ci: move semgrep to lint instead of security

jippi · jippi · commit c673e2912773 · 2024-05-11T22:29:58.000+02:00
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -68,3 +68,25 @@ jobs:
       - uses: github/codeql-action/autobuild@v3
 
       - uses: github/codeql-action/analyze@v3
+
+  # ------------------------------
+
+  semgrep:
+    runs-on: ubuntu-latest
+    name: semgrep
+    container:
+      image: returntocorp/semgrep
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/checkout@v4
+        with:
+          repository: dgryski/semgrep-go
+          path: rules
+
+      - uses: actions/setup-go@v5
+        with:
+          go-version-file: go.mod
+
+      - name: semgrep
+        run: semgrep scan --error --enable-nosem -f ./rules .
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -40,28 +40,6 @@ jobs:
 
   # ------------------------------
 
-  semgrep:
-    runs-on: ubuntu-latest
-    name: semgrep
-    container:
-      image: returntocorp/semgrep
-    steps:
-      - uses: actions/checkout@v4
-
-      - uses: actions/checkout@v4
-        with:
-          repository: dgryski/semgrep-go
-          path: rules
-
-      - uses: actions/setup-go@v5
-        with:
-          go-version-file: go.mod
-
-      - name: semgrep
-        run: semgrep scan --error --enable-nosem -f ./rules .
-
-  # ------------------------------
-
   gitleaks:
     runs-on: ubuntu-latest
     name: gitleaks
