Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(static-analysis): fixing diff aware scanning for semgrep #45

Merged
merged 2 commits into from
Dec 17, 2024
Merged

fix(static-analysis): fixing diff aware scanning for semgrep #45

merged 2 commits into from
Dec 17, 2024

Conversation

pkanoongo
Copy link
Contributor

Description:-

During the testing, we identified that the semgrep is not running the diff aware scans instead it is currently scanning the entire repo. As per the semgrep diff aware documentation, our current setup might be failing because the diff-aware scanning requires a baseline reference to compare against the branch head. As the part of this fix, we are dynamically determining the baseline branch for each repository for semgrep to compare. Creating this branch to test and confirm the fix.

Fixes:-
/static-analysis/semgrep/action.yaml.

@pkanoongo
Copy link
Contributor Author

No need to review or approve. Testing the fix on this branch.

@pkanoongo pkanoongo marked this pull request as ready for review December 10, 2024 20:42
@pkanoongo pkanoongo requested a review from a team as a code owner December 10, 2024 20:42
prathamesh16c
prathamesh16c requested changes Dec 16, 2024
View reviewed changes
Copy link
Contributor

@prathamesh16c prathamesh16c left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Small updates -

  • Please can we squash all commits into one
  • make this a feat since we are resuming checks again.

@pkanoongo pkanoongo force-pushed the semgrep_diffaware_fix branch from 6188872 to 022ebff Compare December 17, 2024 17:53
@pkanoongo
feat(static-analysis): semgrep check unpausing
0d24aea 
fix(static-analysis): fixing the failed checks

fix(static-analysis): fixing the failed checks regarding gh token

fix(static-analysis): fixing the failed checks

fix(static-analysis): fixing the failed checkss

fix(static-analysis): fixing the failed checkp

fix(static-analysis): fixing the failed checkp format

fix(static-anaysis): testing fix as suggested by semgrep team

fix(static-anaysis): testing fix as suggested by semgrep team adding fetch depth

fix(static-anaysis): testing fix as suggested by semgrep team adding fetch depth

fix(static-anaysis): testing fix as suggested by semgrep team adding fetch depth

fix(static-anaysis): adding fix suggested by semgrep support team
@pkanoongo
feat(static-analysis): resuming semgrep diff-aware checks
de570a5
@pkanoongo pkanoongo force-pushed the semgrep_diffaware_fix branch from 022ebff to de570a5 Compare December 17, 2024 19:00
@github-actions GitHub Actions
Copy link

Release notes preview

Below is a preview of the release notes if your PR gets merged.

2.3.0 (2024-12-17)

Features

  • static-analysis: resuming semgrep diff-aware checks (de570a5)
  • static-analysis: semgrep check unpausing (0d24aea)

Miscellaneous

  • deps: update dependency node to v18.20.4 (7d91d9b)
  • deps: update dependency node to v22 (3484024)
  • deps: update lacework/lw-scanner-action action to v1.4.3 (e6d46fa)
  • deps: update node.js to v22.12.0 (5275d96)
  • deps: update pre-commit hook alessandrojcm/commitlint-pre-commit-hook to v9.19.0 (9584d89)
  • deps: update pre-commit hook pre-commit/pre-commit-hooks to v5 (33abebe)
  • deps: update pre-commit hook rhysd/actionlint to v1.7.3 (966955d)
  • deps: update pre-commit hook rhysd/actionlint to v1.7.4 (a867114)
  • deps: update thollander/actions-comment-pull-request action to v3 (2ee40ca)

@pkanoongo
Copy link
Contributor Author

All previous commits are squashed.

@pkanoongo pkanoongo merged commit c877ffb into main Dec 17, 2024
2 checks passed
@pkanoongo pkanoongo deleted the semgrep_diffaware_fix branch December 17, 2024 19:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@prathamesh16c prathamesh16c prathamesh16c approved these changes

@tagoro9 tagoro9 tagoro9 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@pkanoongo @tagoro9 @prathamesh16c