Merge pull request #706 from m-1-k-3/semgrep

Semgrep rule disable
e-m-b-a · Jul 17, 2023 · ac156c2 · ac156c2
2 parents 9cbe2cc + 191dbd6
commit ac156c2
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
@@ -12,12 +12,15 @@ name: Semgrep
 
 on:
   push:
-    branches: [ "master" ]
+    branches:
+      - '**'
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ "master" ]
+    branches:
+      - '**'
   schedule:
     - cron: '40 17 * * 4'
+  workflow_dispatch:
 
 permissions:
   contents: read
@@ -40,7 +43,7 @@ jobs:
       # Fetch project source with GitHub Actions Checkout.
       - uses: actions/checkout@v3
       # Run the "semgrep ci" command on the command line of the docker image.
-      - run: semgrep ci --config auto
+      - run: semgrep ci --config auto --exclude-rule yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha.third-party-action-not-pinned-to-commit-sha
         env:
            # Add the rules that Semgrep uses by setting the SEMGREP_RULES environment variable. 
            SEMGREP_RULES: p/default # more at semgrep.dev/explore