Skip to content

Switch SAST workflow from semgrep to codeql #1827

@kriswest

Description

@kriswest

As part of work to improve our OpenSSSF scorecard result, the maintainers believe we should move from the free version of semgrep (not recognized by the openSSF scorecard) to codeQL.

See the scorecard docs for details: https://github.com/ossf/scorecard/blob/76c3e11cee0b6c358ec6b328605537d2be0e8970/docs/checks.md#sast

The workflow to replace is: https://github.com/finos/FDC3/blob/main/.github/workflows/semgrep.yml

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions