Skip to content

INFRA-1234 Update review_ci.yml #1474

INFRA-1234 Update review_ci.yml

INFRA-1234 Update review_ci.yml #1474

Workflow file for this run

name: Semgrep
on:
pull_request: {}
push:
branches: ["master"]
jobs:
semgrep:
name: Scan
runs-on: ubuntu-latest
# Skip any PR created by dependabot to avoid permissioning issues
if: (github.actor != 'dependabot[bot]')
steps:
- uses: actions/checkout@v2
- uses: returntocorp/semgrep-action@v1
with:
auditOn: push
publishToken: ${{ secrets.SEMGREP_APP_TOKEN }}
publishDeployment: 339
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}