Skip to content

Indirectly support the searching of certificates and private keys in local machine certificate stores #127

Indirectly support the searching of certificates and private keys in local machine certificate stores

Indirectly support the searching of certificates and private keys in local machine certificate stores #127

Workflow file for this run

# Name of this GitHub Actions workflow.
name: Semgrep
on:
# Option 1: Scan changed files in PRs, only report new findings (existing
# findings in the repository are ignored).
# To run on specific types of PR states (opened, reopened, etc) or particular
# paths or branches, see the following GitHub documentation:
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request
pull_request: {}
jobs:
semgrep:
# User definable name of this GitHub Actions job.
name: Scan
# Only change the if you are self-hosting. See also:
# https://docs.github.com/en/actions/using-jobs/choosing-the-runner-for-a-job#choosing-self-hosted-runners
runs-on: ubuntu-latest
container:
# A Docker image with Semgrep installed. Don't change this.
image: returntocorp/semgrep
# Skip any PR created by dependabot to avoid permission issues
if: (github.actor != 'dependabot[bot]')
steps:
# Fetch project source with GitHub Actions Checkout.
- uses: actions/checkout@v3
# Run the "semgrep ci" command on the command line of the docker image.
- run: semgrep ci
env:
# Option 2: Set hard-coded rulesets, viewable in logs.
SEMGREP_RULES: p/default # more at semgrep.dev/explore