From fce182f1a77cd8f0d0780aeacc0fdc81d69b5607 Mon Sep 17 00:00:00 2001
From: Jonathan Styles <github@jontyms.com>
Date: Tue, 26 Mar 2024 13:48:27 -0400
Subject: [PATCH] Semgrep - Upload sarif to github security

---
 .github/workflows/semgrep.yml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index 64bc164..7c5544a 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -31,4 +31,12 @@ jobs:
       # Fetch project source with GitHub Actions Checkout.
       - uses: actions/checkout@v3
       # Run the "semgrep scan" command on the command line of the docker image.
-      - run: semgrep scan --config auto
+      - run: semgrep scan --config auto --sarif > findings.sarif
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          # Path to SARIF file relative to the root of the repository
+          sarif_file: findings.sarif
+          # Optional category for the results
+          # Used to differentiate multiple results for one commit
+          category: semgrep-oss