Configure Semgrep to run without authentication in CI#1908
Configure Semgrep to run without authentication in CI#1908ericcornelissen merged 1 commit intomainfrom
Conversation
so we can run it for all contributions and don't depend on the availability of the Semgrep servers.
e2d540b to
ea53703
Compare
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
|
Comparison of scan results between these changes and the current setup below. In summary, this change appears to move from Semgrep Pro to Semgrep OSS(/Community). This translates to fewer rules being applied ( BeforeAfter |
Relates to #734, #1000
Summary
Reconfigure the CI to run Semgrep without auth so that we can run it for all contributions and don't depend on the availability of the Semgrep servers.