chore: prefer gosec for semgrep rule and turn on codeql (#3418)

pull/3435/head
Mark Collao 3 years ago committed by GitHub
parent b10a93d0e8
commit 75b4234668
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -6,7 +6,9 @@ on:
pull_request:
branches:
- 'main'
paths-ignore:
- 'website/'
jobs:
scan:
runs-on: ${{ fromJSON(vars.RUNNER_LARGE) }}

@ -14,12 +14,11 @@ repository {
plugin "semgrep" {
use_git_ignore = true
exclude = ["testing", "website"]
config = ["p/r2c-security-audit"]
exclude_rule = ["generic.html-templates.security.unquoted-attribute-var.unquoted-attribute-var"]
exclude = ["*_test.go", "website/*", "testing/*"]
config = ["p/gosec"]
}
# plugin "codeql" {
# languages = ["go"]
# }
plugin "codeql" {
languages = ["go"]
}
}

Loading…
Cancel
Save