fix

maxammann · maxammann · commit fced3e27d56e · 2025-11-28T15:33:42.000+01:00
diff --git a/.github/workflows/security-default-branch.yml b/.github/workflows/security-default-branch.yml
@@ -54,12 +54,13 @@ jobs:
         id: semgrep
         with:
           show_results_in_pr: false
-          results_format: json
+          results_format: sarif
       - uses: KittyCAD/gha-workflows/.github/actions/upload-defectdojo@security
         with:
           dd_token: ${{ secrets.DEFECTDOJO_API_TOKEN }}
           report_path: ${{ steps.semgrep.outputs.results_file_path }}
-          scan_type: Semgrep JSON Report
+          scan_type: SARIF
+          #scan_type: Semgrep JSON Report
           engagement: Semgrep
 
   zizmor:
@@ -93,6 +94,7 @@ jobs:
         id: scorecard
         with:
           gh_token: ${{ secrets.GITHUB_TOKEN }}
+      - run: git checkout main # Ensure we are on default branch
       - uses: KittyCAD/gha-workflows/.github/actions/upload-defectdojo@security
         with:
           dd_token: ${{ secrets.DEFECTDOJO_API_TOKEN }}
