96a355c53d
- Instead of installing semgrep through PyPI on every run, leverage the upstream docker image. - This should isolate us from dependency updates required to run newer versions of semgrep
14 lines
375 B
YAML
14 lines
375 B
YAML
---
|
|
executor: semgrep
|
|
steps:
|
|
- checkout
|
|
- attach_workspace:
|
|
at: .
|
|
- run:
|
|
name: Run Semgrep Rules
|
|
command: |
|
|
# Alpine images can't run the make file due to a bash requirement. Run
|
|
# semgrep explicitly here.
|
|
export PATH="$HOME/.local/bin:$PATH"
|
|
semgrep --error --include '*.go' --exclude 'vendor' -f tools/semgrep/ci .
|