From 52099ab3f6d223cea84f09183bdcaf0f30cd7922 Mon Sep 17 00:00:00 2001
From: hrushikeshdeshpande
 <161167942+hrushikeshdeshpande@users.noreply.github.com>
Date: Sat, 21 Sep 2024 16:56:32 -0400
Subject: [PATCH 1/2] Update semgrep.yml

Updating Semgrep.yml file - Semgrep is a tool that will be used to scan Cloudflare's public repos for Supply chain, code and secrets. This work is part of Application & Product Security team's initiative to onboard Semgrep onto all of Cloudflare's public repos.

In case of any questions, please reach out to "Hrushikesh Deshpande" on cf internal chat.
---
 .github/workflows/semgrep.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index ede31f5..b40314b 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -1,4 +1,3 @@
-
 on:
   pull_request: {}
   workflow_dispatch: {}
@@ -6,11 +5,13 @@ on:
     branches:
       - main
       - master
+  schedule:
+    - cron: '0 0 * * *'
 name: Semgrep config
 jobs:
   semgrep:
     name: semgrep/ci
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     env:
       SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
       SEMGREP_URL: https://cloudflare.semgrep.dev
@@ -19,5 +20,5 @@ jobs:
     container:
       image: returntocorp/semgrep
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - run: semgrep ci

From aac379782068d9a871544bb88ac26fc7d5de0ad0 Mon Sep 17 00:00:00 2001
From: Hrushikesh Deshpande
 <161167942+hrushikeshdeshpande@users.noreply.github.com>
Date: Wed, 25 Sep 2024 00:23:00 -0400
Subject: [PATCH 2/2] Update semgrep.yml

---
 .github/workflows/semgrep.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index b40314b..4090692 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -18,7 +18,7 @@ jobs:
       SEMGREP_APP_URL: https://cloudflare.semgrep.dev
       SEMGREP_VERSION_CHECK_URL: https://cloudflare.semgrep.dev/api/check-version
     container:
-      image: returntocorp/semgrep
+      image: semgrep/semgrep
     steps:
       - uses: actions/checkout@v4
       - run: semgrep ci