Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding Semgrep SAST Github Action #176

Merged
merged 1 commit into from
Jul 24, 2024
Merged

Adding Semgrep SAST Github Action #176

merged 1 commit into from
Jul 24, 2024

Conversation

mohammadualam
Copy link
Contributor

As similar to sourcegraph/sourcegraph and sourcegraph/cody repo we would like to enable Semgrep SAST for this repo. This check is non-blocking and optional check for now so, you can still merge without any issues.

This Github action should execute less than a minute (~30 sec to 1 minute at max). Semgrep helps to detect security vulnerabilities in code & bad pattern by scanning through the code changes.

Why does it matter?

CI 🟢

@mohammadualam mohammadualam self-assigned this Jul 24, 2024
@mohammadualam mohammadualam merged commit f588cc3 into main Jul 24, 2024
10 checks passed
@mohammadualam mohammadualam deleted the mua/enabling-semgrep branch July 24, 2024 19:30
@mohammadualam mohammadualam requested a review from shivasurya July 24, 2024 19:30
shivasurya
shivasurya reviewed Jul 24, 2024
View reviewed changes
Copy link

@shivasurya shivasurya left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved!

bevzzz pushed a commit to bevzzz/openctx that referenced this pull request Dec 12, 2024
@mohammadualam @bevzzz
Adding Semgrep SAST Github Action (sourcegraph#176)
0ad072e 
As similar to sourcegraph/sourcegraph and sourcegraph/cody repo we would
like to enable Semgrep SAST for this repo. This check is non-blocking
and optional check for now so, you can still merge without any issues.

This Github action should execute less than a minute (~30 sec to 1
minute at max). Semgrep helps to detect security vulnerabilities in code
& bad pattern by scanning through the code changes.

Why does it matter?

CI 🟢
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shivasurya shivasurya shivasurya left review comments

Assignees

@mohammadualam mohammadualam

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mohammadualam @shivasurya