Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create codeql-analysis.yml #129

Merged
merged 1 commit into from
Dec 18, 2020
Merged

Create codeql-analysis.yml #129

merged 1 commit into from
Dec 18, 2020

Conversation

mmacata
Copy link
Member

@mmacata mmacata commented Dec 17, 2020

This PR adds Code-QL which is a tool for

Code scanning alerts
Automatically detect common vulnerability and coding errors

It will run for master branch and protected branches and for MRs into the master branch.
For more details see https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/enabling-code-scanning-for-a-repository

griembauer
griembauer approved these changes Dec 18, 2020
View reviewed changes
Copy link
Contributor

@griembauer griembauer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, very useful. How was this .yml generated? Did you follow the steps here (https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/enabling-code-scanning-for-a-repository) and this file was automatically generated? Or did you find a template somewhere?

@mmacata
Copy link
Member Author

mmacata commented Dec 18, 2020

Thanks, very useful. How was this .yml generated? Did you follow the steps here (https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/enabling-code-scanning-for-a-repository) and this file was automatically generated? Or did you find a template somewhere?

Yes I followed the steps on the page and it was automatically generated. The analysis did run on my fork and the report was generated as expected.

@mmacata mmacata merged commit fdc0d91 into actinia-org:master Dec 18, 2020
@neteler
Copy link
Member

neteler commented Dec 18, 2020

Nice work. The results are here:

https://github.com/mundialis/actinia_core/security/code-scanning

@neteler neteler mentioned this pull request Dec 18, 2020
Closed
@mmacata mmacata deleted the code-ql-init branch August 10, 2021 13:47
@mmacata mmacata added this to the 0.99.X milestone Nov 9, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@neteler neteler neteler approved these changes

@anikaweinmann anikaweinmann anikaweinmann approved these changes

@griembauer griembauer griembauer approved these changes

@metzm metzm Awaiting requested review from metzm

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.99.X
Development

Successfully merging this pull request may close these issues.
4 participants
@mmacata @neteler @anikaweinmann @griembauer