From 79ea9a13d97165b987af7044f6c4b24b86b4a9d4 Mon Sep 17 00:00:00 2001
From: Avik Sengupta <avik@sengupta.net>
Date: Thu, 7 Sep 2023 14:03:55 +0530
Subject: [PATCH 1/2] Add semgrep ci

---
 .github/workflows/semgrep.jl | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 .github/workflows/semgrep.jl

diff --git a/.github/workflows/semgrep.jl b/.github/workflows/semgrep.jl
new file mode 100644
index 00000000..5101f7c9
--- /dev/null
+++ b/.github/workflows/semgrep.jl
@@ -0,0 +1,25 @@
+name: Semgrep
+on:
+  workflow_dispatch: {}
+  pull_request: {}
+  push:
+    branches:
+      - main
+      - master
+    paths:
+      - .github/workflows/semgrep.yml
+  schedule:
+    # random HH:MM to avoid a load spike on GitHub Actions at 00:00
+    - cron: '3 5 * * *'
+jobs:
+  semgrep:
+    name: semgrep/ci
+    runs-on: ubuntu-20.04
+    env:
+      SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
+    container:
+      image: returntocorp/semgrep
+    if: (github.actor != 'dependabot[bot]')
+    steps:
+      - uses: actions/checkout@v3
+      - run: semgrep ci

From ecd4f6274c88fef76e0e535bf994429c3cd6230b Mon Sep 17 00:00:00 2001
From: Avik Sengupta <avik@sengupta.net>
Date: Thu, 7 Sep 2023 14:06:05 +0530
Subject: [PATCH 2/2] Correct name to yml

---
 .github/workflows/{semgrep.jl => semgrep.yml} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename .github/workflows/{semgrep.jl => semgrep.yml} (100%)

diff --git a/.github/workflows/semgrep.jl b/.github/workflows/semgrep.yml
similarity index 100%
rename from .github/workflows/semgrep.jl
rename to .github/workflows/semgrep.yml