Skip to content

chore(deps): update dependency semgrep to ~=1.97.0 #1590

chore(deps): update dependency semgrep to ~=1.97.0

chore(deps): update dependency semgrep to ~=1.97.0 #1590

Workflow file for this run

name: full-loop
on:
workflow_dispatch:
push:
branches: [main]
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
branches: [main]
permissions:
contents: read
jobs:
full-loop:
name: full-loop
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- uses: ./actions/main
name: Run action on full security-action repo
id: action
with:
debug: true
github_token: ${{ secrets.GITHUB_TOKEN }}
baseline_scan_only: false
gh_to_slack_user_map: ${{ secrets.GH_TO_SLACK_USER_MAP }}
- run: |
set -e
if ((${{ fromJson(steps.action.outputs.reviewdog-findings) }} < 106)); then
echo "Too few reviewdog findings"
exit 1
fi
if ((${{ fromJson(steps.action.outputs.safesvg-count) }} < 2)); then
echo "Too few safesvg findings"
exit 1
fi
if ((${{ fromJson(steps.action.outputs.tfsec-count) }} < 4)); then
echo "Too few tfsec findings"
exit 1
fi
if ((${{ fromJson(steps.action.outputs.semgrep-count) }} < 97)); then
echo "Too few semgrep findings"
exit 1
fi
if ((${{ fromJson(steps.action.outputs.sveltegrep-count) }} < 3)); then
echo "Too few sveltegrep findings"
exit 1
fi
if ((${{ fromJson(steps.action.outputs.npm-audit-count) }} < 3)); then
echo "Too few npm-audit findings"
exit 1
fi
if ((${{ fromJson(steps.action.outputs.pip-audit-count) }} < 2)); then
echo "Too few pip-audit findings"
exit 1
fi
shell: bash
name: Check number of findings