From f01077e155924779e5b6b132f452f757b59da9f4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E2=80=9Cswati31196=E2=80=9D?=
 <swatichoudhary15b58@gmail.com>
Date: Fri, 5 Aug 2022 18:02:17 +0530
Subject: [PATCH 1/2] semgrep and dependabot intg

---
 .github/dependabot.yml         |  8 ++++++++
 .github/workflows/security.yml | 20 ++++++++++++++++++++
 2 files changed, 28 insertions(+)
 create mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/security.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 00000000..60349843
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,8 @@
+version: 2
+updates:
+  - package-ecosystem: gomod
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "04:00"
+      timezone: Asia/Calcutta
\ No newline at end of file
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
new file mode 100644
index 00000000..d009c133
--- /dev/null
+++ b/.github/workflows/security.yml
@@ -0,0 +1,20 @@
+name: Security
+on:
+  workflow_dispatch:
+  pull_request: { }
+  push:
+    branches: [ "dev" ]
+  schedule:
+    - cron: '30 20 * * *'
+jobs:
+  security-sast:
+    uses: razorpay/security-action/.github/workflows/semgrep.yml@master
+    secrets:
+      SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
+
+  security-statuscheck:
+    needs: [ security-sast ]
+    if: always()
+    uses: razorpay/security-action/.github/workflows/status_check.yml@master
+    with:
+      WORKFLOW_RESULT: ${{ needs.security-sast.result == 'success' && needs.security-sast.result != 'cancelled' || 'false' }}
\ No newline at end of file

From 9534644a399d52cce71ccc6c9bae015859f3f9c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E2=80=9Cswati31196=E2=80=9D?=
 <swatichoudhary15b58@gmail.com>
Date: Mon, 8 Aug 2022 13:16:18 +0530
Subject: [PATCH 2/2] minor change

---
 .github/workflows/security.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index d009c133..44c4372c 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -17,4 +17,9 @@ jobs:
     if: always()
     uses: razorpay/security-action/.github/workflows/status_check.yml@master
     with:
-      WORKFLOW_RESULT: ${{ needs.security-sast.result == 'success' && needs.security-sast.result != 'cancelled' || 'false' }}
\ No newline at end of file
+      WORKFLOW_RESULT: ${{ needs.security-sast.result == 'success' && needs.security-sast.result != 'cancelled' || 'false' }}
+
+  scan-dependencies:
+    uses: razorpay/security-action/.github/workflows/dependency-scanner.yml@master
+    with:
+      DEPENDABOT_PATH: ".github/dependabot.yml"