Skip to content

Commit e4a7b12

Browse files
committed
Upload semgrep report to GitHub code scanning
1 parent 2d34dbf commit e4a7b12

File tree

1 file changed

+8
-1
lines changed

1 file changed

+8
-1
lines changed

.github/workflows/static-analysis.yml

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,8 @@ on:
1212
- "v*.*"
1313
- "master"
1414
- "feature/*"
15+
tags:
16+
- "*"
1517

1618
jobs:
1719
semgrep:
@@ -27,4 +29,9 @@ jobs:
2729
submodules: true
2830

2931
- name: "Scan"
30-
run: semgrep scan --error
32+
run: semgrep scan --sarif-output=semgrep.sarif
33+
34+
- name: "Upload SARIF report"
35+
uses: "github/codeql-action/upload-sarif@v3"
36+
with:
37+
sarif_file: semgrep.sarif

0 commit comments

Comments
 (0)