Skip to content

Commit

Permalink
Add semgrep
Browse files Browse the repository at this point in the history
  • Loading branch information
Ryan Laddusaw committed Sep 20, 2024
1 parent ae0c0df commit 071542c
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 0 deletions.
10 changes: 10 additions & 0 deletions .circleci/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,15 @@ jobs:
- setup-bundler
- run: bundle exec brakeman

semgrep:
docker:
- image: returntocorp/semgrep
steps:
- checkout
- run:
name: Check code against community-provided and custom semgrep rules
command: semgrep ci --config auto

bearer:
docker:
- image: cimg/ruby:3.2
Expand All @@ -163,6 +172,7 @@ workflows:
jobs:
- bearer
- build
- semgrep
- rubocop:
requires:
- build
Expand Down
19 changes: 19 additions & 0 deletions .semgrepignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# Common large paths
node_modules/
vendor/
*.min.js
spec/

# Semgrep rules folder
.semgrep

# Semgrep-action log folder
.semgrep_logs/

# Tickets to remediate these rules and remove from this list
config/
# https://github.com/pulibrary/lib_jobs/issues/847
app/models/
# https://github.com/pulibrary/lib_jobs/issues/848
app/controllers/
# https://github.com/pulibrary/lib_jobs/issues/849

0 comments on commit 071542c

Please sign in to comment.