Skip to content

Static code analysis #2054

Static code analysis

Static code analysis #2054

Workflow file for this run

name: Static code analysis
on:
pull_request:
types: [opened, reopened, synchronize, ready_for_review]
schedule:
# Run every day at 5am and 5pm
- cron: '0 5,17 * * *'
permissions:
contents: read
jobs:
semgrep:
name: run-semgrep
runs-on: ubuntu-20.04
container:
image: returntocorp/semgrep
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- run: semgrep scan --error --config auto
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}