semgrep-action
semgrep-action copied to clipboard
This project is deprecated. Use https://github.com/returntocorp/semgrep instead
Even if we override `:include .gitignore` in .semgrepignore, `semgrep` itself ignores those files by default. We could run it with `semgrep --no-git-ignore` to fix this.
Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3.0.11. Release notes Sourced from actions/cache's releases. v3.0.11 What's Changed Call out cache not saved on hit by @Phantsure in actions/cache#946 Update @actions/core to 1.10.0...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3.6.1 to 4.1.0. Release notes Sourced from docker/metadata-action's releases. v4.1.0 What's Changed Do not trim whitespace for sep-tags and sep-labels inputs by @crazy-max (#233) Set associated head...
While executing the semgrep in Gitlab CLI I am getting the following error. ``` === failed command's STDERR: === [ERROR] `./semgrep --skip-unknown-extensions --disable-nosem --json --autofix --dryrun --time --config /default-rules --enable-metrics...
### Security - [x] Changelog has been updated - [x] Change has no security implications (otherwise, ping the security team)
Bump Semgrep Version to 1.68.0
Bumps returntocorp/semgrep from 1.36.0 to 1.67.0. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=returntocorp/semgrep&package-manager=docker&previous-version=1.36.0&new-version=1.67.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
Bump Semgrep Version to 1.67.0
Bump Semgrep Version to 1.66.2
Bump Semgrep Version to 1.66.1