Skip to content

chore: upgrade Semgrep to latest#11

Merged
NyanKiyoshi merged 4 commits intomainfrom
chore/upgrade-semgrep
Mar 5, 2026
Merged

chore: upgrade Semgrep to latest#11
NyanKiyoshi merged 4 commits intomainfrom
chore/upgrade-semgrep

Conversation

@NyanKiyoshi
Copy link
Member

@NyanKiyoshi NyanKiyoshi commented Mar 4, 2026

Needed by #10, latest version fixes a bug with the --validate command (which causes the CI to fail). Version is also ancient thus needs upgrading

@NyanKiyoshi
chore: upgrade Semgrep to latest
b07a0b1 
Needed by #10, latest version fixes a bug with the `--validate` command (which causes the CI to fail). Version is also ancient thus needs upgrading
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 4, 2026
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 4, 2026
View reviewed changes
@NyanKiyoshi NyanKiyoshi marked this pull request as ready for review March 4, 2026 17:43
@NyanKiyoshi NyanKiyoshi requested review from a team, cmiacz, korycins and wcislo-saleor March 4, 2026 17:43
wcislo-saleor
wcislo-saleor approved these changes Mar 5, 2026
View reviewed changes
Makefile
@@ -0,0 +1,34 @@
semgrep_image ?= returntocorp/semgrep:1.153.1@sha256:50b839b576d76426efd3e5cffda2db0d8c403f53aa76e91d42ccf51485ac336c
Copy link
Member

@wcislo-saleor wcislo-saleor Mar 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Duplication (image tag) but I don't see a way to avoid that.

Copy link
Member Author

@NyanKiyoshi NyanKiyoshi Mar 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I don't think there is any way to not duplicate - unless we do a yq grep, that could be a good way (but then it assumes yq is installed which is a relatively uncommon package)

@NyanKiyoshi NyanKiyoshi merged commit c13b396 into main Mar 5, 2026
7 checks passed
@NyanKiyoshi NyanKiyoshi deleted the chore/upgrade-semgrep branch March 5, 2026 12:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@korycins korycins korycins approved these changes

@IKarbowiak IKarbowiak IKarbowiak approved these changes

@wcislo-saleor wcislo-saleor wcislo-saleor approved these changes

@cmiacz cmiacz Awaiting requested review from cmiacz cmiacz was automatically assigned from saleor/python-guild

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@NyanKiyoshi @korycins @IKarbowiak @wcislo-saleor