[leipert]

I feel like the „semgrep.py“ idea is not that good, because someone could legitimately have a semgrep.py or semgrep.js or similar file which wraps semgrep.

Edit: thanks for maintaining semgrep, started using it heavily in day job and the team started writing Frontends for it.

[underyx]

If someone had such a wrapper, I'd expect if it's globally available in $PATH then it'd have a more descriptive name, and if it's not in $PATH, then you'd likely run it as `python semgrep.py` or `./semgrep.py`. Does that sound right to you?

[neura]

Why not `semgrep-py`?

Though, as I tried to type that, I typed semgrep.py twice. The dot name really seems like a file extension, though. I'm torn.

Also, first time trying the tool and I love it!

[underyx]

Yeah, I don't really have a good reason, it just feels like the wrong call :/

Maybe it's that the dot makes it feel like 'variants' of 'semgrep' (even if for the wrong reason) but semgrep-py feels like an entirely distinct binary from semgrep or any other variants.