Intregrate Semgrep by adding semgrep.yml

Author: jonandersenverkada

.github/workflows/semgrep.yml

@@ -1,19 +1,19 @@
 
-        name: Security Semgrep
-        on:
-          pull_request: {} # Run a partial Semgrep analysis on all pull requests
-          # schedule: # Disable running a full analysis, for large repos it is too expensive.
-          #  - cron:  '17 2 * * 3'
-          workflow_dispatch: # Allow for manual run of Semgrep as well
-        jobs:
-          semgrep:
-            name: Scan
-            runs-on: ubuntu-latest
-            if: (github.actor != 'dependabot[bot]')
-            steps:
-              - uses: actions/checkout@v2
-              - uses: returntocorp/semgrep-action@v1
-                with:
-                  publishToken: ${{ secrets.SEMGREP_APP_TOKEN }}  # For publishing to semgrep.dev
-                  auditOn: push # Don't block on new issues in pull requests for now
-        
+          name: Security Semgrep
+          on:
+            pull_request: {} # Run a partial Semgrep analysis on all pull requests
+            # schedule: # Disable running a full analysis, for large repos it is too expensive.
+            #  - cron:  '17 2 * * 3'
+            workflow_dispatch: # Allow for manual run of Semgrep as well
+          jobs:
+            semgrep:
+              name: Scan
+              runs-on: ubuntu-latest
+              if: (github.actor != 'dependabot[bot]')
+              steps:
+                - uses: actions/checkout@v2
+                - uses: returntocorp/semgrep-action@v1
+                  with:
+                    publishToken: ${{ secrets.SEMGREP_APP_TOKEN }}  # For publishing to semgrep.dev
+                    auditOn: push # Don't block on new issues in pull requests for now
+