=== command
CI="true" GITHUB_ACTIONS="true" GITHUB_EVENT_NAME="pull_request" GITHUB_REPOSITORY="project_name/project_name" GITHUB_RUN_ID="35" GITHUB_ACTOR="some_test_username" GITHUB_REF="some/branch-name" GITHUB_EVENT_PATH="<MASKED>" SEMGREP_APP_TOKEN="fake-key-from-tests" SEMGREP_USER_AGENT_APPEND="pytest" SEMGREP_SETTINGS_FILE="<MASKED>" SEMGREP_VERSION_CACHE_PATH="<MASKED>" SEMGREP_ENABLE_VERSION_CHECK="0" SEMGREP_SEND_METRICS="off" semgrep ci --debug --no-force-color --no-suppress-errors
=== end of command

=== exit code
0
=== end of exit code

=== stdout - plain

Non-Blocking Findings:

  bar.py 
     eqeq-five
        useless comparison to 5

         ▶▶┆ Autofix ▶ (bar == 2)
          1┆ bar == 5

=== end of stdout - plain

=== stderr - plain
Scan environment:
  versions    - semgrep <MASKED> on python <MASKED>
  environment - running in environment github-actions, triggering event is pull_request
  server      - https://semgrep.dev

head branch (bar) has latest commit 17b3114fb3d41437abc2a3e6499db84ad921e6f0, fetching that commit now.
Trying to shallow fetch branch foo from origin
base branch (foo) has latest commit f7ee3123ed098941662685dd8b726fceee48f78d
Fixing git state for github action pull request
Calling git rev-parse HEAD
stashed_rev: 17b3114fb3d41437abc2a3e6499db84ad921e6f0
Not on head ref: 17b3114fb3d41437abc2a3e6499db84ad921e6f0; checking that out now.
Attempting to find merge base, attempt_count=0, fetch_depth=0
Attempting to find merge base, attempt_count=1, fetch_depth=4
Trying to fetch branch foo from origin as base branch
Trying to fetch branch bar as commit from origin as head branch tip commit
Using f7ee3123ed098941662685dd8b726fceee48f78d as the merge-base of f7ee3123ed098941662685dd8b726fceee48f78d and 17b3114fb3d41437abc2a3e6499db84ad921e6f0
Fetching configuration from semgrep.dev
Git root path: <MASKED>/copy
Getting scan configurations
Starting scan
Authenticated as org_name
semgrep version <MASKED>
running 6 rules from 1 config semgrep-app-rules
Initializing git status
Running git diff
Finished git diff. Parsing git status output
['A', 'bar.py']
Git status:
added: [PosixPath('bar.py')]
modified: []
removed: []
renamed: {}
unmerged: []
Initializing dirty paths
Git status output: 
finished getting dirty paths
{}
No .semgrepignore found. Using default .semgrepignore rules. See the docs for the list of default ignores: https://semgrep.dev<MASKED>
Rules:
- eqeq-bad
- eqeq-five
- eqeq-four
- supply-chain1
- supply-chain2
- taint-test
Passing whole rules directly to semgrep_core
Scanning 1 file with 4 python rules.
Running Semgrep engine with command:
/<MASKED>/semgrep<MASKED> -json -rules <MASKED>-json_time -fast --debug
--- semgrep-core stderr ---
<MASKED>
<MASKED>
<MASKED>
{
  "rules": [
    {
      "id": "eqeq-bad",
      "languages": [
        "python"
      ],
      "message": "useless comparison",
      "pattern": "$X == $X",
      "severity": "ERROR"
    },
    {
      "fix": "$X == 2",
      "id": "eqeq-five",
      "languages": [
        "python"
      ],
      "message": "useless comparison to 5",
      "metadata": {
        "dev.semgrep.actions": []
      },
      "pattern": "$X == 5",
      "severity": "ERROR"
    },
    {
      "id": "eqeq-four",
      "languages": [
        "python"
      ],
      "message": "useless comparison to 4",
      "metadata": {
        "dev.semgrep.actions": [
          "block"
        ]
      },
      "pattern": "$X == 4",
      "severity": "ERROR"
    },
    {
      "id": "taint-test",
      "languages": [
        "python"
      ],
      "message": "unsafe use of danger",
      "mode": "taint",
      "pattern-sinks": [
        {
          "pattern": "sink($X)"
        }
      ],
      "pattern-sources": [
        {
          "pattern": "danger"
        }
      ],
      "severity": "WARNING"
    }
  ]
}
<MASKED>
<MASKED>
<MASKED>
<MASKED>
<MASKED>
<MASKED>
<MASKED>
<MASKED>
<MASKED>
<MASKED>
<MASKED>
<MASKED>
<MASKED>
<MASKED>
--- end semgrep-core stderr ---
skipped 'bar.py' [rule RuleId(value='taint-test')]: SkipReason(value=IrrelevantRule()): No need to perform deeper matching because target does not contain some elements necessary for the rule to match 'taint-test'
Using AST-based autofix rendered in semgrep-core: `(bar == 2)`
semgrep ran in <MASKED> on 1 files
findings summary: 1 error, 0 warning
  Current version has 1 finding.

Skipping baseline scan, because all current findings are in files that didn't exist in the baseline commit.
Returning to original head revision 17b3114fb3d41437abc2a3e6499db84ad921e6f0

========================================
Files skipped:
========================================

  Always skipped by Semgrep:

   • <none>

  Skipped by .gitignore:
  (Disable by passing --no-git-ignore)

   • <all files not listed by `git ls-files` were skipped>

  Skipped by .semgrepignore:
  (See: https://semgrep.dev<MASKED>

   • <none>

  Skipped by --include patterns:

   • <none>

  Skipped by --exclude patterns:

   • <none>

  Skipped by limiting to files smaller than 1000000 bytes:
  (Adjust with the --max-target-bytes flag)

   • <none>

  Skipped by analysis failure due to parsing or internal Semgrep error

   • <none>


Some files were skipped or only partially analyzed.
  Scan was limited to files changed since baseline commit.

CI scan completed successfully.
  Found 1 finding (0 blocking) from 6 rules.
  Uploading findings to Semgrep App.
Sending findings and ignores blob: {
    "token": null,
    "gitlab_token": null,
    "findings": [
        {
            "check_id": "eqeq-five",
            "path": "bar.py",
            "line": 1,
            "column": 1,
            "end_line": 1,
            "end_column": 9,
            "message": "useless comparison to 5",
            "severity": 2,
            "index": 0,
            "commit_date":<MASKED>
            "syntactic_id": "79b90242d13e90751d81594d5863a672",
            "metadata": {
                "dev.semgrep.actions": []
            },
            "is_blocking": false,
            "match_based_id": "81ccf0034358a3caf8caef04451dc035f1b37240ce39ce08044ed5dcaafbe171d65792c5a3119e04e6802388c431ec8967d98a6c5666b1f4502a45df8b1eedd6_0"
        }
    ],
    "searched_paths": [
        "bar.py"
    ],
    "renamed_paths": [],
    "rule_ids": [
        "eqeq-bad",
        "eqeq-five",
        "eqeq-four",
        "taint-test",
        "supply-chain1",
        "supply-chain2"
    ],
    "cai_ids": [],
    "ignores": []
}
Sending complete blob: {
    "exit_code": 0,
    "stats": {
        "findings": 1,
        "errors": [],
        "total_time":<MASKED>
        "unsupported_exts": {},
        "lockfile_scan_info": {
            "poetry.lock": 1,
            "yarn.lock": 1
        },
        "parse_rate": {
            "python": {
                "targets_parsed": 1,
                "num_targets": 1,
                "bytes_parsed": 10,
                "num_bytes": 10
            }
        }
    }
}
  No blocking findings so exiting with code 0
Not sending pseudonymous metrics since metrics are configured to OFF and registry usage is False

=== end of stderr - plain