naomi/actions-sandbox
1
0
Fork 0
generated from nhcarrigan/template
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: install semgrep
Security Scan / Trivy Security Scan (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Naomi Carrigan
2025-12-11 12:16:02 -08:00
parent 7ca402cc2b
commit 4ac82f46ed
1 changed files with 9 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/security.yml
+9 -12
View File
@@ -58,20 +58,17 @@ jobs:
cat trivy-results.txt cat trivy-results.txt
fi fi
- name: Install Semgrep
run: python3 -m pip install semgrep
# Static code analysis with Semgrep # Static code analysis with Semgrep
- name: Run Semgrep static analysis - name: Run Semgrep static analysis
uses: returntocorp/semgrep-action@v1 run: |
with: semgrep --config p/security-audit \
config: >- --config p/owasp-top-ten \
p/security-audit --config p/ci \
p/owasp-top-ten --config p/security \
p/ci . > semgrep-results.txt
p/security
generateSarif: '1'
outputFormat: 'text'
outputFile: 'semgrep-results.txt'
# Fail on any finding
error: 'true'
# Display Semgrep results # Display Semgrep results
- name: Display Semgrep scan results - name: Display Semgrep scan results