From 5ed952184d3eedacc8c9ad9831f594769ca2be51 Mon Sep 17 00:00:00 2001
From: Haoxi Tan <38898566+h4sh5@users.noreply.github.com>
Date: Wed, 6 Sep 2023 12:48:08 +1000
Subject: [PATCH] Update scan_new_packages.yml

---
 .github/workflows/scan_new_packages.yml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/scan_new_packages.yml b/.github/workflows/scan_new_packages.yml
index 2d05ba750..7ba3ef91e 100644
--- a/.github/workflows/scan_new_packages.yml
+++ b/.github/workflows/scan_new_packages.yml
@@ -35,9 +35,6 @@ jobs:
       run: |
         guarddog pypi verify -x empty_information -x release_zero -x single_python_file -x repository_integrity_mismatch  -x cmd-overwrite --output-format=json new.txt > report.json || echo guarddog error $?
     
-    # - name: run secret scan
-    #   run: semgrep --json -c p/secrets packages/ | tee -a secrets.jsonl.txt
-
     - name: run yara scan
       run: yara mal-library-ttps/yara-rules/sus_pkg.yara packages | tee  new_yara_results.txt
 
@@ -50,6 +47,9 @@ jobs:
         python3 raise_high_risk_pkgs.py || echo errors occurred here
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        
+    - name: run secret scan
+      run: semgrep --json -c p/secrets packages/ | tee secrets.jsonl.txt
 
 
     - name: Push scanned packages to cache
@@ -66,7 +66,7 @@ jobs:
         git pull
         git push 
 
-    - name: Archive code coverage results
+    - name: Archive report 
       uses: actions/upload-artifact@v3
       with:
         name: new-scan-report
@@ -75,3 +75,5 @@ jobs:
 
 
 
+
+