/action-semgrep

reviewdog action for semgrep - lightweight static analysis for many languages with rules that look like source code.

Primary LanguageShellMIT LicenseMIT

action-semgrep

Test reviewdog depup release GitHub release (latest SemVer) action-bumpr supported

reviewdog action for semgrep - lightweight static analysis for many languages with rules that look like source code.

Usage

name: reviewdog-semgrep
on: [pull_request]
jobs:
  # TODO: change `linter_name`.
  linter_name:
    name: runner / <linter_name>
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: g-wilson/action-semgrep@v1
        with:
          github_token: ${{ secrets.github_token }}
          # Change reviewdog reporter if you need [github-pr-check,github-check,github-pr-review].
          reporter: github-pr-review
          # Change reporter level if you need. GitHub Status Check won't become failure with warning.
          level: warning
          # Change filter mode if you need [added,diff_context,file,nofilter].
          filter_mode: file
          # Semgrep config string (URL, path to file, or policy)
          semgrep_config: p/gosec