ci: remove PR trigger for semgrep

[jacobbednarz]

semgrep is slow and triggering this on all PR events is clogging the queue.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 5dc2893

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[jacobbednarz]

cc @hrushikeshdeshpande

[github-actions]

A wrangler prerelease is available for testing. You can install this latest build in your project with:

npm install --save-dev https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12149282797/npm-package-wrangler-7309

You can reference the automatically updated head of this PR with:

npm install --save-dev https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/prs/7309/npm-package-wrangler-7309

Or you can use npx with this latest build directly:

npx https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12149282797/npm-package-wrangler-7309 dev path/to/script.js

Additional artifacts:

npx https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12149282797/npm-package-create-cloudflare-7309 --no-auto-update

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12149282797/npm-package-cloudflare-kv-asset-handler-7309

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12149282797/npm-package-miniflare-7309

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12149282797/npm-package-cloudflare-pages-shared-7309

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12149282797/npm-package-cloudflare-vitest-pool-workers-7309

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12149282797/npm-package-cloudflare-workers-editor-shared-7309

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12149282797/npm-package-cloudflare-workers-shared-7309

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12149282797/npm-package-cloudflare-workflows-shared-7309

Note that these links will no longer work once the GitHub Actions artifact expires.

---

wrangler@3.91.0 includes the following runtime dependencies:

Package	Constraint	Resolved
miniflare	workspace:*	3.20241106.1
workerd	1.20241106.1	1.20241106.1
workerd --version	1.20241106.1	2024-11-06

Please ensure constraints are pinned, and miniflare/workerd minor versions match.

[penalosa]

Closing for now, since Semgrep runs on PRs is only a few minutes: https://github.com/cloudflare/workers-sdk/actions/runs/12088429210/job/33711923769?pr=7392

[jacobbednarz]

@penalosa the happy path isn't the issue here. it's when a handful of PRs are raised and we concurrency limits which are org wide and will impact other GitHub Action runners outside of just this repository. as they all share the concurrency limit, we need to do this for all active repositories.

[penalosa]

@jacobbednarz Is semgrep the main culprit here? This repo runs a lot of actions on each PR anyway. Or is the concurrency per workflow?

[jacobbednarz]

semgrep has been large contributing factor given the slowness of the AST checking it performs within some of the rules on larger repositories and the frequency it has been invoked. we've gone through and removed it for pushes, merges and PR events to prevent clogging the queue and stopping more critical GitHub Actions. without actioning this, it may impact the ability for you to do releases.

[penalosa]

As discussed internally, I've removed semgrep as a required check