github.com/hernad/nomad@v1.6.112/.github/workflows/semgrep.yml

github.com/hernad/nomad@v1.6.112/.github/workflows/semgrep.yml (about)

     1  name: Semgrep
     2  
     3  on:
     4    pull_request: {}
     5    # Skipping push for now since it would run against the entire code base.
     6    # push:
     7  
     8  jobs:
     9    semgrep:
    10      name: Semgrep Scan
    11      runs-on: ubuntu-latest
    12      env:
    13        SEMGREP_SEND_METRICS: 0
    14      # Skip any PR created by dependabot to avoid permission issues
    15      if: (github.actor != 'dependabot[bot]')
    16      steps:
    17        - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
    18        - uses: returntocorp/semgrep-action@8689a93eca50c91f8e8cfa61e3c4fb7e96d12bf2 # v1
    19  permissions:
    20    contents: read
    21