mirror of
				https://github.com/meshtastic/firmware.git
				synced 2025-10-25 06:12:48 +00:00 
			
		
		
		
	![renovate[bot]](/assets/img/avatar_default.png) e98da27446
			
		
	
	
		e98da27446
		
			
		
	
	
	
		
			
	
		
	
	
		
			Some checks are pending
		
		
	
	CI / setup (check) (push) Waiting to run
				
			CI / setup (esp32) (push) Waiting to run
				
			CI / setup (esp32c3) (push) Waiting to run
				
			CI / setup (esp32c6) (push) Waiting to run
				
			CI / setup (esp32s3) (push) Waiting to run
				
			CI / setup (nrf52840) (push) Waiting to run
				
			CI / setup (rp2040) (push) Waiting to run
				
			CI / setup (stm32) (push) Waiting to run
				
			CI / check (push) Blocked by required conditions
				
			CI / build-esp32 (push) Blocked by required conditions
				
			CI / build-esp32-s3 (push) Blocked by required conditions
				
			CI / build-esp32-c3 (push) Blocked by required conditions
				
			CI / build-esp32-c6 (push) Blocked by required conditions
				
			CI / build-nrf52 (push) Blocked by required conditions
				
			CI / build-rpi2040 (push) Blocked by required conditions
				
			CI / build-stm32 (push) Blocked by required conditions
				
			CI / build-debian-src (push) Waiting to run
				
			CI / package-pio-deps-native-tft (push) Waiting to run
				
			CI / test-native (push) Waiting to run
				
			CI / docker-debian-amd64 (push) Waiting to run
				
			CI / docker-alpine-amd64 (push) Waiting to run
				
			CI / docker-debian-arm64 (push) Waiting to run
				
			CI / docker-debian-armv7 (push) Waiting to run
				
			CI / after-checks (push) Blocked by required conditions
				
			CI / gather-artifacts (esp32) (push) Blocked by required conditions
				
			CI / gather-artifacts (esp32c3) (push) Blocked by required conditions
				
			CI / gather-artifacts (esp32c6) (push) Blocked by required conditions
				
			CI / gather-artifacts (esp32s3) (push) Blocked by required conditions
				
			CI / gather-artifacts (nrf52840) (push) Blocked by required conditions
				
			CI / gather-artifacts (rp2040) (push) Blocked by required conditions
				
			CI / gather-artifacts (stm32) (push) Blocked by required conditions
				
			CI / release-artifacts (push) Blocked by required conditions
				
			CI / release-firmware (esp32) (push) Blocked by required conditions
				
			CI / release-firmware (esp32c3) (push) Blocked by required conditions
				
			CI / release-firmware (esp32c6) (push) Blocked by required conditions
				
			CI / release-firmware (esp32s3) (push) Blocked by required conditions
				
			CI / release-firmware (nrf52840) (push) Blocked by required conditions
				
			CI / release-firmware (rp2040) (push) Blocked by required conditions
				
			CI / release-firmware (stm32) (push) Blocked by required conditions
				
			Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
		
			
				
	
	
		
			28 lines
		
	
	
		
			558 B
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			28 lines
		
	
	
		
			558 B
		
	
	
	
		
			YAML
		
	
	
	
	
	
| ---
 | |
| name: Semgrep Differential Scan
 | |
| on: pull_request
 | |
| 
 | |
| permissions: read-all
 | |
| 
 | |
| jobs:
 | |
|   semgrep-diff:
 | |
|     runs-on: ubuntu-24.04
 | |
|     container:
 | |
|       image: semgrep/semgrep
 | |
| 
 | |
|     steps:
 | |
|       # step 1
 | |
|       - name: clone application source code
 | |
|         uses: actions/checkout@v4
 | |
|         with:
 | |
|           fetch-depth: 0
 | |
| 
 | |
|       # step 2
 | |
|       - name: differential scan
 | |
|         run: |
 | |
|           semgrep scan \
 | |
|             --error \
 | |
|             --metrics=off \
 | |
|             --baseline-commit ${{ github.event.pull_request.base.sha }} \
 | |
|             --config="p/default"          
 |