| Ankush Menat | 67e6472 | 2021-04-16 21:44:49 +0530 | [diff] [blame] | 1 | name: Semgrep |
| 2 | |
| 3 | on: |
| 4 | pull_request: |
| 5 | branches: |
| 6 | - develop |
| 7 | jobs: |
| 8 | semgrep: |
| 9 | name: Frappe Linter |
| 10 | runs-on: ubuntu-latest |
| 11 | steps: |
| 12 | - uses: actions/checkout@v2 |
| 13 | - name: Setup python3 |
| 14 | uses: actions/setup-python@v2 |
| 15 | with: |
| 16 | python-version: 3.8 |
| 17 | - name: Run semgrep |
| 18 | run: | |
| 19 | python -m pip install -q semgrep |
| 20 | git fetch origin $GITHUB_BASE_REF:$GITHUB_BASE_REF -q |
| 21 | files=$(git diff --name-only --diff-filter=d $GITHUB_BASE_REF) |
| 22 | [[ -d .github/helper/semgrep_rules ]] && semgrep --severity ERROR --config=.github/helper/semgrep_rules --quiet --error $files |
| 23 | semgrep --config="r/python.lang.correctness" --quiet --error $files |
| 24 | [[ -d .github/helper/semgrep_rules ]] && semgrep --severity WARNING --severity INFO --config=.github/helper/semgrep_rules --quiet $files |