ci: fix build, update semgrep

Author: vooon

.github/workflows/build.yaml

@@ -21,4 +21,4 @@ jobs:
           GOOS: ${{ matrix.GOOS }}
           GOARCH: ${{ matrix.GOARCH }}
           CGO_ENABLED: 0
-        run: go build -trimpath
+        run: go build -trimpath ./...

.github/workflows/semgrep.yml

@@ -1,18 +1,30 @@
+name: Semgrep
+
 on:
   pull_request: {}
+  workflow_dispatch: {}
   push:
-    branches:
-    - main
-    - master
-name: Semgrep
+    branches: ["master", "main"]
+  schedule:
+    - cron: '20 17 * * *' # Sets Semgrep to scan every day at 17:20 UTC.
+
 jobs:
   semgrep:
-    name: Scan
+    name: semgrep/ci
     runs-on: ubuntu-latest
+
+    container:
+      # A Docker image with Semgrep installed. Do not change this.
+      image: returntocorp/semgrep
+
+    # Skip any PR created by dependabot to avoid permission issues:
+    if: (github.actor != 'dependabot[bot]')
+
     steps:
-    - uses: actions/checkout@v2
-    - uses: returntocorp/semgrep-action@v1
-      with:
-        auditOn: push
-        publishToken: ${{ secrets.SEMGREP_APP_TOKEN }}
-        publishDeployment: 1032
+      - uses: actions/checkout@v3
+      - run: semgrep ci
+        env:
+          # Connect to Semgrep Cloud Platform through your SEMGREP_APP_TOKEN.
+          # Generate a token from Semgrep Cloud Platform > Settings
+          # and add it to your GitHub secrets.
+          SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}