From 4ac82f46ed2ece865aadbf7b26452643599e2864 Mon Sep 17 00:00:00 2001
From: Naomi Carrigan <commits@nhcarrigan.com>
Date: Thu, 11 Dec 2025 12:16:02 -0800
Subject: [PATCH] feat: install semgrep

---
 .gitea/workflows/security.yml | 21 +++++++++------------
 1 file changed, 9 insertions(+), 12 deletions(-)

diff --git a/.gitea/workflows/security.yml b/.gitea/workflows/security.yml
index a89a224..87fd31b 100644
--- a/.gitea/workflows/security.yml
+++ b/.gitea/workflows/security.yml
@@ -58,20 +58,17 @@ jobs:
             cat trivy-results.txt
           fi
 
+      - name: Install Semgrep
+        run: python3 -m pip install semgrep
+
       # Static code analysis with Semgrep
       - name: Run Semgrep static analysis
-        uses: returntocorp/semgrep-action@v1
-        with:
-          config: >-
-            p/security-audit
-            p/owasp-top-ten
-            p/ci
-            p/security
-          generateSarif: '1'
-          outputFormat: 'text'
-          outputFile: 'semgrep-results.txt'
-          # Fail on any finding
-          error: 'true'
+        run: |
+          semgrep --config p/security-audit \
+            --config p/owasp-top-ten \
+            --config p/ci \
+            --config p/security \
+            . > semgrep-results.txt
 
       # Display Semgrep results
       - name: Display Semgrep scan results