From c7f137262ce81d459884fbe863edb32b581b2323 Mon Sep 17 00:00:00 2001
From: Bill Napier <napier@pobox.com>
Date: Sat, 22 Mar 2025 04:18:23 +0000
Subject: [PATCH 1/2] also run github-actions ruleset

---
 .github/workflows/action_scanning.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/action_scanning.yml b/.github/workflows/action_scanning.yml
index 72207f7..a4b8dda 100644
--- a/.github/workflows/action_scanning.yml
+++ b/.github/workflows/action_scanning.yml
@@ -31,12 +31,12 @@ jobs:
         with:
           repository: 'google/github-team'
           path: action_scanning
-
       - name: 'Run Actions semgrep scan'
-        run: 'semgrep scan --sarif --config action_scanning/semgrep-rules/actions >> semgrep-results-actions.sarif'
+        run: 'semgrep scan --sarif --config action_scanning/semgrep-rules --config "p/github-actions" >> semgrep-results-actions.sarif'
 
       - name: 'Save Actions SARIF results as artifact'
         uses: 'actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02' # ratchet:actions/upload-artifact@v4
+
         with:
           name: 'semgrep-scan-results-actions'
           path: 'semgrep-results-actions.sarif'

From 79e4f3999271a09db363661aa9b68c0a8f2e625b Mon Sep 17 00:00:00 2001
From: Bill Napier <napier@pobox.com>
Date: Fri, 28 Mar 2025 02:22:02 +0000
Subject: [PATCH 2/2] yamlformat new yaml files.

---
 .github/workflows/action_scanning.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/action_scanning.yml b/.github/workflows/action_scanning.yml
index 0c51c4f..790ac00 100644
--- a/.github/workflows/action_scanning.yml
+++ b/.github/workflows/action_scanning.yml
@@ -25,10 +25,10 @@ jobs:
           repository: 'google/github-team'
           path: action_scanning
       - name: 'Run Actions semgrep scan'
-        run: 'semgrep scan --sarif --config action_scanning/semgrep-rules --config "p/github-actions" >> semgrep-results-actions.sarif'
+        run: 'semgrep scan --sarif --config action_scanning/semgrep-rules --config "p/github-actions"
+          >> semgrep-results-actions.sarif'
       - name: 'Save Actions SARIF results as artifact'
         uses: 'actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02' # ratchet:actions/upload-artifact@v4
-
         with:
           name: 'semgrep-scan-results-actions'
           path: 'semgrep-results-actions.sarif'