Skip to content

ci(.github)[SEC-1084]: SLSA supply chain security controls #35

ci(.github)[SEC-1084]: SLSA supply chain security controls

ci(.github)[SEC-1084]: SLSA supply chain security controls #35

Workflow file for this run

name: SAST
on:
pull_request:
branches:
- master
push:
branches:
- master
tags:
- 'v*.*.*'
workflow_dispatch: {}
permissions:
contents: read
jobs:
semgrep:
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }}
name: Semgrep SAST
runs-on: ubuntu-latest
permissions:
# required for all workflows
security-events: write
# only required for workflows in private repositories
actions: read
contents: read
if: (github.actor != 'dependabot[bot]')
steps:
- uses: actions/checkout@v4
- uses: Kong/public-shared-actions/security-actions/semgrep@23929cfda574afc77b018c51794454b6dc99ca57 # v2.2.1