Skip to content

ci: remove semgrep from Python deps #221

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mergify merged 1 commit into from
Sep 29, 2025
Merged

ci: remove semgrep from Python deps #221

mergify merged 1 commit into from
Sep 29, 2025

Conversation

@jd
Copy link
Member

@jd jd commented Sep 29, 2025

This lighten the dependencies chain, making less packages to update and
install.

Copilot AI review requested due to automatic review settings September 29, 2025 11:52
Copilot AI reviewed Sep 29, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR removes the semgrep dependency from Python's package dependencies and moves semgrep execution to a separate CI job using a Docker container. This change reduces the Python dependency chain while maintaining semgrep functionality through containerization.

  • Removed semgrep from pyproject.toml dependencies
  • Updated poe task to use external script instead of direct semgrep command
  • Added dedicated semgrep CI job using Docker container
  • Updated Mergify configuration to include semgrep check

Reviewed Changes

Copilot reviewed 4 out of 5 changed files in this pull request and generated 1 comment.

File Description
pyproject.toml Removes semgrep from Python development dependencies
poe.toml Updates semgrep task to use external tools/semgrep script
.mergify.yml Adds semgrep check requirement for merge queue
.github/workflows/ci.yaml Adds dedicated semgrep job using Docker container

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@mergify
Copy link
Contributor

mergify bot commented Sep 29, 2025
edited
Loading

Merge Protections

Your pull request matches the following merge protections and will not be merged until they are valid.

🟢 Changelog requirements

Wonderful, this rule succeeded.
  • any of:
    • -title ~= ^feat
    • label = need changelog
    • label = skip changelog

🟢 Enforce conventional commit

Wonderful, this rule succeeded.

Make sure that we follow https://www.conventionalcommits.org/en/v1.0.0/

  • title ~= ^(fix|feat|docs|style|refactor|perf|test|build|ci|chore|revert)(?:\(.+\))?:

🟢 🔎 Reviews

Wonderful, this rule succeeded.
  • #changes-requested-reviews-by = 0
  • #review-requested = 0
  • #review-threads-unresolved = 0

@mergify mergify bot requested a review from a team September 29, 2025 11:53
@jd
ci: remove semgrep from Python deps
f4cc6f7 
This lighten the dependencies chain, making less packages to update and
install.

Change-Id: I771475ff87dac4cb1d872c379327ccae0082701a
@jd jd force-pushed the devs/jd/remove-semgrep/I771475ff87dac4cb1d872c379327ccae0082701a branch from a03100b to f4cc6f7 Compare September 29, 2025 12:07
JulianMaurin
JulianMaurin reviewed Sep 29, 2025
View reviewed changes
@mergify mergify bot merged commit cd2345a into main Sep 29, 2025
15 checks passed
@mergify mergify bot removed the queued label Sep 29, 2025
@mergify mergify bot deleted the devs/jd/remove-semgrep/I771475ff87dac4cb1d872c379327ccae0082701a branch September 29, 2025 13:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Greesb Greesb Greesb left review comments

Copilot code review Copilot Copilot left review comments

@sileht sileht sileht approved these changes

@JulianMaurin JulianMaurin JulianMaurin approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jd @sileht @Greesb @JulianMaurin