build(deps): bump the all group with 23 updates #1796
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: "Semgrep checks" | |
| "on": | |
| pull_request: | |
| push: | |
| jobs: | |
| semgrep: | |
| name: "Run Semgrep" | |
| runs-on: ubuntu-latest | |
| container: | |
| # A Docker image with Semgrep installed. Do not change this. | |
| image: returntocorp/semgrep | |
| # Skip any PR created by dependabot to avoid permission issues: | |
| if: (github.actor != 'dependabot[bot]') | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: extractions/setup-just@v2 | |
| with: | |
| just-version: 1.5.0 # optional semver specification, otherwise latest | |
| - name: Run semgrep | |
| run: | | |
| ./semgrep.sh | |
| - name: Publish Test Report | |
| uses: mikepenz/action-junit-report@v5 | |
| if: success() || failure() | |
| # always run even if the previous step fails | |
| with: | |
| check_name: Semgrep Checks | |
| report_paths: 'results.xml' |