-1.pyc exists in filesystem (owned by semgrep-bin)
python-hypothesis: /usr/lib/python3.8/site-packages/tests/__pycache__/__init__.cpython-38.pyc exists in filesystem (owned by semgrep-bin)
python-hypothesis: /usr/lib/python3.8/site-packages/tests/__pycache__/conftest.cpython-38.opt-1.pyc exists in filesystem (owned by semgrep-bin)
python-hypothesis: /usr/lib/python3.8/site-packages/tests/__pycache__/conftest.cpython-38.pyc exists in filesystem (owned by semgrep-bin)
python-hypothesis: /usr/lib/python3.8/site-packages/tests/conftest.py exists in filesystem (owned by semgrep-bin)

Also, 0.28.0 is out.

dkasak commented on 2020-09-19 15:19 (UTC)

It's working great, thanks a lot!

aloxaf commented on 2020-09-19 14:52 (UTC)

@dkasak Thanks again!

How about now?

dkasak commented on 2020-09-19 12:30 (UTC)

@aloxaf Unfortunately, I just realized this doesn't fix the issue.

The problem is that semgrep is actually semgrep-core + the semgrep Python package from PyPI. Both are needed for semgrep to work correctly, as the Python package actually provides semgrep, the high-level user-facing CLI tool. Yet upstream releases seem to only package semgrep-core in the Github releases.

This means this package is not a correct package for semgrep currently. If you'd like some help, I can try to throw together a correct PKGBUILD when I get the time, unless you get to it sooner.

aloxaf commented on 2020-09-15 11:47 (UTC)

@dkasak Fixed. Thanks for reporting.

dkasak commented on 2020-09-11 13:29 (UTC)

The file /usr/bin/semgrep installed by the package is a broken symlink to a non-existent file /usr/lib/semgrep-files/semgrep.

« First ‹ Previous 1 2 3 4