Baseline Comparison And Incremental Scanning

via “incremental scanning with baseline comparison and delta reporting”

AI-powered static analysis for security.

Unique: Implements baseline comparison at the Python CLI layer by storing and comparing JSON scan results, enabling incremental reporting without requiring the OCaml engine to maintain state. This design allows flexible baseline sources (local files, semgrep.dev API, git history) while keeping the core scanning engine stateless.

vs others: Simpler than tools requiring full codebase re-analysis (like some SAST tools) because it compares results rather than re-running analysis; more practical than git-diff-based filtering because it handles line number shifts and can detect moved findings.

Static analysis — custom rules for bugs and security, 30+ languages, AI-powered triage.

Unique: Compares current findings against baseline to report only new issues, with deduplication and status tracking, enabling practical incremental scanning in CI/CD without reporting pre-existing issues

vs others: More practical than reporting all findings on every commit; more efficient than re-analyzing unchanged code; enables focus on newly introduced issues