Skip to content
You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
align-left

GitHub Action

semgrep-action

v0.4

semgrep-action

align-left

semgrep-action

Easily detect and prevent bugs and anti-patterns in your codebase

Installation

Copy and paste the following snippet into your .yml file.

              

- name: semgrep-action

uses: semgrep/semgrep-action@v0.4

Learn more about this action in semgrep/semgrep-action

Choose a version

semgrep action

This action runs semgrep and returns the output

Inputs

config

The config file|directory|yaml_url|tar|url|registry_name.

output

The output arg file|url

targets

The target(s) to scan

error

If true will exit 1 which will break the build.

Outputs

output

The output of semgrep

Example usage

Put in .github/workflows/semgrep.yml

name: semgrep

on: [push]

jobs:
  self_test:
    runs-on: ubuntu-latest
    name: A job to run semgrep
    steps:
      - uses: actions/checkout@v2
      - name: semgrep action step
        id: semgrep
        uses: returntocorp/semgrep-action@develop
        with:
          config: tests/self_test.yml
          targets: tests'
      - name: Get the output from semgrep
        run: echo "semgrep ${{ steps.semgrep.outputs.output }}"