Semgrep is optional, action QA

ajinabraham · Nov 14, 2024 · ed4476c · ed4476c
1 parent 56ebeaf
commit ed4476c
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 7 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -24,7 +24,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.2.2
 
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v2

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -10,9 +10,9 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4.2.2
     - name: Set up Python
-      uses: actions/setup-python@v3
+      uses: actions/setup-python@v5.3.0
       with:
         python-version: '3.x'
     - name: Install dependencies

diff --git a/.github/workflows/python_test.yml b/.github/workflows/python_test.yml
@@ -19,9 +19,9 @@ jobs:
         python-version: ['3.10', '3.11', '3.12']
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4.2.2
     - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v3
+      uses: actions/setup-python@v5.3.0
       with:
         python-version: ${{ matrix.python-version }}
     - name: Install dependencies
@@ -33,7 +33,7 @@ jobs:
         tox -e lint
     - name: Install libsast
       run: |
-        poetry install --no-interaction --no-ansi
+        poetry install --no-interaction --no-ansi --with semgrep
     - name: Bandit Scan
       run: |
         poetry run bandit -ll libsast -r

diff --git a/README.md b/README.md
@@ -17,7 +17,10 @@ Made with ![Love](https://cloud.githubusercontent.com/assets/4301109/16754758/82
 
 ## Install
 
-`pip install libsast`
+```bash
+pip install semgrep==1.86.0 #For semgrep support
+pip install libsast
+```
 
 Pattern Matcher is cross-platform, but Semgrep supports only Mac and Linux.