macaron icon indicating copy to clipboard operation
macaron copied to clipboard
verified publisher icon oracle

build: add built-from-source semgrep dependency

Open art1f1c3R opened this issue 8 months ago • 0 comments

Summary

This PR adds support for building Semgrep from source and including it as a Macaron dependency.

Description of changes

This PR introduces a new manually-triggered GitHub action that clones the Semgrep GitHub repository for version 1.113.0 and builds the software as a python wheel package from source using the repository's supplied Docker file. This includes building from source the required OCaml binaries that are part of the package. This action publishes the built wheel as an artifact, valid for 90 days, so that the GitHub action for building the final docker image for Macaron may pull the wheel and install it inside the docker image. When this 90-day timeframe has expired, the action should then be manually triggered again, and the target run ID updated.

Checklist

  • [x] I have reviewed the contribution guide.
  • [x] My PR title and commits follow the Conventional Commits convention.
  • [x] My commits include the "Signed-off-by" line.
  • [x] I have signed my commits following the instructions provided by GitHub. Note that we run GitHub's commit verification tool to check the commit signatures. A green verified label should appear next to all of your commits on GitHub.
  • [ ] I have updated the relevant documentation, if applicable.
  • [ ] I have tested my changes and verified they work as expected.

art1f1c3R avatar May 01 '25 02:05 art1f1c3R