Custom action to run Semgrep and output results in GitHub Annotations format.
# .github/workflows/semgrep.yml
name: semgrep
on:
pull_request:
jobs:
run:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: r7kamura/semgrepper@v0
--config
option value for semgrep ci
.
- optional
- default:
.semgrep
- Put your config file under this directory (e.g.
.semgrep/rules.yml
)
- Put your config file under this directory (e.g.