From 46d304bb2ef9f80965ec4b3634769e42d235c2b3 Mon Sep 17 00:00:00 2001 From: Aravind Kumar Date: Fri, 17 May 2024 20:38:45 +0530 Subject: [PATCH] sast-scan.yml --- .github/workflows/sast-scan.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 .github/workflows/sast-scan.yml diff --git a/.github/workflows/sast-scan.yml b/.github/workflows/sast-scan.yml new file mode 100644 index 0000000..3b9521a --- /dev/null +++ b/.github/workflows/sast-scan.yml @@ -0,0 +1,11 @@ +name: SAST Scan +on: + pull_request: + types: [opened, synchronize, reopened] +jobs: + security-sast: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Semgrep Scan + run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v "${PWD}:/src" returntocorp/semgrep semgrep scan --config auto \ No newline at end of file