ci: move semgrep rules out of repo (#28067)

Moving semgrep rules out of repos as it's unnecessary to maintain same ruleset for different repos and different branches.
2026-04-13 03:45:08 +00:00 · 2021-10-22 21:43:50 +05:30
parent 2bdaf7bb23
commit cc1baae5eb
14 changed files with 4 additions and 570 deletions
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -19,10 +19,13 @@ jobs:
      - name: Install and Run Pre-commit
        uses: pre-commit/action@v2.0.3

+      - name: Download Semgrep rules
+        run: git clone --depth 1 https://github.com/frappe/frappe-semgrep-rules.git
+
      - uses: returntocorp/semgrep-action@v1
        env:
            SEMGREP_TIMEOUT: 120
        with:
            config: >-
              r/python.lang.correctness
-              .github/helper/semgrep_rules
+              ./frappe-semgrep-rules/rules