Skip to content

github-actions(deps): bump anchore/scan-action from 4.1.2 to 5.1.0 in /security-actions/sca #365

github-actions(deps): bump anchore/scan-action from 4.1.2 to 5.1.0 in /security-actions/sca

github-actions(deps): bump anchore/scan-action from 4.1.2 to 5.1.0 in /security-actions/sca #365

Workflow file for this run

name: Semgrep
on:
pull_request: {}
push:
branches:
- master
- main
workflow_dispatch: {}
jobs:
semgrep:
name: SAST
runs-on: ubuntu-20.04
permissions:
# required for all workflows
security-events: write
# only required for workflows in private repositories
actions: read
contents: read
env:
TEST_REPOSITORY: "${{github.repository_owner}}/atc-router"
if: (github.actor != 'dependabot[bot]')
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v4
with:
repository: ${{env.TEST_REPOSITORY}}
token: ${{secrets.GITHUB_TOKEN}}
path: ${{env.TEST_REPOSITORY}}
- uses: ./security-actions/semgrep
with:
additional_config: '--config p/rust'
codeql_upload: false
fail_on_findings: false