Skip to content
Semgrep

Bump @babel/runtime from 7.26.0 to 7.26.10 in /website #66

Sign in to view logs

Bump @babel/runtime from 7.26.0 to 7.26.10 in /website

Bump @babel/runtime from 7.26.0 to 7.26.10 in /website #66

Workflow file for this run

.github/workflows/semgrep.yaml at a3358de
# Name of this GitHub Actions workflow.
name: Semgrep
on:
# Scan changed files in PRs (diff-aware scanning):
pull_request:
branches: ["main"]
# Scan on-demand through GitHub Actions interface:
workflow_dispatch: {}
# Scan mainline branches and report all findings:
push:
branches: ["main"]
jobs:
semgrep_scan:
# User definable name of this GitHub Actions job.
name: semgrep/ci
# If you are self-hosting, change the following `runs-on` value:
runs-on: ubuntu-latest
container:
# A Docker image with Semgrep installed. Do not change this.
image: returntocorp/semgrep
# Skip any PR created by dependabot to avoid permission issues:
if: (github.actor != 'dependabot[bot]')
permissions:
# required for all workflows
security-events: write
# only required for workflows in private repositories
actions: read
contents: read
steps:
# Fetch project source with GitHub Actions Checkout.
- name: Checkout repository
uses: actions/checkout@v3
- name: Perform Semgrep Analysis
# @NOTE: This is the actual semgrep command to scan your code.
# Modify the --config option to 'r/all' to scan using all rules,
# or use multiple flags to specify particular rules, such as
# --config r/all --config custom/rules
run: semgrep scan -q --sarif --config auto > semgrep-results.sarif
# upload the results for the CodeQL GitHub app to annotate the code
- name: Save SARIF results as artifact
uses: actions/upload-artifact@v4
with:
name: semgrep-scan-results
path: semgrep-results.sarif
# Upload SARIF file generated in previous step
- name: Upload SARIF result to the GitHub Security Dashboard
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: semgrep-results.sarif
if: always()