From 9f04d58bfc3befccc12936572d3886af83df0ded Mon Sep 17 00:00:00 2001
From: kencho <kencho.gigascience@gmail.com>
Date: Mon, 18 Nov 2024 16:39:09 +0800
Subject: [PATCH 1/2] refactor: make semgrep available in tag release

---
 ops/pipelines/gigadb-conformance-security-jobs.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ops/pipelines/gigadb-conformance-security-jobs.yml b/ops/pipelines/gigadb-conformance-security-jobs.yml
index 6a25e9a7b6..09c01fabb9 100644
--- a/ops/pipelines/gigadb-conformance-security-jobs.yml
+++ b/ops/pipelines/gigadb-conformance-security-jobs.yml
@@ -70,6 +70,8 @@ check_PHPDoc:
 
 semgrep-sast:
   stage: conformance and security
+  rules:
+    - if: $CI_COMMIT_BRANCH || $CI_COMMIT_TAG
 
 variables:
   CS_ANALYZER_IMAGE: "$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:6"

From 262e43c2994e8146bb19be354c4b553511e72e8a Mon Sep 17 00:00:00 2001
From: kencho <kencho.gigascience@gmail.com>
Date: Mon, 18 Nov 2024 16:52:16 +0800
Subject: [PATCH 2/2] doc: update change log

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d712416eb8..a8802e816f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## Unreleased
 
+- Fix #2094: Make Semgrep-based SAST analyzer available in tagged release
 - Feat #701: Code refactoring to separate upload status transitions and notifications to prepare for upload status overhaul
 - Security #1867: Update the gitlab static application security testing (SAST) job using the Semgrep-based analyzer