Skip to content

Bump golang.org/x/sync from 0.6.0 to 0.8.0 #307

Bump golang.org/x/sync from 0.6.0 to 0.8.0

Bump golang.org/x/sync from 0.6.0 to 0.8.0 #307

Workflow file for this run

name: semgrep
on:
pull_request_target: {}
push:
branches: [master]
schedule:
- cron: '30 0 1,15 * *'
jobs:
scan:
runs-on: ubuntu-latest
container:
image: returntocorp/semgrep
# Skip any PR created by dependabot to avoid permission issues
if: (github.actor != 'dependabot[bot]')
steps:
- uses: actions/checkout@main
- name: Run Semgrep to check for vulnerabilities
run: semgrep ci
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_TOKEN }}