update semgrep exludes (#18090)

2025-10-30 10:12:35 +00:00 · 2022-11-22 15:19:35 -06:00
parent 9fcb17c5c7
commit 99a1fb2f62
2 changed files with 2 additions and 1 deletions
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -28,7 +28,7 @@ jobs:
        repository: hashicorp/security-scanner
        token: ${{ secrets.HASHIBOT_PRODSEC_GITHUB_TOKEN }}
        path: security-scanner
-        ref: e8f142fef6ca9601300072c8eddef4f79e47368a
+        ref: 2526c196a28bb367b1ac6c997ff48e9ebf06834f

    - name: Install dependencies
      shell: bash
--- a/scan.hcl
+++ b/scan.hcl
@@ -13,6 +13,7 @@ repository {
    use_git_ignore = true
    exclude = ["vendor"]
    config = ["tools/semgrep/ci", "p/r2c-security-audit"]
+    exclude_rule = ["generic.html-templates.security.unquoted-attribute-var.unquoted-attribute-var"]
  }
  
  plugin "codeql" {