semgrep-action
semgrep-action copied to clipboard
semgrep
This project is deprecated. Use https://github.com/returntocorp/semgrep instead
Even if we override `:include .gitignore` in .semgrepignore, `semgrep` itself ignores those files by default. We could run it with `semgrep --no-git-ignore` to fix this.
Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3.0.11. Release notes Sourced from actions/cache's releases. v3.0.11 What's Changed Call out cache not saved on hit by @Phantsure in actions/cache#946 Update @actions/core to 1.10.0...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3.6.1 to 4.1.0. Release notes Sourced from docker/metadata-action's releases. v4.1.0 What's Changed Do not trim whitespace for sep-tags and sep-labels inputs by @crazy-max (#233) Set associated head...
While executing the semgrep in Gitlab CLI I am getting the following error. ``` === failed command's STDERR: === [ERROR] `./semgrep --skip-unknown-extensions --disable-nosem --json --autofix --dryrun --time --config /default-rules --enable-metrics...
### Security - [x] Changelog has been updated - [x] Change has no security implications (otherwise, ping the security team)
![semgrep-ci[bot] avatar](https://avatars.githubusercontent.com/u/29760937?v=4 "semgrep-ci[bot] avatar"){kind=avatar}
Bumps returntocorp/semgrep from 1.36.0 to 1.67.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...