mirror of
https://github.com/meshtastic/firmware.git
synced 2025-08-26 14:45:00 +00:00
28 lines
558 B
YAML
28 lines
558 B
YAML
---
|
|
name: Semgrep Differential Scan
|
|
on: pull_request
|
|
|
|
permissions: read-all
|
|
|
|
jobs:
|
|
semgrep-diff:
|
|
runs-on: ubuntu-24.04
|
|
container:
|
|
image: semgrep/semgrep
|
|
|
|
steps:
|
|
# step 1
|
|
- name: clone application source code
|
|
uses: actions/checkout@v5
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
# step 2
|
|
- name: differential scan
|
|
run: |
|
|
semgrep scan \
|
|
--error \
|
|
--metrics=off \
|
|
--baseline-commit ${{ github.event.pull_request.base.sha }} \
|
|
--config="p/default"
|