> ## Documentation Index
> Fetch the complete documentation index at: https://docs.semgrep.dev/llms.txt
> Use this file to discover all available pages before exploring further.

#  Usage and billing

> This document provides information on how Semgrep calculates usage for billing purposes and is intended for users with paid Semgrep Code, Supply Chain, or Secrets licenses.

## Contributor definition

A **contributor** is someone who has made at least **one** commit to a Semgrep-scanned **private** repository within the last 90 days, starting from the **date of license purchase** if a license was purchased, or the date of account creation, for accounts using Semgrep within usage limits.

Any Semgrep AppSec Platform scan counts towards the contributor total. This includes:

* Scanning with Semgrep Code, Secrets, or Supply Chain
* Full scans on a repository or partial scans on a pull request or merge request

Semgrep computes contributor counts for any scan initiated by a logged-in user running `semgrep ci` or `semgrep scan`. The `semgrep scan` command is subject to the usage limit when invoked by a logged-in contributor.

<Info>
  **FREE LICENSE**

  Semgrep Code and Semgrep Supply Chain are free for organizations with **10 or fewer** monthly contributors. If your organization needs Code and Supply Chain licenses for more than 10 contributors, you must purchase **Team** licenses.
</Info>

### Contributor counts

Semgrep calculates contributor counts using information from the `git log` over a rolling 90-day period. The start date is either:

* The date of your license purchase
* The date of your account creation, if you and your team are within usage limits

Semgrep tries to exclude **bots** and other automations as much as possible. Learn more about [how Semgrep calculates contributors](/usage-and-billing/contributor-count-explained).

#### Contributor usage across multiple Semgrep organizations

If your company creates multiple Semgrep organizations, the contributor limit applies to all of them. For example, if your company creates three Semgrep organizations, each with the following number of contributors:

* Organization 1 has 8 contributors
* Organization 2 has 9 contributors
* Organization 3 has 10 contributors

Your company has 27 contributors across three organizations, so you need licenses for all 27.

#### Small teams and startup licensing

Small teams may be eligible for Semgrep's discounted startup pricing. Fill out the [<Icon icon="external-link" iconType="solid" /> startup pricing](https://semgrep.dev/contact/contact-us-startups) form to apply.

## AI credits

Each Semgrep license, regardless of plan, includes a monthly allocation of AI credits for AI-powered features.

| Plan       | AI credits per month                 |
| :--------- | :----------------------------------- |
| Free       | 60 credits per month                 |
| Team       | 20 credits per contributor per month |
| Enterprise | 50 credits per contributor per month |

If you have a **Team** or **Enterprise** plan, you can purchase additional credits as needed in increments of 10,000 credits.

Entitlement credits, or the credits that come with your Semgrep licenses, expire at the end of your contract and do *not* roll over. Credits that you purchase expire at the end of your contract, but they can be rolled over once to the following year.

### Credits required for AI actions

The following table lists the credits required for AI-powered features:

| Feature                                           | AI credits required    |
| :------------------------------------------------ | :--------------------- |
| AI-powered pull request or merge request comments | 0 credits              |
| AI analysis<sup>\*</sup>                          | 1 credit per finding   |
| AI autofix                                        | 20 credits per finding |
| AI-powered detection scanning<sup>\*\*</sup>      | Variable per scan      |

<sup>\*</sup>Includes autotriage, remediation guidance, and component tagging

<sup>\*\*</sup>AI-powered detection scans use a variable number of credits per scan. Credit use depends on scan size and complexity, so larger or more complex scans may use more credits.

## How to determine your plan needs

Within your team or organization, assess the number of **contributors**. Contributors are members of your organization who make commits. That determines the number of **licenses** needed for the plan purchase.

For example, if a project has 4 unique contributors who create commits during the billing period while Semgrep is scanning their repositories, only 4 licenses are required, even if the organization has 10 members. Contributors are counted only once, even if they commit to many projects within the same organization, so no additional licenses are required.

All members of the organization, regardless of contributor (license) status, have access to paid features for the chosen tier. This means that project managers and other non-programming roles can still view the Semgrep AppSec Platform dashboard.

### Determine AI credit requirements

Contact Semgrep if you would like assistance determining the number of credits your organization needs in a year.

## Excess usage

Semgrep scans stop if you have too many contributors. You can resume scanning by:

* Purchasing additional licenses. See \[Additional usage and reconciliation of licenses] for additional information on how these purchases affect your account.
* Waiting for the next billing cycle, which is when your usage limits reset.

If you're using a free license, Semgrep automatically starts a free trial of the **Teams** plan for you if it is the first time that you exceed your usage limits.

There are no contributor limits on public projects.

### Exceeding your AI credit allotment

If you exceed your allotment of AI credits:

* AI autotriage continues to work, but you'll be warned that you're over your credit allotment
* Both AI scans and autofixes stop
